Virus detectados ¿quedan rastros?

Hola, ambos.

Y no, no hice nada de frica del otro tema ya que me habías dicho que no era bueno hacer ambas cosas al mismo tiempo, que prosiga con el otro una vez que se haya verificado que no haya nada de malwares

OK entendido @Diarasas

:one: Desactivas tu antivirus :arrow_forward: Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).

Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits.?

:warning: Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

:two: Farbar Recovery Scan Tool

  1. Ejecutas el FRST.exe (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).

  2. Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.

  3. En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.

  4. Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.

:three: Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado. También conectas nuevamente tu equipo a Internet.

:four: PRÓXIMA RESPUESTA

Pegas los reportes de FRST y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

  • No realices pasos/acciones que NOSOTROS no te hayamos indicado.
  • No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
  • No instales NADA (programas/software/complementos/extensiones del navegador…).
  • No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
  • No realices por tu cuenta otros procedimientos.
  • Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

:warning: Muy Importante :warning: Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

Salu2.

Hola, dejo los reportes, saludos

FRST

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 28-02-2021
Ejecutado por Gastón (administrador) sobre IDEAPC (LENOVO 20150) (04-03-2021 20:00:12)
Ejecutado desde C:\Users\Gastón.idea-PC\Desktop
Perfiles cargados: Gastón
Platform: Windows 8.1 Single Language (Update) (X64) Idioma: Español (España, internacional)
Navegador predeterminado: "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" --single-argument %1
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\StikyNot.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) [Archivo no firmado]
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel® Services Manager -> Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [NoThumbnailCache] 1
HKLM\...\Policies\Explorer: [DisableThumbnailCache] 1
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [NoPublishingWizard] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Run: [f.lux] => C:\Users\Gastón.idea-PC\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Michael Herf -> Flux Software LLC)
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [123792272 2021-02-22] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-28] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2166216 2021-02-24] (Brave Software, Inc. -> Brave Software, Inc.)
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\Run: [f.lux] => C:\Users\Gastón.idea-PC\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Michael Herf -> Flux Software LLC)
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-28] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\Run: [f.lux] => C:\Users\Gastón.idea-PC\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Michael Herf -> Flux Software LLC)
HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-28] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\Run: [STUISpeedLauncher] => "C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe" -speedlauncher -minVer:6.6.58.0
HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\us005PC: C:\Windows\System32\spool\prtprocs\x64\us005pc.dll [52240 2016-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Nitro PDF Port Monitor: C:\WINDOWS\system32\nitrolocalmon2.dll [29704 2012-12-13] (Nitro PDF Software -> Nitro PDF Software)
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\us005 Langmon: C:\WINDOWS\system32\us005lm.dll [31256 2016-09-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\89.1.21.73\Installer\chrmstp.exe [2021-03-03] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-01-24] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-01-24] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acelerador de inicio de AutoCAD.lnk [2016-06-16]
ShortcutTarget: Acelerador de inicio de AutoCAD.lnk -> C:\Program Files (x86)\Common Files\Autodesk Shared\acstart17.exe (Autodesk, Inc -> Autodesk, Inc)
Startup: C:\Users\Gastón.idea-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk [2021-02-20]
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe (June Fabrics Technology Inc. -> )
BootExecute: autocheck autochk * sdnclean64.exe
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {0813AF20-659B-4445-9E56-BB8FC5CF3346} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {0CE4F5A8-F4CA-45E4-AC54-6834A43B5988} - System32\Tasks\Microsoft\Windows\PLA\WPPTracingSession => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "WPPTracingSession" "$(Arg0)"
Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {11E4D3ED-D620-4FD8-AF84-A6B789DA242D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [978672 2017-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {139788A8-F7FD-4B88-BC47-F66A3AC2EFCD} - System32\Tasks\UsbFix Monitor => C:\Program Files (x86)\UsbFix\Modules\UsbFixMonitor.exe [1239176 2020-12-02] (SOSVIRUS (LE BOZEC CEDRIC, DOMINIQUE, MARIE) -> )
Task: {1808EBE6-33B6-4E4B-AC95-DF54ACD237EE} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157544 2020-07-22] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {1ACBE919-7AC7-4EFB-A076-17E61FB13151} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B1C8F00-FA30-49C9-8A04-B4F9FBEEB9B3} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {2EA21998-14F2-44C7-946A-1070CFA87DCF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {2FDCE8D8-DC52-4CBD-897C-FDE12823E88E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\BraveSoftwareUpdateTaskMachineCore" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\BraveSoftwareUpdateTaskMachineUA" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\Java Update Scheduler" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {67A9884E-E842-4593-AA7F-A3C9388232A6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {69F69A34-524B-4901-92FD-05FBDD8D0C08} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {8626F4D6-2AE4-4526-AF36-E08513EFCD54} - System32\Tasks\Google Updater and Installer => C:\Users\Gastón\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-06-12] (Google Inc -> Google Inc.)
Task: {88A4F2D3-5D09-4C2D-945D-E8041C360C09} - System32\Tasks\UsbFix Boot Scan => C:\Program Files (x86)\UsbFix\UsbFix.exe [2053256 2020-12-02] (SOSVIRUS (LE BOZEC CEDRIC, DOMINIQUE, MARIE) -> )
Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {9D080B6F-914C-4B49-8F56-68CE7D609E7F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [978672 2017-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F982064-3372-400C-B7A8-EE8DFA35BDFA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A93978FA-15D9-4C85-BE53-CE2788E74212} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {ABC584C4-7B63-4D2E-8686-B9777D34D832} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle America, Inc. -> Oracle Corporation)
Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {ECA9C953-9493-41ED-8707-CBE0E969D7A0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4C4FD96-1DB7-43F1-B0F0-7C94A9AB7D97} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157544 2020-07-22] (Brave Software, Inc. -> BraveSoftware Inc.)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 190.105.0.4 190.105.0.5
Tcpip\..\Interfaces\{5C517605-40D6-45EB-BF01-0EF24F14546E}: [NameServer] 10.129.132.1
Tcpip\..\Interfaces\{6FA458E3-03A5-460E-85BC-F581433F1F05}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{8B09C289-CF1B-4C59-B3A0-08F027A2FBD8}: [DhcpNameServer] 190.105.0.4 190.105.0.5

FireFox:
========
FF ProfilePath: C:\Users\Gastón.idea-PC\AppData\Roaming\Mozilla\Firefox\Profiles\4JP5qivp.default [2021-02-20]
FF Extension: (Avira Password Manager) - C:\Users\Gastón.idea-PC\AppData\Roaming\Mozilla\Firefox\Profiles\4JP5qivp.default\Extensions\[email protected] [2020-04-27]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => no encontrado
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => no encontrado
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [Ningún archivo]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-08-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2012-12-13] (Nitro PDF Software -> Nitro PDF)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-07-22] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-07-22] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin HKU\S-1-5-21-4206844412-3915076-1266158226-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gastón.idea-PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies SF -> Unity Technologies ApS)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Gastón.idea-PC\AppData\Local\Google\Chrome\User Data\Default [2021-02-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gastón.idea-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-10-06]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm

Brave: 
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-03-04]
BRA DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}&t=brave
BRA DefaultSearchKeyword: Default -> :d
BRA DefaultSuggestURL: Default -> hxxps://ac.duckduckgo.com/ac/?q={searchTerms}&type=list
BRA Extension: (Video Downloader professional) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2020-07-24]
BRA Extension: (Secure Bookmarks) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\leocjgngiajhfiikjolfhcpiokgbinep [2020-07-21]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-02-20]
BRA Extension: (Brave User Model Installer) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\ahiocclicnhmiobhocikfdamfccbehhn [2020-12-20]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-03-04]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-11-29]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\golcdmhaefcpmdoofahgnhnfldidgjfl [2021-03-04]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-02-20]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-03-02]
BRA Extension: (Origin Trials Updates) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\OriginTrials [2020-10-02]
BRA Extension: (Brave Ad Block Updater (EasyList Spanish)) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\pdecoifadfkklajdlmndjpkhabpklldh [2021-03-04]
StartMenuInternet: Brave - C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-24] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado]
S4 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [77944 2014-06-21] (Autodesk, Inc -> Autodesk)
S2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe [384280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5708808 2018-04-21] (BattlEye Innovations e.K. -> )
S4 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157544 2020-07-22] (Brave Software, Inc. -> BraveSoftware Inc.)
S4 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157544 2020-07-22] (Brave Software, Inc. -> BraveSoftware Inc.)
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation -> Microsoft Corporation)
S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [775296 2018-04-21] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10897296 2021-02-22] (Logitech Inc -> Logitech, Inc.)
S4 LmpcService; C:\Program Files\Lock My PC 4\LmpcServ.exe [52592 2007-06-12] (FSPro Labs -> )
S4 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software -> Nitro PDF Software)
S4 nlsX86cc; C:\WINDOWS\SysWOW64\NLSSRV32.EXE [70152 2012-12-13] (Nitro PDF Software -> Nalpeiron Ltd.)
S3 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [508488 2018-04-25] (HP Inc. -> )
S4 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [143664 2018-04-11] (Samsung Electronics CO., LTD. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S4 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-01-24] (Atheros) [Archivo no firmado]

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 AMPPAL; C:\WINDOWS\System32\drivers\AMPPAL.sys [195584 2011-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 aswTap; C:\WINDOWS\system32\DRIVERS\aswTap.sys [44640 2014-04-22] (AVAST Software a.s. -> The OpenVPN Project)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 fwdrv; C:\WINDOWS\system32\DRIVERS\fwdrv.sys [27840 2014-03-22] (Web Solution Mart -> Web Solution Mart)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-05-14] (Martin Malik - REALiX -> REALiX(tm))
S1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [657176 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1400584 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [96008 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
U0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [230976 2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
U3 klupd_klif_arkmon_F72F513E; C:\ProgramData\Kaspersky Lab\AVP21.3\Temp\F72F513E72BB3F8E3F39DFAA1323484A\klupd_klif_arkmon.sys [230976 2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
U3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [86656 2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
U0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [101112 2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
U3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [190952 2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 LGHUBTemperatureService; C:\ProgramData\LGHUB\depots\73248\driver_cpu_temperature\logi_core_temp.sys [25448 2021-02-22] (Logitech Inc. -> Logitech)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [38136 2021-02-22] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [26672 2021-02-22] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66808 2021-02-22] (Logitech Inc -> Logitech)
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [58280 2018-07-27] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
S3 Neo_VPN; C:\WINDOWS\system32\DRIVERS\Neo_VPN.sys [38432 2018-03-10] (SoftEther Corporation -> SoftEther Corporation)
S3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [29888 2020-06-10] (TEFINCOM S.A. -> WireGuard LLC)
S3 phantomtap; C:\WINDOWS\system32\DRIVERS\phantomtap.sys [35664 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [50888 2018-06-09] (SoftEther Corporation -> SoftEther Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap-tb-0901; C:\WINDOWS\system32\DRIVERS\tap-tb-0901.sys [38656 2015-08-10] (TunnelBear, Inc. -> The OpenVPN Project)
R3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapnordvpn; C:\WINDOWS\system32\DRIVERS\tapnordvpn.sys [35592 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\system32\DRIVERS\tapprotonvpn.sys [39864 2020-04-06] (ProtonVPN AG -> The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\system32\DRIVERS\tapwindscribe0901.sys [45560 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
R3 TS_ARN5416; C:\WINDOWS\system32\DRIVERS\ts_athrx.sys [3508584 2017-05-11] (TamoSoft Ltd -> TamoSoft)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-12-18] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [194976 2015-12-18] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [125008 2015-11-10] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29576 2020-08-02] (WireGuard LLC -> WireGuard LLC)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
U4 amdlog; no ImagePath
U4 autotimesvc; no ImagePath
U4 BcastDVRUserService; no ImagePath
U2 camsvc; no ImagePath
U4 CaptureService; no ImagePath
U2 cbdhsvc; no ImagePath
U4 CDPUserSvc; no ImagePath
U2 ConsentUxUserSvc; no ImagePath
U4 CscService; no ImagePath
U2 DeviceAssociationBrokerSvc; no ImagePath
U2 DevicePickerUserSvc; no ImagePath
U2 DevicesFlowUserSvc; no ImagePath
U4 diagnosticshub.standardcollector.service; no ImagePath
U4 diagsvc; no ImagePath
U4 dmwappushservice; no ImagePath
U4 dmwappushsvc; no ImagePath
U4 DsSvc; no ImagePath
U4 DusmSvc; no ImagePath
U4 edgeupdate; no ImagePath
U4 edgeupdatem; no ImagePath
U4 FrameServer; no ImagePath
U4 icssvc; no ImagePath
U4 IpxlatCfgSvc; no ImagePath
R4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
U4 MapsBroker; no ImagePath
U4 MessagingService; no ImagePath
U4 MicrosoftEdgeElevationService; no ImagePath
U4 NfsClnt; no ImagePath
U4 NvTelemetryContainer; no ImagePath
U4 perceptionsimulation; no ImagePath
U4 PhoneSvc; no ImagePath
U4 PimIndexMaintenanceSvc; no ImagePath
U4 RetailDemo; no ImagePath
U4 RmSvc; no ImagePath
U4 SEMgrSvc; no ImagePath
U4 SensorDataService; no ImagePath
U4 SensorService; no ImagePath
U4 SharedRealitySvc; no ImagePath
U4 shpamsvc; no ImagePath
U4 ssh-agent; no ImagePath
U4 TroubleshootingSvc; no ImagePath
U4 tzautoupdate; no ImagePath
U2 UnistoreSvc; no ImagePath
U4 UserDataSvc; no ImagePath
S3 WinRing0_1_2_0; \??\C:\Users\Gastón.idea-PC\AppData\Local\Temp\tmpDD75.tmp [X] <==== ATENCIÓN
U4 wisvc; no ImagePath
U4 WpcMonSvc; no ImagePath

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-03-04 20:00 - 2021-03-04 20:01 - 000031680 _____ C:\Users\Gastón.idea-PC\Desktop\FRST.txt
2021-03-04 19:57 - 2021-03-04 19:57 - 000009307 _____ C:\Users\Gastón.idea-PC\Desktop\UsbFix_Report.txt
2021-03-04 19:55 - 2021-02-19 21:08 - 001042712 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2021-03-04 19:55 - 2021-02-19 21:08 - 000514840 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2021-03-04 19:12 - 2021-03-04 19:12 - 002301440 _____ (Farbar) C:\Users\Gastón.idea-PC\Desktop\FRST64.exe
2021-03-01 21:54 - 2021-03-01 21:54 - 000688640 _____ C:\Users\Gastón.idea-PC\Desktop\TDSSKiller.3.1.0.28_01.03.2021_20.49.46_log.txt
2021-03-01 20:49 - 2021-03-01 20:55 - 000688640 _____ C:\TDSSKiller.3.1.0.28_01.03.2021_20.49.46_log.txt
2021-03-01 20:41 - 2021-03-01 20:42 - 000009290 _____ C:\TDSSKiller.3.1.0.28_01.03.2021_20.41.30_log.txt
2021-03-01 20:41 - 2021-03-01 20:41 - 000009124 _____ C:\TDSSKiller.3.1.0.28_01.03.2021_20.41.18_log.txt
2021-03-01 20:40 - 2021-03-01 20:41 - 000000562 _____ C:\TDSSKiller.3.1.0.28_01.03.2021_20.40.58_log.txt
2021-03-01 19:41 - 2021-03-01 19:41 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\467354ED.sys
2021-03-01 19:40 - 2021-03-01 20:39 - 000000000 ____D C:\Users\Gastón.idea-PC\Desktop\mbar
2021-03-01 19:31 - 2021-03-01 19:35 - 000009668 _____ C:\Users\Gastón.idea-PC\Desktop\UsbFix.txt
2021-03-01 19:27 - 2021-03-04 19:56 - 000001906 _____ C:\Users\Public\Desktop\UsbFix Anti-Malware.lnk
2021-03-01 19:27 - 2021-03-04 19:56 - 000001906 _____ C:\ProgramData\Desktop\UsbFix Anti-Malware.lnk
2021-03-01 19:27 - 2021-03-01 19:27 - 000003208 _____ C:\WINDOWS\system32\Tasks\UsbFix Monitor
2021-03-01 19:27 - 2021-03-01 19:27 - 000003206 _____ C:\WINDOWS\system32\Tasks\UsbFix Boot Scan
2021-03-01 19:27 - 2021-03-01 19:27 - 000000000 ____D C:\Program Files (x86)\UsbFix
2021-03-01 19:09 - 2021-03-01 19:09 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Gastón.idea-PC\Desktop\mbar-1.10.3.1001.exe
2021-03-01 19:09 - 2021-03-01 19:09 - 005054744 _____ (AO Kaspersky Lab) C:\Users\Gastón.idea-PC\Desktop\tdsskiller.exe
2021-03-01 19:09 - 2021-03-01 19:09 - 004868504 _____ (SOSVirus) C:\Users\Gastón.idea-PC\Desktop\UsbFix_2020.exe
2021-02-27 03:01 - 2021-02-27 03:02 - 238184200 _____ C:\Users\Gastón.idea-PC\Desktop\kv1pvqjq.exe
2021-02-27 02:59 - 2021-02-27 02:59 - 000000000 ____D C:\KVRT2020_Data
2021-02-27 02:56 - 2021-02-27 02:56 - 100704688 _____ (AO Kaspersky Lab) C:\Users\Gastón.idea-PC\Desktop\KVRT.exe
2021-02-26 20:54 - 2021-02-27 01:52 - 000000576 _____ C:\Users\Gastón.idea-PC\Desktop\ESET Online Scanner.lnk
2021-02-26 20:53 - 2021-02-26 20:53 - 015019488 _____ (ESET spol. s r.o.) C:\Users\Gastón.idea-PC\Desktop\esetonlinescanner.exe
2021-02-24 03:06 - 2021-03-04 19:57 - 000575950 _____ C:\WINDOWS\ntbtlog.txt
2021-02-24 02:33 - 2021-02-24 02:33 - 000000608 _____ C:\Users\Gastón.idea-PC\Desktop\cc_20210224_023308.reg
2021-02-24 02:10 - 2021-02-24 02:30 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Roaming\ZHP
2021-02-24 02:10 - 2021-02-24 02:10 - 000000895 _____ C:\Users\Gastón.idea-PC\Desktop\ZHPCleaner.lnk
2021-02-24 02:10 - 2021-02-24 02:10 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Local\ZHP
2021-02-23 23:53 - 2021-02-23 23:53 - 000006618 _____ C:\Users\Gastón.idea-PC\Desktop\cc_20210223_235311.reg
2021-02-23 23:44 - 2021-02-23 23:45 - 003324568 _____ (Nicolas Coolman) C:\Users\Gastón.idea-PC\Desktop\ZHPCleaner.exe
2021-02-23 23:44 - 2021-02-23 23:44 - 001790024 _____ (Malwarebytes) C:\Users\Gastón.idea-PC\Desktop\JRT.exe
2021-02-23 23:43 - 2021-02-23 23:44 - 008463216 _____ (Malwarebytes) C:\Users\Gastón.idea-PC\Desktop\adwcleaner_8.1.exe
2021-02-23 23:42 - 2021-02-23 23:42 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-23 23:41 - 2021-02-23 23:41 - 002084016 _____ (Malwarebytes) C:\Users\Gastón.idea-PC\Desktop\MBSetup.exe
2021-02-23 23:20 - 2021-03-02 16:32 - 000024982 _____ C:\Users\Gastón.idea-PC\Desktop\PROFESOReset.txt
2021-02-23 19:50 - 2021-02-23 20:09 - 000000000 ____D C:\FSTool
2021-02-22 20:42 - 2021-03-04 19:59 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Roaming\LGHUB
2021-02-22 20:42 - 2021-03-04 19:54 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Local\LGHUB
2021-02-22 20:42 - 2021-02-22 20:42 - 000000718 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2021-02-22 20:42 - 2021-02-22 20:42 - 000000718 _____ C:\ProgramData\Desktop\Logitech G HUB.lnk
2021-02-22 20:42 - 2021-02-22 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2021-02-22 20:42 - 2021-02-22 20:42 - 000000000 ____D C:\Program Files\LGHUB
2021-02-22 20:40 - 2021-02-22 20:40 - 000066808 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_xlcore.sys
2021-02-22 20:40 - 2021-02-22 20:40 - 000038136 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_bus_enum.sys
2021-02-22 20:40 - 2021-02-22 20:40 - 000026672 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_vir_hid.sys
2021-02-22 20:39 - 2021-02-22 20:42 - 000000000 ____D C:\ProgramData\LGHUB
2021-02-20 17:40 - 2021-02-20 18:17 - 000000000 ____D C:\ProgramData\BSD
2021-02-20 15:15 - 2021-02-20 15:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PdaNet for Android
2021-02-20 15:15 - 2021-02-20 15:15 - 000000000 ____D C:\Program Files (x86)\PdaNet for Android
2021-02-20 15:15 - 2011-11-25 01:25 - 000015360 _____ (June Fabrics Technology Inc.) C:\WINDOWS\system32\Drivers\pneteth.sys
2021-02-12 21:13 - 2021-02-12 21:25 - 000247654 _____ C:\TDSSKiller.3.1.0.28_12.02.2021_21.13.47_log.txt
2021-02-12 21:13 - 2021-02-12 21:13 - 000000562 _____ C:\TDSSKiller.3.1.0.28_12.02.2021_21.13.36_log.txt
2021-02-12 20:13 - 2021-02-12 20:13 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\3153729B.sys
2021-02-12 04:16 - 2021-02-12 04:16 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Local\ESET
2021-02-06 17:59 - 2021-02-06 17:59 - 000000000 _____ C:\Users\Gastón.idea-PC\AppData\Local\{98D9E10F-DDCB-469D-B4F6-02657790FD20}
2021-02-02 06:11 - 2021-02-02 06:11 - 000002048 _____ C:\Users\Gastón.idea-PC\Desktop\Memory Cleaner.lnk
2021-02-02 06:11 - 2021-02-02 06:11 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Roaming\KoshyJohn.com
2021-02-02 06:11 - 2021-02-02 06:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KoshyJohn.com

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-03-04 20:00 - 2019-11-22 23:43 - 000000000 ____D C:\FRST
2021-03-04 19:58 - 2014-06-12 11:44 - 000003592 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4206844412-3915076-1266158226-1001
2021-03-04 19:57 - 2020-04-27 03:54 - 000000000 ____D C:\Program Files\Common Files\AV
2021-03-04 19:57 - 2017-11-28 02:38 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2021-03-04 19:57 - 2014-07-05 00:25 - 000000000 ____D C:\Program Files\CCleaner
2021-03-04 19:56 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\Inf
2021-03-04 19:56 - 2013-08-22 10:25 - 000262144 _____ C:\WINDOWS\system32\config\ELAM
2021-03-04 19:55 - 2012-07-26 05:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-04 19:53 - 2015-01-12 20:05 - 000000000 __SHD C:\Users\Gastón\IntelGraphicsProfiles
2021-03-04 19:52 - 2013-08-22 11:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-04 18:13 - 2021-01-21 05:23 - 000001232 _____ C:\Users\Gastón.idea-PC\Desktop\Roblox Studio.lnk
2021-03-04 18:13 - 2019-09-21 21:44 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-03-03 21:32 - 2020-09-13 00:45 - 000000000 ____D C:\Users\Gastón.idea-PC\.Loquendo
2021-03-03 20:48 - 2015-12-26 22:42 - 000000000 ____D C:\Users\Gastón.idea-PC\Documents\Camtasia Studio
2021-03-03 20:45 - 2020-07-22 02:39 - 000002370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2021-03-03 20:45 - 2020-07-22 02:39 - 000002329 _____ C:\Users\Public\Desktop\Brave.lnk
2021-03-03 20:45 - 2020-07-22 02:39 - 000002329 _____ C:\ProgramData\Desktop\Brave.lnk
2021-03-01 20:39 - 2017-07-30 17:07 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2021-03-01 16:52 - 2015-01-12 19:27 - 000000000 ____D C:\Users\Gastón.idea-PC
2021-02-28 17:37 - 2017-01-19 16:25 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Roaming\Nitro PDF
2021-02-28 16:14 - 2017-07-10 01:21 - 000000000 ____D C:\ProgramData\Doctor Web
2021-02-27 01:34 - 2018-04-29 22:14 - 000004128 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-26 20:54 - 2014-09-24 12:25 - 001104098 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-26 20:54 - 2014-09-24 11:40 - 000164164 _____ C:\WINDOWS\system32\perfc00A.dat
2021-02-26 20:54 - 2014-09-24 11:40 - 000090690 _____ C:\WINDOWS\system32\perfh00A.dat
2021-02-24 02:29 - 2015-01-12 18:29 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Local\Google
2021-02-23 23:52 - 2015-02-13 20:13 - 000000000 ____D C:\WINDOWS\Minidump
2021-02-23 23:52 - 2012-07-26 05:12 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-23 23:26 - 2020-07-22 02:36 - 000003474 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2021-02-23 23:26 - 2014-07-05 00:25 - 000002806 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-02-23 23:26 - 2014-06-21 18:14 - 000003704 _____ C:\WINDOWS\system32\Tasks\Java Update Scheduler
2021-02-23 23:25 - 2020-07-22 02:36 - 000003346 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2021-02-23 19:25 - 2020-04-14 04:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-02-22 20:42 - 2015-12-31 00:46 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Local\CrashDumps
2021-02-22 20:38 - 2016-04-10 02:56 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-22 16:44 - 2017-09-09 21:42 - 000007597 _____ C:\Users\Gastón.idea-PC\AppData\Local\Resmon.ResmonCfg
2021-02-21 12:51 - 2019-06-17 03:15 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-02-21 12:51 - 2017-01-07 20:39 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2021-02-21 12:51 - 2015-01-12 20:19 - 000000000 ___RD C:\Users\Gastón.idea-PC\Desktop\UT
2021-02-21 01:01 - 2018-09-16 18:39 - 000000132 _____ C:\Users\Gastón.idea-PC\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2021-02-20 17:47 - 2013-08-22 10:25 - 000000259 _____ C:\WINDOWS\win.ini
2021-02-16 18:56 - 2015-01-12 18:04 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Local\Packages
2021-02-16 18:34 - 2014-10-08 02:15 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-12 20:13 - 2020-06-10 21:47 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-12 07:24 - 2013-06-18 07:50 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-02-12 07:23 - 2016-04-05 23:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\COMODO
2021-02-05 17:58 - 2013-08-22 10:25 - 000524288 _____ C:\WINDOWS\system32\config\BBI

==================== Archivos en la raíz de algunos directorios ========

2007-10-04 12:00 - 2007-10-04 12:00 - 000003134 __RSH () C:\Program Files (x86)\Common Files\Logo.ico
2018-03-10 18:49 - 2018-03-10 18:49 - 000000000 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\fv3_input
2019-11-09 18:22 - 2019-11-09 18:46 - 000000141 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\jjv5conf.json
2018-09-16 18:39 - 2021-02-21 01:01 - 000000132 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2017-12-26 20:45 - 2018-01-04 05:00 - 000000013 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\rbx_hook
2015-10-02 18:31 - 2015-10-02 18:31 - 000001167 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\trace_FilterInstaller.1.txt
2015-10-02 18:43 - 2015-10-02 18:43 - 000000905 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\trace_FilterInstaller.txt
2015-10-02 18:31 - 2015-10-02 18:43 - 000000000 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2017-12-26 20:45 - 2017-12-31 16:10 - 000000024 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\version
2015-11-22 12:28 - 2015-11-22 12:28 - 000000000 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\Microsoft\F999.tmp
2019-04-18 20:51 - 2019-04-18 20:51 - 000001111 _____ () C:\Users\Gastón.idea-PC\AppData\Local\gamma_ramp.reg
2019-07-24 22:07 - 2019-07-25 18:53 - 001313336 _____ (Roblox Corporation) C:\Users\Gastón.idea-PC\AppData\Local\Installer.exe
2017-09-09 21:42 - 2021-02-22 16:44 - 000007597 _____ () C:\Users\Gastón.idea-PC\AppData\Local\Resmon.ResmonCfg
2015-01-16 03:29 - 2015-01-16 03:29 - 000000003 _____ () C:\Users\Gastón.idea-PC\AppData\Local\updater.log
2015-04-24 22:56 - 2020-10-22 07:10 - 000000424 _____ () C:\Users\Gastón.idea-PC\AppData\Local\UserProducts.xml
2020-07-23 02:44 - 2020-07-23 02:44 - 000000000 _____ () C:\Users\Gastón.idea-PC\AppData\Local\{3AA36954-D573-4BC4-8233-7EE0A681818B}
2021-02-06 17:59 - 2021-02-06 17:59 - 000000000 _____ () C:\Users\Gastón.idea-PC\AppData\Local\{98D9E10F-DDCB-469D-B4F6-02657790FD20}
2015-05-22 15:47 - 2015-05-22 15:47 - 000000000 _____ () C:\Users\Gastón.idea-PC\AppData\Local\{A508A5A3-761F-428E-8BB0-9DAE1C482C92}
2017-01-20 20:10 - 2017-01-20 20:10 - 000000000 _____ () C:\Users\Gastón.idea-PC\AppData\Local\{EC9B42B7-A186-4455-AE3A-F9BCE67525D6}

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2021-03-04 18:35
==================== Final de FRST.txt ========================

Addition parte 1

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 28-02-2021
Ejecutado por Gastón (04-03-2021 20:02:34)
Ejecutado desde C:\Users\Gastón.idea-PC\Desktop
Windows 8.1 Single Language (Update) (X64) (2015-01-12 23:05:08)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-4206844412-3915076-1266158226-500 - Administrator - Disabled)
Gastón (S-1-5-21-4206844412-3915076-1266158226-1001 - Administrator - Enabled) => C:\Users\Gastón.idea-PC
HomeGroupUser$ (S-1-5-21-4206844412-3915076-1266158226-1006 - Limited - Enabled)
Invitado (S-1-5-21-4206844412-3915076-1266158226-501 - Limited - Disabled) => C:\Users\Invitado
lnvitado (S-1-5-21-4206844412-3915076-1266158226-1007 - Administrator - Enabled) => C:\Users\lnvitado

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Security Cloud (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Security Cloud (Disabled - Up to date) {F41710F6-65D1-4F66-2B68-CCCF63D4A09E}
FW: Kaspersky Security Cloud (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 9 ActiveX (HKLM-x32\...\{8E9DB7EF-5DD3-499E-BA2A-A1F3153A4DF8}) (Version: 9.0.115.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.17) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.17 - Adobe Systems Incorporated)
Analizador y SDK de MSXML 4.0 SP2 (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
AutoCAD 2007 - Español (HKLM-x32\...\{5783F2D7-5001-040A-0002-0060B0CE6BBA}) (Version: 17.0.54.110 - Autodesk)
Autodesk DWF Viewer (HKLM-x32\...\Autodesk DWF Viewer) (Version: 6.5 - Autodesk, Inc.)
Bentley IEG License Service (HKLM-x32\...\{D56865D0-28E9-4972-990E-01B1074FE4FE}) (Version: 2.0.11.0 - Bentley Systems Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 89.1.21.73 - Los creadores de Brave)
BuduLock (HKLM-x32\...\{7FA7F183-5284-4A79-BC87-429EABCBC5ED}) (Version: 1.1.2 - BuduSuite)
Camtasia 9 (HKLM\...\{5B345FC0-9E6D-4D22-9718-682DB0CF2414}) (Version: 9.0.0.1306 - TechSmith Corporation) Hidden
Camtasia 9 (HKLM-x32\...\{357abfe9-0513-4326-9e53-3b7654e9819d}) (Version: 9.0.0.1306 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
f.lux (HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Flux) (Version:  - )
f.lux (HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\Flux) (Version:  - )
f.lux (HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\Flux) (Version:  - )
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version:  - Richard)
Guía del usuario (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo) Hidden
Hardwipe 5.2.1 (HKLM\...\{0F322F97-B3FB-4423-B23E-4E486693CD16}) (Version: 5.2.1 - Big Angry Dog)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Graphics Driver Software (HKLM-x32\...\{11fd8837-78a3-461c-810a-8857f36bfa18}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{1c5c7b65-90a8-44b8-b1f6-0f6bae9f3eb5}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Iridium Browser (HKLM\...\{5ABE3355-9D56-41DC-BD0A-F160B823FC57}) (Version: 54.0.0 - The Iridium Authors)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Kaspersky Security Cloud (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Security Cloud (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10242 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo Service Bridge (HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\cbe8636f7dd0cf1d) (Version: 1.4.0.0 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\cbe8636f7dd0cf1d) (Version: 1.4.0.0 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\cbe8636f7dd0cf1d) (Version: 1.4.0.0 - Lenovo)
Lock My PC Free Edition 4.9.5 (HKLM\...\Lock My PC Free Edition_is1) (Version: 4.9.5 - )
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version:  - Logitech)
Loquendo TTS 7 Carlos Multimedia High Quality (HKLM-x32\...\{CCB512D7-4500-4E5F-A2EA-26D512E4B2BF}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 Carmen Multimedia High Quality (HKLM-x32\...\{08E73A78-70C4-4168-BB68-98B6D7A9001F}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 Engine Full Distribution (HKLM-x32\...\{16096EE7-3343-4835-B9AF-C63492BD89B3}) (Version: 7.5.0 - Loquendo)
Loquendo TTS 7 Jorge Multimedia High Quality (HKLM-x32\...\{22BF5757-B409-4936-B711-959FE897BD4A}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 SDK Distribution (HKLM-x32\...\{30139AC2-AB19-4AEA-865F-2154240D851F}) (Version: 7.3.1 - Loquendo)
Loquendo TTS 7 Soledad Multimedia High Quality (HKLM-x32\...\{5A073D9F-DC37-4581-BD40-A88EEAB5048D}) (Version: 7.3.1 - Loquendo)
Loquendo TTS 7 Spanish (HKLM-x32\...\{02B7FE27-CF87-4380-B57B-9D7A543B1674}) (Version: 7.4.0 - Loquendo)
Macro Recorder 5.8.0 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.8.0 - Jitbit Software)
Macromedia Flash Player 8 (HKLM-x32\...\ShockwaveFlash) (Version: 8 - Macromedia)
Memory Cleaner 2.70 (HKLM\...\MemClean) (Version: 2.70 - KoshyJohn.com)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219.473 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219.473 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
Nitro Pro 8 (HKLM\...\{34BE77EE-B563-49D7-A8A0-FFD76D29BBD3}) (Version: 8.0.10.7 - Nitro)
Oracle VM VirtualBox 5.0.12 (HKLM\...\{6F93731D-89E1-4A8F-BDA9-D104860DDB02}) (Version: 5.0.12 - Oracle Corporation)
Paquete de controladores de Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Paquete de controladores de Windows - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Paquete de controladores de Windows - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Paquete de controladores de Windows - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Paquete de controladores de Windows - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PdaNet+ for Android 5.23 (HKLM-x32\...\PdaNet_is1) (Version:  - June Fabrics Technology)
'PTC Places' Namespace Shell Extension (HKLM-x32\...\{B7715210-136C-4832-8A60-33BFF6CC0EF1}) (Version: 1.1.13 - PTC)
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10454 - Qualcomm)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
RAM Advanse 9.5 (HKLM-x32\...\{EB06BB46-ED24-4661-8996-A447F1EBC2E7}) (Version: 9.5.0 - Bentley Systems Inc.)
RAM License Support (HKLM-x32\...\{AD6331AF-466F-4D25-B467-EEB2AAF2032C}) (Version: 2.0.2.0 - Bentley Systems, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6675 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Roblox Player for Gastón (HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Player for Gastón (HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Player for Invitado (HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - Roblox Corporation)
Roblox Studio for Gastón (HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\roblox-studio) (Version:  - Roblox Corporation)
Roblox Studio for Gastón (HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\roblox-studio) (Version:  - Roblox Corporation)
Roblox Studio for Gastón (HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\roblox-studio) (Version:  - Roblox Corporation)
Roblox Studio for Invitado (HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - Roblox Corporation)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
ThinkPad UltraNav Driver (HKLM\...\Elantech) (Version: 11.4.10.2 - ELAN Microelectronic Corp.)
Unity Web Player (HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Update for Skype for Business 2016 (KB4484501) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5758925D-D737-4467-8928-BE143AB9699B}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4484501) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5758925D-D737-4467-8928-BE143AB9699B}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4484501) 64-Bit Edition (HKLM\...\{90160000-012B-0C0A-1000-0000000FF1CE}_Office16.PROPLUS_{5758925D-D737-4467-8928-BE143AB9699B}) (Version:  - Microsoft)
UsbFix Anti-Malware Premium (HKLM-x32\...\Usbfix) (Version: 11.0.3.2 - SOSVirus (SOSVirus.Net))
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
Windchill ProductPoint Client Manager (HKLM-x32\...\{129024FF-A6C9-4696-91BC-570C6C05193A}) (Version: 1.1.187 - PTC)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Yousician Launcher version 1.0 (HKLM-x32\...\{EF45EAE9-523E-47C3-8634-A81923B11DD5}_is1) (Version: 1.0 - Yousician)

Packages:
=========
AccuWeather for Windows 8 -> C:\Program Files\WindowsApps\AccuWeather.AccuWeatherforWindows8_4.1.0.31_x64__8zz2pj9h1h1d8 [2021-02-01] (AccuWeather)
Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_2.2.26.0_x86__k1h2ywk1493x8 [2021-02-01] (LENOVO INC.)
Evernote Touch -> C:\Program Files\WindowsApps\Evernote.Evernote_3.3.0.102_x86__q4d96b2w5wcc2 [2021-02-01] (Evernote)
Juegos -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Corporation) [MS Ad]
Lenovo Support -> C:\Program Files\WindowsApps\E046963F.LenovoSupport_2.0.5.0_x86__k1h2ywk1493x8 [2021-02-01] (Lenovo, INC.)
Live TV -> C:\Program Files\WindowsApps\FilmOnLiveTVFree.FilmOnLiveTVFree_1.3.6.115_x64__zx03kxexxb716 [2021-02-01] (FilmOn TV Inc.)
PowerDVD for Lenovo Idea -> C:\Program Files\WindowsApps\CyberLinkCorp.id.PowerDVDforLenovoIdea_1.1.2618.24808_x86__hgg5mn3xps74a [2021-02-01] (CYBERLINK COM CORPORATION)
rara music -> C:\Program Files\WindowsApps\rara.com.rara.com_1.0.25.23_neutral__2tghmx54nqzjm [2021-02-01] (RARA MEDIA GROUP LIMITED)
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2021-02-01] (Zinio LLC)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-4206844412-3915076-1266158226-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4206844412-3915076-1266158226-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4206844412-3915076-1266158226-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4206844412-3915076-1266158226-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4206844412-3915076-1266158226-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4206844412-3915076-1266158226-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4206844412-3915076-1266158226-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32-x32: [Identificador de icono superpuesto para firmas digitales de AutoCAD] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\SysWOW64\AcSignIcon.dll [2006-03-05] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [Atheros] -> [CC]{B8952421-0E55-400B-94A6-FA858FC0A39F} =>  -> Ningún archivo
ContextMenuHandlers1-x32: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files (x86)\Common Files\Autodesk shared\dwf common\DWFShellExtension.dll [2005-11-15] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Common Files\Nitro\Pro\8.0\NPShellExtension64.dll [2012-12-13] (Nitro PDF Software -> Nitro PDF)
ContextMenuHandlers1: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} =>  -> Ningún archivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [BigAngryDog_HWipe] -> {B0FFE529-A5D3-4ECE-91C0-9E3585C373D8} => C:\Program Files\Hardwipe\hw-bin\hwshell.dll [2017-04-03] (Big Angry Dog Ltd -> Big Angry Dog)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers3: [BigAngryDog_HWipe] -> {8154B7C1-BB68-457C-931A-5BFABBA86CD9} => C:\Program Files\Hardwipe\hw-bin\hwshell.dll [2017-04-03] (Big Angry Dog Ltd -> Big Angry Dog)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2013-01-24] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado]
ContextMenuHandlers3: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} =>  -> Ningún archivo
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} =>  -> Ningún archivo
ContextMenuHandlers6: [SugarSync] -> [CC]{305BC11B-5175-492B-B569-866547FCDA40} =>  -> Ningún archivo
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2012-05-18] () [Archivo no firmado]

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\Gastón.idea-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\bea1cfeb4774fda6\Iridium.lnk -> C:\Program Files\Iridium\iridium.exe (The browser authors) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\Users\Gastón.idea-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\200ce23fec0ce6d1\Iridium.lnk -> C:\Program Files\Iridium\iridium.exe (The browser authors) -> --profile-directory=Default

==================== Módulos cargados (Lista blanca) =============

2013-01-24 19:12 - 2013-01-24 19:12 - 000033408 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\CommApi.dll
2013-01-24 19:12 - 2013-01-24 19:12 - 000203392 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\FolderViewImpl.dll
2013-01-24 19:12 - 2013-01-24 19:12 - 000034432 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\ipc.dll
2013-01-24 19:13 - 2013-01-24 19:13 - 000290944 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll
2013-01-24 19:13 - 2013-01-24 19:13 - 000027264 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\TCPConnection.dll
2013-01-24 19:13 - 2013-01-24 19:13 - 000113280 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\utils.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57} [26]
AlternateDataStreams: C:\ProgramData\Temp:890CC2F3 [127]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\46616265.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LmpcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0021 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0022 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0023 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0024 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0025 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0026 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0027 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0028 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0029 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0030 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0031 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0032 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0033 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0034 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0035 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0036 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0037 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0038 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0039 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0040 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0041 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0042 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0043 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0044 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0045 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0046 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0047 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0048 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0049 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0050 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0051 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0052 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0053 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0054 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0055 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0056 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0057 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0058 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0059 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0060 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0061 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0062 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0063 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0064 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0065 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0066 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0067 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0068 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0069 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0070 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0071 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0072 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0073 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0074 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0075 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0076 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0077 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0078 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0079 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0080 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0081 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0082 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0083 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0084 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0085 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0086 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0087 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0088 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0089 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0090 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0091 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0092 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0093 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0094 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0095 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0096 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0097 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0098 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0099 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0100 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\46616265.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmpcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0021 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0022 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0023 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0024 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0025 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0026 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0027 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0028 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0029 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0030 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0031 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0032 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0033 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0034 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0035 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0036 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0037 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0038 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0039 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0040 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0041 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0042 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0043 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0044 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0045 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0046 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0047 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0048 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0049 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0050 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0051 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0052 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0053 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0054 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0055 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0056 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0057 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0058 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0059 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0060 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0061 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0062 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0063 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0064 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0065 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0066 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0067 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0068 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0069 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0070 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0071 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0072 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0073 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0074 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0075 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0076 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0077 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0078 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0079 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0080 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0081 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0082 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0083 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0084 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0085 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0086 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0087 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0088 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0089 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0090 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0091 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0092 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0093 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0094 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0095 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0096 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0097 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0098 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0099 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0100 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ar.yahoo.com?fr=fp-comodo&type=138430100005_12.1.0.6914_i_hp
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-4206844412-3915076-1266158226-501\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/
HKU\S-1-5-21-4206844412-3915076-1266158226-501\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-4206844412-3915076-1266158226-501\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4206844412-3915076-1266158226-1001 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://ar.search_path.yahoo.com/search_path?p={searchTerms}&fr=chr-comodo&type=138430100005_12.1.0.6914_i_ds
SearchScopes: HKU\S-1-5-21-4206844412-3915076-1266158226-1007 -> {254400EB-C42E-48D7-89F3-F0C453074118} URL = 
SearchScopes: HKU\S-1-5-21-4206844412-3915076-1266158226-501 -> {254400EB-C42E-48D7-89F3-F0C453074118} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-06] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Addition parte 2

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Hay 7863 más sitios.

IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\1-2005-search.com -> www.1-2005-search.com

Hay 12653 más sitios.

IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\1-2005-search.com -> www.1-2005-search.com

Hay 12653 más sitios.

IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\1-2005-search.com -> www.1-2005-search.com

Hay 12653 más sitios.


==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2013-08-22 10:25 - 2021-02-20 18:20 - 000000852 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\Windows Live\Shared;C:\Python27;C:\Python27\Scripts;C:\adb
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-4206844412-3915076-1266158226-501\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 10.129.132.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
Firewall de Windows está habilitado.

Network Binding:
=============
Ethernet: SoftEther Lightweight Network Protocol -> selow (enabled) 
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled) 
Conexión de red Bluetooth: SoftEther Lightweight Network Protocol -> selow (enabled) 
Wi-Fi: SoftEther Lightweight Network Protocol -> selow (enabled) 
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled) 
PdaNet Broadband Connection: SoftEther Lightweight Network Protocol -> selow (enabled) 
PdaNet Broadband Connection: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled) 
Ethernet 2: SoftEther Lightweight Network Protocol -> selow (enabled) 
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled) 
VirtualBox Host-Only Network: SoftEther Lightweight Network Protocol -> selow (enabled) 
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled) 

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: Autodesk Licensing Service => 3
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: brave => 2
MSCONFIG\Services: bravem => 3
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: CxAudMsg => 2
MSCONFIG\Services: DragonUpdater => 2
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LmpcService => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: NitroDriverReadSpool8 => 2
MSCONFIG\Services: nlsX86cc => 2
MSCONFIG\Services: SamsungUPDUtilSvc => 2
MSCONFIG\Services: TurboVPNService => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: WindscribeService => 2
MSCONFIG\Services: ZAtheros Bt and Wlan Coex Agent => 2
HKLM\...\StartupApproved\StartupFolder: => "Acelerador de inicio de AutoCAD.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Intel AppUp(SM) center"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "mcui_exe"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "Lightshot"
HKLM\...\StartupApproved\Run32: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\StartupFolder: => "hide.me VPN.lnk"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\StartupFolder: => "PdaNet Desktop.lnk"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\Run: => "TunnelBear"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\Run: => "STUISpeedLauncher"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\StartupApproved\Run: => "TunnelBear"
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\StartupApproved\Run: => "TunnelBear"
HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\StartupApproved\Run: => "Lync"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [TCP Query User{8595EC0D-3B48-4283-BAC3-D656C56F9394}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{5AB757A8-DE5A-4B67-912C-2157DE704461}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{25EE24C1-1C9C-4668-BC6D-D805F0AB797D}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)

==================== Puntos de Restauración =========================

17-02-2021 10:40:59 Punto de control programado
20-02-2021 19:12:26 Punto de comprobación por HitmanPro
20-02-2021 19:13:29 Punto de comprobación por HitmanPro
20-02-2021 19:15:23 Punto de comprobación por HitmanPro
20-02-2021 19:34:51 Punto de comprobación por HitmanPro
20-02-2021 19:37:21 Punto de comprobación por HitmanPro
20-02-2021 19:45:12 Punto de comprobación por HitmanPro
22-02-2021 20:38:11 Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127
24-02-2021 02:27:33 ZHPcleaner
03-03-2021 22:48:51 Punto de control programado

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Temporizador de eventos de alta precisión
Description: Temporizador de eventos de alta precisión
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Dispositivos de sistema estándar)
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (02/24/2021 02:37:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: MBAMService.exe, versión: 3.2.0.943, marca de tiempo: 0x5fbd5689
Nombre del módulo con errores: ntdll.dll, versión: 6.3.9600.19678, marca de tiempo: 0x5e82c88a
Código de excepción: 0xc0000008
Desplazamiento de errores: 0x00000000000ecf40
Identificador del proceso con errores: 0x788
Hora de inicio de la aplicación con errores: 0x01d70ad3686f3882
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: efbab4bd-76c6-11eb-8486-2016d8bee72a
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (02/22/2021 08:42:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: lghub_installer.exe, versión: 2020.12.3534.0, marca de tiempo: 0x5fcebcd8
Nombre del módulo con errores: ntdll.dll, versión: 6.3.9600.19678, marca de tiempo: 0x5e82c88a
Código de excepción: 0xc000000d
Desplazamiento de errores: 0x0000000000102c20
Identificador del proceso con errores: 0x12b8
Hora de inicio de la aplicación con errores: 0x01d70973bdf289ea
Ruta de acceso de la aplicación con errores: C:\Users\Gastón.idea-PC\Desktop\lghub_installer.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: a51879f9-7567-11eb-8480-2016d8bee72a
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (02/10/2021 05:04:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: avp.exe, versión: 21.2.16.590, marca de tiempo: 0xd2b8f349
Nombre del módulo con errores: app_core_legacy.dll, versión: 30.549.0.860, marca de tiempo: 0x5f8a359a
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00094bde
Identificador del proceso con errores: 0x1c0
Hora de inicio de la aplicación con errores: 0x01d6ff835937a7fd
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.2\avp.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.2\app_core_legacy.dll
Identificador del informe: 9b8c5263-6b76-11eb-8423-2016d8bee72a
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (02/01/2021 08:41:41 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: El procedimiento de recopilación para el servicio "C:\Windows\System32\winspool.drv" en el archivo DLL "Spooler" generó una excepción o devolvió un estado no válido. Los datos de rendimiento devueltos por el archivo DLL del contador no se devolverán en el bloque de datos de rendimiento. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de excepción o de estado.

Error: (02/01/2021 08:41:41 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows no puede cargar el archivo DLL del contador extensible rdyboost. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error de Windows.

Error: (02/01/2021 07:24:36 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Error no especificado durante Restaurar sistema: (AdwCleaner_BeforeCleaning_29/01/2021_00:25:20). Información adicional: 0x80070005.

Error: (02/01/2021 06:59:30 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Error no especificado durante Restaurar sistema: (JRT Pre-Junkware Removal). Información adicional: 0x80070005.

Error: (02/01/2021 06:11:17 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Error no especificado durante Restaurar sistema: (JRT Pre-Junkware Removal). Información adicional: 0x80070005.


Errores del sistema:
=============
Error: (03/04/2021 08:01:05 PM) (Source: DCOM) (EventID: 10010) (User: IDEAPC)
Description: El servidor {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (03/04/2021 07:59:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) HD Graphics Control Panel Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (03/04/2021 07:59:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio Kaspersky Anti-Virus 21.3 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.

Error: (03/04/2021 07:56:35 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Error en la llamada ScRegSetValueExW para Start con el error siguiente: 
Acceso denegado.

Error: (03/04/2021 07:51:50 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: El controlador Bluetooth esperaba un evento HCI con un tamaño determinado pero no lo recibió.

Error: (03/04/2021 07:51:36 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Error en la inicialización del archivo de volcado

Error: (03/04/2021 07:43:40 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: El controlador Bluetooth esperaba un evento HCI con un tamaño determinado pero no lo recibió.

Error: (03/04/2021 07:43:29 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Error en la inicialización del archivo de volcado


Windows Defender:
================
Date: 2020-09-29 22:30:36.763
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-09-28 13:29:22.210
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-09-27 06:51:24.757
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-07-21 23:57:28.659
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-12 19:35:10.506
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-05 19:37:23.783
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-04 19:55:42.033
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-03 22:21:14.859
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-01 05:01:15.161
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-03-29 06:14:57.224
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Event[10]:

Date: 2020-03-27 19:04:31.839
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Event[11]:

Date: 2020-03-24 20:46:09.796
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-04 21:50:02.952
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {2BD98CA3-3F05-4A69-83D1-43C01B599CD2}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-10-02 11:02:17.873
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {847310EB-F7EA-4EEB-A253-C6DCD96EBCAF}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-09-30 22:01:35.340
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {E1A749B4-3B8F-485C-AD42-E5E4D041E3AB}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-09-30 03:00:48.780
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {7EB62FEA-086A-4692-BBCD-2F1D067CD06D}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-09-30 01:29:53.090
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {0091D587-A2BF-4EA9-A94C-C0BE32E20631}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-09-27 00:32:07.633
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará revertirlas a un conjunto de firmas conocidas.
Firmas intentadas: Actual
Código de error: 0x80070002
Descripción del error: El sistema no puede encontrar el archivo especificado. 
Versión de firma: 0.0.0.0;0.0.0.0
Versión de motor: 0.0.0.0

Date: 2020-07-21 21:59:24.036
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.313.1456.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16900.4
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

Date: 2020-04-13 21:52:26.118
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.313.856.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16900.4
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

Date: 2020-04-05 23:47:00.261
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.313.211.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16900.4
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

Date: 2020-03-27 21:34:28.884
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.311.1622.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16800.2
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

==================== Información de la memoria =========================== 

BIOS: LENOVO 5ECN95WW(V9.00) 12/19/2012
Placa base: LENOVO INVALID
Procesador: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Porcentaje de memoria en uso: 13%
RAM física total: 8057.77 MB
RAM física disponible: 6934.14 MB
Virtual total: 8057.77 MB
Virtual disponible: 6746.46 MB

==================== Unidades ================================

Drive c: (Windows8_OS) (Fixed) (Total:650.86 GB) (Free:434.78 GB) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:19.07 GB) NTFS

\\?\Volume{7bd11e14-143d-476c-8bbf-561493cebe3c}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.65 GB) NTFS
\\?\Volume{eba66397-d88a-473c-b213-8e2e62d3520b}\ () (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
\\?\Volume{efd4189c-d2ed-48d6-b668-a86d2592e284}\ (PBR_DRV) (Fixed) (Total:20 GB) (Free:10.93 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 3D63DBBB)

Partition: GPT.

==================== Final de Addition.txt =======================

:zero: Veo restos de:

  • Avira
  • AVAST
  • AVG
  • McAfee
  • COMODO

¿Los has tenido instalados en un pasado en tu máquina todos estos? Dime uno por uno SI o NO y que acabo pasando con cada uno de ellos.

¿Tu antivirus actual es kaspersky? Por lo que veo. Todo y que dijiste que era AVG :thinking: :thinking: :thinking: Dime cuál es.

Sube este fichero: C:\Users\Gastón.idea-PC\Desktop\kv1pvqjq.exe a VIRUSTOTAL y me traes el correspondiente enlace del análisis. Todo y que creo lo que es, pero quiero estar seguro.

:one: Desinstalas con Revo Uninstaller (MANUAL) en su Modo Avanzado:

  1. Spybot - Search & Destroy 2
  2. Tweaking. com - Windows Repair

Reinicias el ordenador en Modo Normal.

:two: Ahora debes de hacer una COPIA DE SEGURIDAD DEL REGISTRO, para ello:

  • Descargas DelFix en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

  • Marcas solamente la casilla de Create registry backup, el resto te aseguras de que no estén seleccionadas.

  • Presionas en Run.

Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.

Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
Start::
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => no encontrado
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => no encontrado
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [Ningún archivo]
U4 amdlog; no ImagePath
U4 autotimesvc; no ImagePath
U4 BcastDVRUserService; no ImagePath
U2 camsvc; no ImagePath
U4 CaptureService; no ImagePath
U2 cbdhsvc; no ImagePath
U4 CDPUserSvc; no ImagePath
U2 ConsentUxUserSvc; no ImagePath
U4 CscService; no ImagePath
U2 DeviceAssociationBrokerSvc; no ImagePath
U2 DevicePickerUserSvc; no ImagePath
U2 DevicesFlowUserSvc; no ImagePath
U4 diagnosticshub.standardcollector.service; no ImagePath
U4 diagsvc; no ImagePath
U4 dmwappushservice; no ImagePath
U4 dmwappushsvc; no ImagePath
U4 DsSvc; no ImagePath
U4 DusmSvc; no ImagePath
U4 edgeupdate; no ImagePath
U4 edgeupdatem; no ImagePath
U4 FrameServer; no ImagePath
U4 icssvc; no ImagePath
U4 IpxlatCfgSvc; no ImagePath
R4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
U4 MapsBroker; no ImagePath
U4 MessagingService; no ImagePath
U4 MicrosoftEdgeElevationService; no ImagePath
U4 NfsClnt; no ImagePath
U4 NvTelemetryContainer; no ImagePath
U4 perceptionsimulation; no ImagePath
U4 PhoneSvc; no ImagePath
U4 PimIndexMaintenanceSvc; no ImagePath
U4 RetailDemo; no ImagePath
U4 RmSvc; no ImagePath
U4 SEMgrSvc; no ImagePath
U4 SensorDataService; no ImagePath
U4 SensorService; no ImagePath
U4 SharedRealitySvc; no ImagePath
U4 shpamsvc; no ImagePath
U4 ssh-agent; no ImagePath
U4 TroubleshootingSvc; no ImagePath
U4 tzautoupdate; no ImagePath
U2 UnistoreSvc; no ImagePath
U4 UserDataSvc; no ImagePath
S3 WinRing0_1_2_0; \??\C:\Users\Gastón.idea-PC\AppData\Local\Temp\tmpDD75.tmp [X] <==== ATENCIÓN
U4 wisvc; no ImagePath
U4 WpcMonSvc; no ImagePath
ContextMenuHandlers1: [Atheros] -> [CC]{B8952421-0E55-400B-94A6-FA858FC0A39F} =>  -> Ningún archivo
ContextMenuHandlers1: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} =>  -> Ningún archivo
ContextMenuHandlers3: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} =>  -> Ningún archivo
ContextMenuHandlers4: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers6: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} =>  -> Ningún archivo
ContextMenuHandlers6: [SugarSync] -> [CC]{305BC11B-5175-492B-B569-866547FCDA40} =>  -> Ningún archivo
AlternateDataStreams: C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57} [26]
AlternateDataStreams: C:\ProgramData\Temp:890CC2F3 [127]

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
End::

Lo guardas con el nombre de FIXLIST.TXT en tu escritorio (MUY IMPORTANTE). Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.

:warning: El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.

Finalmente, inicia de nuevo el equipo desde el :arrow_forward: Modo Seguro haces el siguiente 2º MÉTODO.

  1. Ejecutas nuevamente FRST.exe (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador).

  2. Presionas sobre Fix/Corregir y esperas a que finalice el proceso. No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.

  3. Cunado finalice, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta.

  4. Reinicias el ordenador en Modo Normal compruebas durante un rato el funcionamiento de este y comentas como sigue el problema inicialmente planteado.

:warning: Muy Importante :warning: Coloca el reporte que te he pedido como se muestra en la siguiente imagen:

Salu2.

Hola

Rastros de antivirus: Todos esos los tuve instalados ya que estaba buscando alguno que no consuma muchos recursos (cpu memoria disco). Instalaba uno y si no me servía lo desinstalaba y busca otro que cumpla con lo que yo quería.

Estuve varios meses con el Kaspersky. El punto es que lo había desinstalado ya que me salían muchas notificaciones y no las podía desactivar. Entonces, me pasé al AVG y a los días hice el tema. Me volví al Kaspersky ya que el avg consumía muchos recursos; además de que lo de las notificaciones se calmó y pude desactivarlas.

El kv1pvqjq.exe es el doctor web. Tengo todos los programas y reportes en el escritorio; no borré ninguno por las dudas; lo haré cuando me digas. Paso el virustotal VirusTotal

Revo unistaller No tengo instalado spybot ni tweaking., no sale en las aplicaciones (si los tuve en el pasado). Usando la opción de “buscar en…” desde este equipo aparecen rastros como datos, documentos de texto, etc. Con el modo cazador tampoco puedo ya que no son ejecutables.

¿Prosigo con lo demás?

Hola @Diarasas

OK. Pues quedan de algunos rastros. Ya nos encargaremos de acabar de averiguar/indagar de forma más precisa y exacta que rastros quedan de estos en tu máquina.

OK. Aclarado de que ahora tienes el Kaspersky, de todas formas ya lo pude ver con los reportes. Pero creo que aparte de sacar conclusiones con los logs, siempre es bueno hablarlo con el usuario y complementar ambas fuentes de información para poder actuar de la mejor forma posible.

OK. Perfecto. Ya me lo parecía por varias cosas, pero quería estar seguro.

OK. Pues si no aparecen en el Revo unistaller.

SI, si no aparecen ninguno de los dos. Prosigue con el resto que te pido.

Salu2

Hola, te dejo el fixlog.txt

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 28-02-2021
Ejecutado por Gastón (08-03-2021 20:16:18) Run:2
Ejecutado desde C:\Users\Gastón.idea-PC\Desktop
Perfiles cargados: Gastón & lnvitado & Invitado
Modo de Inicio: Safe Mode (with Networking)
==============================================

fixlist contenido:
*****************
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricci�n <==== ATENCI�N
Policies: C:\ProgramData\NTUSER.pol: Restricci�n <==== ATENCI�N
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricci�n <==== ATENCI�N
HKLM\SOFTWARE\Policies\Google: Restricci�n <==== ATENCI�N
Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => no encontrado
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => no encontrado
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [Ning�n archivo]
U4 amdlog; no ImagePath
U4 autotimesvc; no ImagePath
U4 BcastDVRUserService; no ImagePath
U2 camsvc; no ImagePath
U4 CaptureService; no ImagePath
U2 cbdhsvc; no ImagePath
U4 CDPUserSvc; no ImagePath
U2 ConsentUxUserSvc; no ImagePath
U4 CscService; no ImagePath
U2 DeviceAssociationBrokerSvc; no ImagePath
U2 DevicePickerUserSvc; no ImagePath
U2 DevicesFlowUserSvc; no ImagePath
U4 diagnosticshub.standardcollector.service; no ImagePath
U4 diagsvc; no ImagePath
U4 dmwappushservice; no ImagePath
U4 dmwappushsvc; no ImagePath
U4 DsSvc; no ImagePath
U4 DusmSvc; no ImagePath
U4 edgeupdate; no ImagePath
U4 edgeupdatem; no ImagePath
U4 FrameServer; no ImagePath
U4 icssvc; no ImagePath
U4 IpxlatCfgSvc; no ImagePath
R4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
U4 MapsBroker; no ImagePath
U4 MessagingService; no ImagePath
U4 MicrosoftEdgeElevationService; no ImagePath
U4 NfsClnt; no ImagePath
U4 NvTelemetryContainer; no ImagePath
U4 perceptionsimulation; no ImagePath
U4 PhoneSvc; no ImagePath
U4 PimIndexMaintenanceSvc; no ImagePath
U4 RetailDemo; no ImagePath
U4 RmSvc; no ImagePath
U4 SEMgrSvc; no ImagePath
U4 SensorDataService; no ImagePath
U4 SensorService; no ImagePath
U4 SharedRealitySvc; no ImagePath
U4 shpamsvc; no ImagePath
U4 ssh-agent; no ImagePath
U4 TroubleshootingSvc; no ImagePath
U4 tzautoupdate; no ImagePath
U2 UnistoreSvc; no ImagePath
U4 UserDataSvc; no ImagePath
S3 WinRing0_1_2_0; \??\C:\Users\Gast�n.idea-PC\AppData\Local\Temp\tmpDD75.tmp [X] <==== ATENCI�N
U4 wisvc; no ImagePath
U4 WpcMonSvc; no ImagePath
ContextMenuHandlers1: [Atheros] -> [CC]{B8952421-0E55-400B-94A6-FA858FC0A39F} =>  -> Ning�n archivo
ContextMenuHandlers1: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} =>  -> Ning�n archivo
ContextMenuHandlers3: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} =>  -> Ning�n archivo
ContextMenuHandlers4: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} =>  -> Ning�n archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ning�n archivo
ContextMenuHandlers6: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} =>  -> Ning�n archivo
ContextMenuHandlers6: [SugarSync] -> [CC]{305BC11B-5175-492B-B569-866547FCDA40} =>  -> Ning�n archivo
AlternateDataStreams: C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57} [26]
AlternateDataStreams: C:\ProgramData\Temp:890CC2F3 [127]
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:

*****************

Procesos cerrados correctamente.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => eliminado correctamente
C:\ProgramData\NTUSER.pol => movido correctamente
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
HKLM\SOFTWARE\Policies\Google => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C9DCF59E-6B97-4C0C-8641-B8261089C8CA}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9DCF59E-6B97-4C0C-8641-B8261089C8CA}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\MobilePC\HotStart => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MobilePC\HotStart" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DB21EF32-6BA9-4118-BBC1-BC4FF48961E5}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB21EF32-6BA9-4118-BBC1-BC4FF48961E5}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\GadgetManager" => eliminado correctamente
"HKLM\Software\Mozilla\Firefox\Extensions\\[email protected]" => eliminado correctamente
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected]" => eliminado correctamente
HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.73.2 => eliminado correctamente
HKLM\System\CurrentControlSet\Services\amdlog => eliminado correctamente
amdlog => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\autotimesvc => eliminado correctamente
autotimesvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\BcastDVRUserService => eliminado correctamente
BcastDVRUserService => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\camsvc => eliminado correctamente
camsvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\CaptureService => eliminado correctamente
CaptureService => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\cbdhsvc => eliminado correctamente
cbdhsvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\CDPUserSvc => eliminado correctamente
CDPUserSvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\ConsentUxUserSvc => eliminado correctamente
ConsentUxUserSvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\CscService => eliminado correctamente
CscService => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\DeviceAssociationBrokerSvc => eliminado correctamente
DeviceAssociationBrokerSvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\DevicePickerUserSvc => eliminado correctamente
DevicePickerUserSvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\DevicesFlowUserSvc => eliminado correctamente
DevicesFlowUserSvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\diagnosticshub.standardcollector.service => eliminado correctamente
diagnosticshub.standardcollector.service => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\diagsvc => eliminado correctamente
diagsvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\dmwappushservice => eliminado correctamente
dmwappushservice => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\dmwappushsvc => eliminado correctamente
dmwappushsvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\DsSvc => eliminado correctamente
DsSvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\DusmSvc => eliminado correctamente
DusmSvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\edgeupdate => eliminado correctamente
edgeupdate => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\edgeupdatem => eliminado correctamente
edgeupdatem => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\FrameServer => eliminado correctamente
FrameServer => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\icssvc => eliminado correctamente
icssvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\IpxlatCfgSvc => eliminado correctamente
IpxlatCfgSvc => servicio eliminado correctamente
klkbdflt2 => servicio no encontrado.
HKLM\System\CurrentControlSet\Services\MapsBroker => eliminado correctamente
MapsBroker => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\MessagingService => eliminado correctamente
MessagingService => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\MicrosoftEdgeElevationService => eliminado correctamente
MicrosoftEdgeElevationService => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\NfsClnt => eliminado correctamente
NfsClnt => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\NvTelemetryContainer => eliminado correctamente
NvTelemetryContainer => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\perceptionsimulation => eliminado correctamente
perceptionsimulation => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\PhoneSvc => eliminado correctamente
PhoneSvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\PimIndexMaintenanceSvc => eliminado correctamente
PimIndexMaintenanceSvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\RetailDemo => eliminado correctamente
RetailDemo => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\RmSvc => eliminado correctamente
RmSvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\SEMgrSvc => eliminado correctamente
SEMgrSvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\SensorDataService => eliminado correctamente
SensorDataService => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\SensorService => eliminado correctamente
SensorService => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\SharedRealitySvc => eliminado correctamente
SharedRealitySvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\shpamsvc => eliminado correctamente
shpamsvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\ssh-agent => eliminado correctamente
ssh-agent => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\TroubleshootingSvc => eliminado correctamente
TroubleshootingSvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\tzautoupdate => eliminado correctamente
tzautoupdate => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\UnistoreSvc => eliminado correctamente
UnistoreSvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\UserDataSvc => eliminado correctamente
UserDataSvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\WinRing0_1_2_0 => eliminado correctamente
WinRing0_1_2_0 => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\wisvc => eliminado correctamente
wisvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\WpcMonSvc => eliminado correctamente
WpcMonSvc => servicio eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Atheros => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SmartGameBoosterMenu => eliminado correctamente
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\SmartGameBoosterMenu => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\SmartGameBoosterMenu => eliminado correctamente
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => eliminado correctamente
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SmartGameBoosterMenu => eliminado correctamente
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SugarSync => eliminado correctamente
C:\Windows => ":{4B9A1497-0817-47C4-9612-D6A1C53ACF57}" ADS eliminado correctamente
C:\ProgramData\Temp => ":890CC2F3" ADS eliminado correctamente

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 12 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 3 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en PdaNet Broadband Connection mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= Final de CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Interfaz se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => eliminado correctamente
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-4206844412-3915076-1266158226-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-4206844412-3915076-1266158226-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-4206844412-3915076-1266158226-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-4206844412-3915076-1266158226-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-4206844412-3915076-1266158226-501\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-4206844412-3915076-1266158226-501\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9802240 B
Java, Flash, Steam htmlcache => 464 B
Windows/system/drivers => 14594382 B
Edge => 0 B
Chrome => 139264 B
Brave => 14416510 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 21077 B
LocalService => 84555 B
NetworkService => 84555 B
Gastón.idea-PC => 968489990 B
lnvitado => 1512691369 B
Invitado => 1512691369 B

RecycleBin => 253521044 B
EmptyTemp: => 4 GB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 20:20:07 ====

El tema del cpu y disco alto al abrir el administrador de tareas + system persiste. Saludos!

Hola @Diarasas vuelve a ejecutar FRST y traes los logs tal como digo en este mensaje: Virus detectados ¿quedan rastros? - nº 19 por Marr00n

Falta el Addition.txt

Hola marr0n, lo paso de nuevo

FRST

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 28-02-2021
Ejecutado por Gastón (administrador) sobre IDEAPC (LENOVO 20150) (08-03-2021 22:33:19)
Ejecutado desde C:\Users\Gastón.idea-PC\Desktop
Perfiles cargados: Gastón
Platform: Windows 8.1 Single Language (Update) (X64) Idioma: Español (España, internacional)
Navegador predeterminado: "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" --single-argument %1
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) [Archivo no firmado]
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel® Services Manager -> Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [NoThumbnailCache] 1
HKLM\...\Policies\Explorer: [DisableThumbnailCache] 1
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [NoPublishingWizard] 1
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Run: [f.lux] => C:\Users\Gastón.idea-PC\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Michael Herf -> Flux Software LLC)
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [123792272 2021-02-22] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2223048 2021-03-03] (Brave Software, Inc. -> Brave Software, Inc.)
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\Run: [f.lux] => C:\Users\Gastón.idea-PC\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Michael Herf -> Flux Software LLC)
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-28] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\Run: [f.lux] => C:\Users\Gastón.idea-PC\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Michael Herf -> Flux Software LLC)
HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-28] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\Run: [STUISpeedLauncher] => "C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe" -speedlauncher -minVer:6.6.58.0
HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\us005PC: C:\Windows\System32\spool\prtprocs\x64\us005pc.dll [52240 2016-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Nitro PDF Port Monitor: C:\WINDOWS\system32\nitrolocalmon2.dll [29704 2012-12-13] (Nitro PDF Software -> Nitro PDF Software)
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\us005 Langmon: C:\WINDOWS\system32\us005lm.dll [31256 2016-09-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\89.1.21.74\Installer\chrmstp.exe [2021-03-07] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-01-24] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-01-24] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acelerador de inicio de AutoCAD.lnk [2016-06-16]
ShortcutTarget: Acelerador de inicio de AutoCAD.lnk -> C:\Program Files (x86)\Common Files\Autodesk Shared\acstart17.exe (Autodesk, Inc -> Autodesk, Inc)
Startup: C:\Users\Gastón.idea-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk [2021-02-20]
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe (June Fabrics Technology Inc. -> )
BootExecute: autocheck autochk * sdnclean64.exe

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {0813AF20-659B-4445-9E56-BB8FC5CF3346} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {0CE4F5A8-F4CA-45E4-AC54-6834A43B5988} - System32\Tasks\Microsoft\Windows\PLA\WPPTracingSession => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "WPPTracingSession" "$(Arg0)"
Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {11E4D3ED-D620-4FD8-AF84-A6B789DA242D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [978672 2017-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {139788A8-F7FD-4B88-BC47-F66A3AC2EFCD} - System32\Tasks\UsbFix Monitor => C:\Program Files (x86)\UsbFix\Modules\UsbFixMonitor.exe [1239176 2020-12-02] (SOSVIRUS (LE BOZEC CEDRIC, DOMINIQUE, MARIE) -> )
Task: {1808EBE6-33B6-4E4B-AC95-DF54ACD237EE} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157544 2020-07-22] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {1ACBE919-7AC7-4EFB-A076-17E61FB13151} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B1C8F00-FA30-49C9-8A04-B4F9FBEEB9B3} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {2EA21998-14F2-44C7-946A-1070CFA87DCF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {2FDCE8D8-DC52-4CBD-897C-FDE12823E88E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\BraveSoftwareUpdateTaskMachineCore" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\BraveSoftwareUpdateTaskMachineUA" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\Java Update Scheduler" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {67A9884E-E842-4593-AA7F-A3C9388232A6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {69F69A34-524B-4901-92FD-05FBDD8D0C08} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {8626F4D6-2AE4-4526-AF36-E08513EFCD54} - System32\Tasks\Google Updater and Installer => C:\Users\Gastón\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-06-12] (Google Inc -> Google Inc.)
Task: {88A4F2D3-5D09-4C2D-945D-E8041C360C09} - System32\Tasks\UsbFix Boot Scan => C:\Program Files (x86)\UsbFix\UsbFix.exe [2053256 2020-12-02] (SOSVIRUS (LE BOZEC CEDRIC, DOMINIQUE, MARIE) -> )
Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {9D080B6F-914C-4B49-8F56-68CE7D609E7F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [978672 2017-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F982064-3372-400C-B7A8-EE8DFA35BDFA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A93978FA-15D9-4C85-BE53-CE2788E74212} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {ABC584C4-7B63-4D2E-8686-B9777D34D832} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle America, Inc. -> Oracle Corporation)
Task: {ECA9C953-9493-41ED-8707-CBE0E969D7A0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4C4FD96-1DB7-43F1-B0F0-7C94A9AB7D97} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157544 2020-07-22] (Brave Software, Inc. -> BraveSoftware Inc.)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 190.105.0.4 190.105.0.5
Tcpip\..\Interfaces\{5C517605-40D6-45EB-BF01-0EF24F14546E}: [NameServer] 10.129.132.1
Tcpip\..\Interfaces\{6FA458E3-03A5-460E-85BC-F581433F1F05}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{8B09C289-CF1B-4C59-B3A0-08F027A2FBD8}: [DhcpNameServer] 190.105.0.4 190.105.0.5

FireFox:
========
FF ProfilePath: C:\Users\Gastón.idea-PC\AppData\Roaming\Mozilla\Firefox\Profiles\4JP5qivp.default [2021-02-20]
FF Extension: (Avira Password Manager) - C:\Users\Gastón.idea-PC\AppData\Roaming\Mozilla\Firefox\Profiles\4JP5qivp.default\Extensions\[email protected] [2020-04-27]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-08-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2012-12-13] (Nitro PDF Software -> Nitro PDF)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-07-22] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-07-22] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin HKU\S-1-5-21-4206844412-3915076-1266158226-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gastón.idea-PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies SF -> Unity Technologies ApS)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Gastón.idea-PC\AppData\Local\Google\Chrome\User Data\Default [2021-03-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gastón.idea-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-10-06]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm

Brave: 
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-03-08]
BRA DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}&t=brave
BRA DefaultSearchKeyword: Default -> :d
BRA DefaultSuggestURL: Default -> hxxps://ac.duckduckgo.com/ac/?q={searchTerms}&type=list
BRA Extension: (Video Downloader professional) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2020-07-24]
BRA Extension: (Secure Bookmarks) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\leocjgngiajhfiikjolfhcpiokgbinep [2020-07-21]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-02-20]
BRA Extension: (Brave User Model Installer) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\ahiocclicnhmiobhocikfdamfccbehhn [2020-12-20]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-03-08]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-11-29]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\golcdmhaefcpmdoofahgnhnfldidgjfl [2021-03-08]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-02-20]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-03-08]
BRA Extension: (Origin Trials Updates) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\OriginTrials [2020-10-02]
BRA Extension: (Brave Ad Block Updater (EasyList Spanish)) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\pdecoifadfkklajdlmndjpkhabpklldh [2021-03-08]
StartMenuInternet: Brave - C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-24] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado]
S4 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [77944 2014-06-21] (Autodesk, Inc -> Autodesk)
S2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe [384280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5708808 2018-04-21] (BattlEye Innovations e.K. -> )
S4 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157544 2020-07-22] (Brave Software, Inc. -> BraveSoftware Inc.)
S4 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157544 2020-07-22] (Brave Software, Inc. -> BraveSoftware Inc.)
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation -> Microsoft Corporation)
S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [775296 2018-04-21] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10897296 2021-02-22] (Logitech Inc -> Logitech, Inc.)
S4 LmpcService; C:\Program Files\Lock My PC 4\LmpcServ.exe [52592 2007-06-12] (FSPro Labs -> )
S4 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software -> Nitro PDF Software)
S4 nlsX86cc; C:\WINDOWS\SysWOW64\NLSSRV32.EXE [70152 2012-12-13] (Nitro PDF Software -> Nalpeiron Ltd.)
S3 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [508488 2018-04-25] (HP Inc. -> )
S4 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [143664 2018-04-11] (Samsung Electronics CO., LTD. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S4 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-01-24] (Atheros) [Archivo no firmado]

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 AMPPAL; C:\WINDOWS\System32\drivers\AMPPAL.sys [195584 2011-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 aswTap; C:\WINDOWS\system32\DRIVERS\aswTap.sys [44640 2014-04-22] (AVAST Software a.s. -> The OpenVPN Project)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 fwdrv; C:\WINDOWS\system32\DRIVERS\fwdrv.sys [27840 2014-03-22] (Web Solution Mart -> Web Solution Mart)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-05-14] (Martin Malik - REALiX -> REALiX(tm))
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [657176 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1400584 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [96008 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [230976 2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [86656 2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [275664 2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [101112 2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [190952 2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 LGHUBTemperatureService; C:\ProgramData\LGHUB\depots\73248\driver_cpu_temperature\logi_core_temp.sys [25448 2021-02-22] (Logitech Inc. -> Logitech)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [38136 2021-02-22] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [26672 2021-02-22] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66808 2021-02-22] (Logitech Inc -> Logitech)
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [58280 2018-07-27] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
S3 Neo_VPN; C:\WINDOWS\system32\DRIVERS\Neo_VPN.sys [38432 2018-03-10] (SoftEther Corporation -> SoftEther Corporation)
S3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [29888 2020-06-10] (TEFINCOM S.A. -> WireGuard LLC)
S3 phantomtap; C:\WINDOWS\system32\DRIVERS\phantomtap.sys [35664 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [50888 2018-06-09] (SoftEther Corporation -> SoftEther Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap-tb-0901; C:\WINDOWS\system32\DRIVERS\tap-tb-0901.sys [38656 2015-08-10] (TunnelBear, Inc. -> The OpenVPN Project)
R3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapnordvpn; C:\WINDOWS\system32\DRIVERS\tapnordvpn.sys [35592 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\system32\DRIVERS\tapprotonvpn.sys [39864 2020-04-06] (ProtonVPN AG -> The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\system32\DRIVERS\tapwindscribe0901.sys [45560 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
R3 TS_ARN5416; C:\WINDOWS\system32\DRIVERS\ts_athrx.sys [3508584 2017-05-11] (TamoSoft Ltd -> TamoSoft)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-12-18] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [194976 2015-12-18] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [125008 2015-11-10] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29576 2020-08-02] (WireGuard LLC -> WireGuard LLC)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-03-08 22:33 - 2021-03-08 22:34 - 000028612 _____ C:\Users\Gastón.idea-PC\Desktop\FRST.txt
2021-03-08 21:35 - 2021-03-08 21:35 - 000009424 _____ C:\Users\Gastón.idea-PC\Desktop\UsbFix_Report.txt
2021-03-08 20:16 - 2021-03-08 20:20 - 000017998 _____ C:\Users\Gastón.idea-PC\Desktop\Fixlog.txt
2021-03-08 19:56 - 2021-03-08 19:56 - 000797760 _____ C:\Users\Gastón.idea-PC\Desktop\delfix.exe
2021-03-06 21:50 - 2021-03-06 21:50 - 007461704 _____ (VS Revo Group ) C:\Users\Gastón.idea-PC\Desktop\revosetup.exe
2021-03-06 21:50 - 2021-03-06 21:50 - 000001021 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2021-03-06 21:50 - 2021-03-06 21:50 - 000001021 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2021-03-06 18:46 - 2021-03-06 18:46 - 000262144 ____N C:\WINDOWS\Minidump\030621-67812-01.dmp
2021-03-04 20:42 - 2021-03-04 20:42 - 000275664 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2021-03-04 20:02 - 2021-03-04 20:29 - 000091249 _____ C:\Users\Gastón.idea-PC\Desktop\Addition.txt
2021-03-04 20:00 - 2021-03-04 20:22 - 000045359 _____ C:\Users\Gastón.idea-PC\Desktop\FRST.txt
2021-03-04 19:57 - 2021-03-04 19:57 - 000230976 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2021-03-04 19:57 - 2021-03-04 19:57 - 000190952 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2021-03-04 19:57 - 2021-03-04 19:57 - 000101112 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2021-03-04 19:57 - 2021-03-04 19:57 - 000086656 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2021-03-04 19:56 - 2021-03-04 19:56 - 000002134 _____ C:\Users\Public\Desktop\Kaspersky Security Cloud.lnk
2021-03-04 19:56 - 2021-03-04 19:56 - 000002134 _____ C:\ProgramData\Desktop\Kaspersky Security Cloud.lnk
2021-03-04 19:56 - 2021-03-04 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Cloud
2021-03-04 19:56 - 2021-02-19 21:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2021-03-04 19:55 - 2021-03-04 19:56 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2021-03-04 19:55 - 2021-03-04 19:56 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2021-03-04 19:55 - 2021-02-19 21:08 - 001042712 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2021-03-04 19:55 - 2021-02-19 21:08 - 000514840 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2021-03-04 19:39 - 2021-03-04 19:39 - 002767192 _____ (Kaspersky) C:\Users\Gastón.idea-PC\Downloads\ks4.021.3.10.391es_25037.exe
2021-03-04 19:12 - 2021-03-04 19:12 - 002301440 _____ (Farbar) C:\Users\Gastón.idea-PC\Desktop\FRST64.exe
2021-03-01 21:54 - 2021-03-01 21:54 - 000688640 _____ C:\Users\Gastón.idea-PC\Desktop\TDSSKiller.3.1.0.28_01.03.2021_20.49.46_log.txt
2021-03-01 20:49 - 2021-03-01 20:55 - 000688640 _____ C:\TDSSKiller.3.1.0.28_01.03.2021_20.49.46_log.txt
2021-03-01 20:41 - 2021-03-01 20:42 - 000009290 _____ C:\TDSSKiller.3.1.0.28_01.03.2021_20.41.30_log.txt
2021-03-01 20:41 - 2021-03-01 20:41 - 000009124 _____ C:\TDSSKiller.3.1.0.28_01.03.2021_20.41.18_log.txt
2021-03-01 20:40 - 2021-03-01 20:41 - 000000562 _____ C:\TDSSKiller.3.1.0.28_01.03.2021_20.40.58_log.txt
2021-03-01 19:41 - 2021-03-01 19:41 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\467354ED.sys
2021-03-01 19:40 - 2021-03-01 20:39 - 000000000 ____D C:\Users\Gastón.idea-PC\Desktop\mbar
2021-03-01 19:31 - 2021-03-01 19:35 - 000009668 _____ C:\Users\Gastón.idea-PC\Desktop\UsbFix.txt
2021-03-01 19:27 - 2021-03-08 21:34 - 000001906 _____ C:\Users\Public\Desktop\UsbFix Anti-Malware.lnk
2021-03-01 19:27 - 2021-03-08 21:34 - 000001906 _____ C:\ProgramData\Desktop\UsbFix Anti-Malware.lnk
2021-03-01 19:27 - 2021-03-01 19:27 - 000003208 _____ C:\WINDOWS\system32\Tasks\UsbFix Monitor
2021-03-01 19:27 - 2021-03-01 19:27 - 000003206 _____ C:\WINDOWS\system32\Tasks\UsbFix Boot Scan
2021-03-01 19:27 - 2021-03-01 19:27 - 000000000 ____D C:\Program Files (x86)\UsbFix
2021-03-01 19:09 - 2021-03-01 19:09 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Gastón.idea-PC\Desktop\mbar-1.10.3.1001.exe
2021-03-01 19:09 - 2021-03-01 19:09 - 005054744 _____ (AO Kaspersky Lab) C:\Users\Gastón.idea-PC\Desktop\tdsskiller.exe
2021-03-01 19:09 - 2021-03-01 19:09 - 004868504 _____ (SOSVirus) C:\Users\Gastón.idea-PC\Desktop\UsbFix_2020.exe
2021-02-27 03:01 - 2021-02-27 03:02 - 238184200 _____ C:\Users\Gastón.idea-PC\Desktop\kv1pvqjq.exe
2021-02-27 02:59 - 2021-02-27 02:59 - 000000000 ____D C:\KVRT2020_Data
2021-02-27 02:56 - 2021-02-27 02:56 - 100704688 _____ (AO Kaspersky Lab) C:\Users\Gastón.idea-PC\Desktop\KVRT.exe
2021-02-26 20:54 - 2021-02-27 01:52 - 000000576 _____ C:\Users\Gastón.idea-PC\Desktop\ESET Online Scanner.lnk
2021-02-26 20:53 - 2021-02-26 20:53 - 015019488 _____ (ESET spol. s r.o.) C:\Users\Gastón.idea-PC\Desktop\esetonlinescanner.exe
2021-02-24 03:06 - 2021-03-08 21:42 - 001322024 _____ C:\WINDOWS\ntbtlog.txt
2021-02-24 02:33 - 2021-02-24 02:33 - 000000608 _____ C:\Users\Gastón.idea-PC\Desktop\cc_20210224_023308.reg
2021-02-24 02:10 - 2021-02-24 02:30 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Roaming\ZHP
2021-02-24 02:10 - 2021-02-24 02:10 - 000000895 _____ C:\Users\Gastón.idea-PC\Desktop\ZHPCleaner.lnk
2021-02-24 02:10 - 2021-02-24 02:10 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Local\ZHP
2021-02-23 23:53 - 2021-02-23 23:53 - 000006618 _____ C:\Users\Gastón.idea-PC\Desktop\cc_20210223_235311.reg
2021-02-23 23:44 - 2021-02-23 23:45 - 003324568 _____ (Nicolas Coolman) C:\Users\Gastón.idea-PC\Desktop\ZHPCleaner.exe
2021-02-23 23:44 - 2021-02-23 23:44 - 001790024 _____ (Malwarebytes) C:\Users\Gastón.idea-PC\Desktop\JRT.exe
2021-02-23 23:43 - 2021-02-23 23:44 - 008463216 _____ (Malwarebytes) C:\Users\Gastón.idea-PC\Desktop\adwcleaner_8.1.exe
2021-02-23 23:42 - 2021-02-23 23:42 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-23 23:41 - 2021-02-23 23:41 - 002084016 _____ (Malwarebytes) C:\Users\Gastón.idea-PC\Desktop\MBSetup.exe
2021-02-23 23:20 - 2021-03-02 16:32 - 000024982 _____ C:\Users\Gastón.idea-PC\Desktop\PROFESOReset.txt
2021-02-23 19:50 - 2021-02-23 20:09 - 000000000 ____D C:\FSTool
2021-02-22 20:42 - 2021-03-08 22:31 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Roaming\LGHUB
2021-02-22 20:42 - 2021-03-08 22:31 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Local\LGHUB
2021-02-22 20:42 - 2021-02-22 20:42 - 000000718 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2021-02-22 20:42 - 2021-02-22 20:42 - 000000718 _____ C:\ProgramData\Desktop\Logitech G HUB.lnk
2021-02-22 20:42 - 2021-02-22 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2021-02-22 20:42 - 2021-02-22 20:42 - 000000000 ____D C:\Program Files\LGHUB
2021-02-22 20:40 - 2021-02-22 20:40 - 000066808 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_xlcore.sys
2021-02-22 20:40 - 2021-02-22 20:40 - 000038136 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_bus_enum.sys
2021-02-22 20:40 - 2021-02-22 20:40 - 000026672 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_vir_hid.sys
2021-02-22 20:39 - 2021-02-22 20:42 - 000000000 ____D C:\ProgramData\LGHUB
2021-02-20 17:40 - 2021-02-20 18:17 - 000000000 ____D C:\ProgramData\BSD
2021-02-20 15:15 - 2021-02-20 15:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PdaNet for Android
2021-02-20 15:15 - 2021-02-20 15:15 - 000000000 ____D C:\Program Files (x86)\PdaNet for Android
2021-02-20 15:15 - 2011-11-25 01:25 - 000015360 _____ (June Fabrics Technology Inc.) C:\WINDOWS\system32\Drivers\pneteth.sys
2021-02-12 21:13 - 2021-02-12 21:25 - 000247654 _____ C:\TDSSKiller.3.1.0.28_12.02.2021_21.13.47_log.txt
2021-02-12 21:13 - 2021-02-12 21:13 - 000000562 _____ C:\TDSSKiller.3.1.0.28_12.02.2021_21.13.36_log.txt
2021-02-12 20:13 - 2021-02-12 20:13 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\3153729B.sys
2021-02-12 04:16 - 2021-02-12 04:16 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Local\ESET
2021-02-06 17:59 - 2021-02-06 17:59 - 000000000 _____ C:\Users\Gastón.idea-PC\AppData\Local\{98D9E10F-DDCB-469D-B4F6-02657790FD20}

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-03-08 22:33 - 2019-11-22 23:43 - 000000000 ____D C:\FRST
2021-03-08 22:13 - 2014-07-05 00:25 - 000000000 ____D C:\Program Files\CCleaner
2021-03-08 21:33 - 2015-01-12 20:05 - 000000000 __SHD C:\Users\Gastón\IntelGraphicsProfiles
2021-03-08 21:31 - 2015-01-12 19:27 - 000000000 ____D C:\Users\Gastón.idea-PC
2021-03-08 21:30 - 2013-08-22 11:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-08 21:13 - 2018-04-29 22:14 - 000004128 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-08 21:09 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\Inf
2021-03-08 20:02 - 2020-06-13 21:28 - 000000252 _____ C:\DelFix.txt
2021-03-07 22:13 - 2014-06-12 11:44 - 000003594 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4206844412-3915076-1266158226-1001
2021-03-07 16:57 - 2020-07-22 02:39 - 000002370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2021-03-07 16:57 - 2020-07-22 02:39 - 000002329 _____ C:\Users\Public\Desktop\Brave.lnk
2021-03-07 16:57 - 2020-07-22 02:39 - 000002329 _____ C:\ProgramData\Desktop\Brave.lnk
2021-03-07 04:01 - 2017-09-09 21:42 - 000007597 _____ C:\Users\Gastón.idea-PC\AppData\Local\Resmon.ResmonCfg
2021-03-06 21:50 - 2020-06-19 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-03-06 21:50 - 2018-03-12 04:35 - 000000000 ____D C:\Program Files\VS Revo Group
2021-03-06 21:34 - 2017-07-10 01:21 - 000000000 ____D C:\ProgramData\Doctor Web
2021-03-06 18:46 - 2015-02-13 20:13 - 000000000 ____D C:\WINDOWS\Minidump
2021-03-04 19:57 - 2020-04-27 03:54 - 000000000 ____D C:\Program Files\Common Files\AV
2021-03-04 19:57 - 2017-11-28 02:38 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2021-03-04 19:56 - 2013-08-22 10:25 - 000262144 _____ C:\WINDOWS\system32\config\ELAM
2021-03-04 19:55 - 2012-07-26 05:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-04 18:13 - 2021-01-21 05:23 - 000001232 _____ C:\Users\Gastón.idea-PC\Desktop\Roblox Studio.lnk
2021-03-04 18:13 - 2019-09-21 21:44 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-03-03 21:32 - 2020-09-13 00:45 - 000000000 ____D C:\Users\Gastón.idea-PC\.Loquendo
2021-03-03 20:48 - 2015-12-26 22:42 - 000000000 ____D C:\Users\Gastón.idea-PC\Documents\Camtasia Studio
2021-03-01 20:39 - 2017-07-30 17:07 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2021-02-28 17:37 - 2017-01-19 16:25 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Roaming\Nitro PDF
2021-02-26 20:54 - 2014-09-24 12:25 - 001104098 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-26 20:54 - 2014-09-24 11:40 - 000164164 _____ C:\WINDOWS\system32\perfc00A.dat
2021-02-26 20:54 - 2014-09-24 11:40 - 000090690 _____ C:\WINDOWS\system32\perfh00A.dat
2021-02-24 02:29 - 2015-01-12 18:29 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Local\Google
2021-02-23 23:52 - 2012-07-26 05:12 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-23 23:26 - 2020-07-22 02:36 - 000003474 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2021-02-23 23:26 - 2014-07-05 00:25 - 000002806 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-02-23 23:26 - 2014-06-21 18:14 - 000003704 _____ C:\WINDOWS\system32\Tasks\Java Update Scheduler
2021-02-23 23:25 - 2020-07-22 02:36 - 000003346 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2021-02-23 19:25 - 2020-04-14 04:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-02-22 20:42 - 2015-12-31 00:46 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Local\CrashDumps
2021-02-22 20:38 - 2016-04-10 02:56 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-21 12:51 - 2019-06-17 03:15 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-02-21 12:51 - 2017-01-07 20:39 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2021-02-21 12:51 - 2015-01-12 20:19 - 000000000 ___RD C:\Users\Gastón.idea-PC\Desktop\UT
2021-02-21 01:01 - 2018-09-16 18:39 - 000000132 _____ C:\Users\Gastón.idea-PC\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2021-02-20 17:47 - 2013-08-22 10:25 - 000000259 _____ C:\WINDOWS\win.ini
2021-02-16 18:56 - 2015-01-12 18:04 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Local\Packages
2021-02-16 18:34 - 2014-10-08 02:15 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-12 20:13 - 2020-06-10 21:47 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-12 07:24 - 2013-06-18 07:50 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-02-12 07:23 - 2016-04-05 23:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\COMODO

==================== Archivos en la raíz de algunos directorios ========

2007-10-04 12:00 - 2007-10-04 12:00 - 000003134 __RSH () C:\Program Files (x86)\Common Files\Logo.ico
2018-03-10 18:49 - 2018-03-10 18:49 - 000000000 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\fv3_input
2019-11-09 18:22 - 2019-11-09 18:46 - 000000141 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\jjv5conf.json
2018-09-16 18:39 - 2021-02-21 01:01 - 000000132 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2017-12-26 20:45 - 2018-01-04 05:00 - 000000013 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\rbx_hook
2015-10-02 18:31 - 2015-10-02 18:31 - 000001167 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\trace_FilterInstaller.1.txt
2015-10-02 18:43 - 2015-10-02 18:43 - 000000905 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\trace_FilterInstaller.txt
2015-10-02 18:31 - 2015-10-02 18:43 - 000000000 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2017-12-26 20:45 - 2017-12-31 16:10 - 000000024 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\version
2015-11-22 12:28 - 2015-11-22 12:28 - 000000000 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\Microsoft\F999.tmp
2019-04-18 20:51 - 2019-04-18 20:51 - 000001111 _____ () C:\Users\Gastón.idea-PC\AppData\Local\gamma_ramp.reg
2019-07-24 22:07 - 2019-07-25 18:53 - 001313336 _____ (Roblox Corporation) C:\Users\Gastón.idea-PC\AppData\Local\Installer.exe
2017-09-09 21:42 - 2021-03-07 04:01 - 000007597 _____ () C:\Users\Gastón.idea-PC\AppData\Local\Resmon.ResmonCfg
2015-01-16 03:29 - 2015-01-16 03:29 - 000000003 _____ () C:\Users\Gastón.idea-PC\AppData\Local\updater.log
2015-04-24 22:56 - 2020-10-22 07:10 - 000000424 _____ () C:\Users\Gastón.idea-PC\AppData\Local\UserProducts.xml
2020-07-23 02:44 - 2020-07-23 02:44 - 000000000 _____ () C:\Users\Gastón.idea-PC\AppData\Local\{3AA36954-D573-4BC4-8233-7EE0A681818B}
2021-02-06 17:59 - 2021-02-06 17:59 - 000000000 _____ () C:\Users\Gastón.idea-PC\AppData\Local\{98D9E10F-DDCB-469D-B4F6-02657790FD20}
2015-05-22 15:47 - 2015-05-22 15:47 - 000000000 _____ () C:\Users\Gastón.idea-PC\AppData\Local\{A508A5A3-761F-428E-8BB0-9DAE1C482C92}
2017-01-20 20:10 - 2017-01-20 20:10 - 000000000 _____ () C:\Users\Gastón.idea-PC\AppData\Local\{EC9B42B7-A186-4455-AE3A-F9BCE67525D6}

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2021-03-08 21:43
==================== Final de FRST.txt ========================

sigo abajo

Addition.txt parte 1

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 28-02-2021
Ejecutado por Gastón (08-03-2021 22:35:31)
Ejecutado desde C:\Users\Gastón.idea-PC\Desktop
Windows 8.1 Single Language (Update) (X64) (2015-01-12 23:05:08)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-4206844412-3915076-1266158226-500 - Administrator - Disabled)
Gastón (S-1-5-21-4206844412-3915076-1266158226-1001 - Administrator - Enabled) => C:\Users\Gastón.idea-PC
HomeGroupUser$ (S-1-5-21-4206844412-3915076-1266158226-1006 - Limited - Enabled)
Invitado (S-1-5-21-4206844412-3915076-1266158226-501 - Limited - Disabled) => C:\Users\Invitado
lnvitado (S-1-5-21-4206844412-3915076-1266158226-1007 - Administrator - Enabled) => C:\Users\lnvitado

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Security Cloud (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Security Cloud (Disabled - Up to date) {F41710F6-65D1-4F66-2B68-CCCF63D4A09E}
FW: Kaspersky Security Cloud (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 9 ActiveX (HKLM-x32\...\{8E9DB7EF-5DD3-499E-BA2A-A1F3153A4DF8}) (Version: 9.0.115.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.17) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.17 - Adobe Systems Incorporated)
Analizador y SDK de MSXML 4.0 SP2 (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
AutoCAD 2007 - Español (HKLM-x32\...\{5783F2D7-5001-040A-0002-0060B0CE6BBA}) (Version: 17.0.54.110 - Autodesk)
Autodesk DWF Viewer (HKLM-x32\...\Autodesk DWF Viewer) (Version: 6.5 - Autodesk, Inc.)
Bentley IEG License Service (HKLM-x32\...\{D56865D0-28E9-4972-990E-01B1074FE4FE}) (Version: 2.0.11.0 - Bentley Systems Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 89.1.21.74 - Los creadores de Brave)
BuduLock (HKLM-x32\...\{7FA7F183-5284-4A79-BC87-429EABCBC5ED}) (Version: 1.1.2 - BuduSuite)
Camtasia 9 (HKLM\...\{5B345FC0-9E6D-4D22-9718-682DB0CF2414}) (Version: 9.0.0.1306 - TechSmith Corporation) Hidden
Camtasia 9 (HKLM-x32\...\{357abfe9-0513-4326-9e53-3b7654e9819d}) (Version: 9.0.0.1306 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
f.lux (HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Flux) (Version:  - )
f.lux (HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\Flux) (Version:  - )
f.lux (HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\Flux) (Version:  - )
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version:  - Richard)
Guía del usuario (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo) Hidden
Hardwipe 5.2.1 (HKLM\...\{0F322F97-B3FB-4423-B23E-4E486693CD16}) (Version: 5.2.1 - Big Angry Dog)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Graphics Driver Software (HKLM-x32\...\{11fd8837-78a3-461c-810a-8857f36bfa18}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{1c5c7b65-90a8-44b8-b1f6-0f6bae9f3eb5}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Iridium Browser (HKLM\...\{5ABE3355-9D56-41DC-BD0A-F160B823FC57}) (Version: 54.0.0 - The Iridium Authors)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Kaspersky Security Cloud (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Security Cloud (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10242 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo Service Bridge (HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\cbe8636f7dd0cf1d) (Version: 1.4.0.0 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\cbe8636f7dd0cf1d) (Version: 1.4.0.0 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\cbe8636f7dd0cf1d) (Version: 1.4.0.0 - Lenovo)
Lock My PC Free Edition 4.9.5 (HKLM\...\Lock My PC Free Edition_is1) (Version: 4.9.5 - )
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version:  - Logitech)
Loquendo TTS 7 Carlos Multimedia High Quality (HKLM-x32\...\{CCB512D7-4500-4E5F-A2EA-26D512E4B2BF}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 Carmen Multimedia High Quality (HKLM-x32\...\{08E73A78-70C4-4168-BB68-98B6D7A9001F}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 Engine Full Distribution (HKLM-x32\...\{16096EE7-3343-4835-B9AF-C63492BD89B3}) (Version: 7.5.0 - Loquendo)
Loquendo TTS 7 Jorge Multimedia High Quality (HKLM-x32\...\{22BF5757-B409-4936-B711-959FE897BD4A}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 SDK Distribution (HKLM-x32\...\{30139AC2-AB19-4AEA-865F-2154240D851F}) (Version: 7.3.1 - Loquendo)
Loquendo TTS 7 Soledad Multimedia High Quality (HKLM-x32\...\{5A073D9F-DC37-4581-BD40-A88EEAB5048D}) (Version: 7.3.1 - Loquendo)
Loquendo TTS 7 Spanish (HKLM-x32\...\{02B7FE27-CF87-4380-B57B-9D7A543B1674}) (Version: 7.4.0 - Loquendo)
Macro Recorder 5.8.0 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.8.0 - Jitbit Software)
Macromedia Flash Player 8 (HKLM-x32\...\ShockwaveFlash) (Version: 8 - Macromedia)
Memory Cleaner 2.70 (HKLM\...\MemClean) (Version: 2.70 - KoshyJohn.com)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219.473 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219.473 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
Nitro Pro 8 (HKLM\...\{34BE77EE-B563-49D7-A8A0-FFD76D29BBD3}) (Version: 8.0.10.7 - Nitro)
Oracle VM VirtualBox 5.0.12 (HKLM\...\{6F93731D-89E1-4A8F-BDA9-D104860DDB02}) (Version: 5.0.12 - Oracle Corporation)
Paquete de controladores de Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Paquete de controladores de Windows - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Paquete de controladores de Windows - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Paquete de controladores de Windows - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Paquete de controladores de Windows - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PdaNet+ for Android 5.23 (HKLM-x32\...\PdaNet_is1) (Version:  - June Fabrics Technology)
'PTC Places' Namespace Shell Extension (HKLM-x32\...\{B7715210-136C-4832-8A60-33BFF6CC0EF1}) (Version: 1.1.13 - PTC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
RAM Advanse 9.5 (HKLM-x32\...\{EB06BB46-ED24-4661-8996-A447F1EBC2E7}) (Version: 9.5.0 - Bentley Systems Inc.)
RAM License Support (HKLM-x32\...\{AD6331AF-466F-4D25-B467-EEB2AAF2032C}) (Version: 2.0.2.0 - Bentley Systems, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6675 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Revo Uninstaller 2.2.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.2.2 - VS Revo Group, Ltd.)
Roblox Player for Gastón (HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Player for Gastón (HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Player for Invitado (HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - Roblox Corporation)
Roblox Studio for Gastón (HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\roblox-studio) (Version:  - Roblox Corporation)
Roblox Studio for Gastón (HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\roblox-studio) (Version:  - Roblox Corporation)
Roblox Studio for Gastón (HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\roblox-studio) (Version:  - Roblox Corporation)
Roblox Studio for Invitado (HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - Roblox Corporation)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
ThinkPad UltraNav Driver (HKLM\...\Elantech) (Version: 11.4.10.2 - ELAN Microelectronic Corp.)
Unity Web Player (HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Update for Skype for Business 2016 (KB4484501) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5758925D-D737-4467-8928-BE143AB9699B}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4484501) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5758925D-D737-4467-8928-BE143AB9699B}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4484501) 64-Bit Edition (HKLM\...\{90160000-012B-0C0A-1000-0000000FF1CE}_Office16.PROPLUS_{5758925D-D737-4467-8928-BE143AB9699B}) (Version:  - Microsoft)
UsbFix Anti-Malware Premium (HKLM-x32\...\Usbfix) (Version: 11.0.3.2 - SOSVirus (SOSVirus.Net))
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
Windchill ProductPoint Client Manager (HKLM-x32\...\{129024FF-A6C9-4696-91BC-570C6C05193A}) (Version: 1.1.187 - PTC)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Yousician Launcher version 1.0 (HKLM-x32\...\{EF45EAE9-523E-47C3-8634-A81923B11DD5}_is1) (Version: 1.0 - Yousician)

Packages:
=========
AccuWeather for Windows 8 -> C:\Program Files\WindowsApps\AccuWeather.AccuWeatherforWindows8_4.1.0.31_x64__8zz2pj9h1h1d8 [2021-02-01] (AccuWeather)
Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_2.2.26.0_x86__k1h2ywk1493x8 [2021-02-01] (LENOVO INC.)
Evernote Touch -> C:\Program Files\WindowsApps\Evernote.Evernote_3.3.0.102_x86__q4d96b2w5wcc2 [2021-02-01] (Evernote)
Juegos -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Corporation) [MS Ad]
Lenovo Support -> C:\Program Files\WindowsApps\E046963F.LenovoSupport_2.0.5.0_x86__k1h2ywk1493x8 [2021-02-01] (Lenovo, INC.)
Live TV -> C:\Program Files\WindowsApps\FilmOnLiveTVFree.FilmOnLiveTVFree_1.3.6.115_x64__zx03kxexxb716 [2021-02-01] (FilmOn TV Inc.)
PowerDVD for Lenovo Idea -> C:\Program Files\WindowsApps\CyberLinkCorp.id.PowerDVDforLenovoIdea_1.1.2618.24808_x86__hgg5mn3xps74a [2021-02-01] (CYBERLINK COM CORPORATION)
rara music -> C:\Program Files\WindowsApps\rara.com.rara.com_1.0.25.23_neutral__2tghmx54nqzjm [2021-02-01] (RARA MEDIA GROUP LIMITED)
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2021-02-01] (Zinio LLC)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-4206844412-3915076-1266158226-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4206844412-3915076-1266158226-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4206844412-3915076-1266158226-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4206844412-3915076-1266158226-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4206844412-3915076-1266158226-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4206844412-3915076-1266158226-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4206844412-3915076-1266158226-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32-x32: [Identificador de icono superpuesto para firmas digitales de AutoCAD] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\SysWOW64\AcSignIcon.dll [2006-03-05] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1-x32: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files (x86)\Common Files\Autodesk shared\dwf common\DWFShellExtension.dll [2005-11-15] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Common Files\Nitro\Pro\8.0\NPShellExtension64.dll [2012-12-13] (Nitro PDF Software -> Nitro PDF)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [BigAngryDog_HWipe] -> {B0FFE529-A5D3-4ECE-91C0-9E3585C373D8} => C:\Program Files\Hardwipe\hw-bin\hwshell.dll [2017-04-03] (Big Angry Dog Ltd -> Big Angry Dog)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers3: [BigAngryDog_HWipe] -> {8154B7C1-BB68-457C-931A-5BFABBA86CD9} => C:\Program Files\Hardwipe\hw-bin\hwshell.dll [2017-04-03] (Big Angry Dog Ltd -> Big Angry Dog)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2013-01-24] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado]
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2012-05-18] () [Archivo no firmado]

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\Gastón.idea-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\bea1cfeb4774fda6\Iridium.lnk -> C:\Program Files\Iridium\iridium.exe (The browser authors) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\Users\Gastón.idea-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\200ce23fec0ce6d1\Iridium.lnk -> C:\Program Files\Iridium\iridium.exe (The browser authors) -> --profile-directory=Default

==================== Módulos cargados (Lista blanca) =============

2013-01-24 19:12 - 2013-01-24 19:12 - 000033408 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\CommApi.dll
2013-01-24 19:12 - 2013-01-24 19:12 - 000203392 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\FolderViewImpl.dll
2013-01-24 19:12 - 2013-01-24 19:12 - 000034432 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\ipc.dll
2013-01-24 19:13 - 2013-01-24 19:13 - 000290944 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll
2013-01-24 19:13 - 2013-01-24 19:13 - 000027264 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\TCPConnection.dll
2013-01-24 19:13 - 2013-01-24 19:13 - 000113280 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\utils.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\46616265.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LmpcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0021 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0022 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0023 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0024 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0025 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0026 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0027 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0028 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0029 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0030 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0031 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0032 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0033 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0034 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0035 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0036 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0037 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0038 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0039 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0040 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0041 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0042 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0043 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0044 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0045 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0046 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0047 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0048 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0049 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0050 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0051 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0052 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0053 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0054 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0055 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0056 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0057 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0058 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0059 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0060 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0061 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0062 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0063 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0064 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0065 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0066 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0067 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0068 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0069 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0070 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0071 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0072 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0073 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0074 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0075 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0076 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0077 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0078 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0079 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0080 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0081 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0082 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0083 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0084 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0085 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0086 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0087 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0088 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0089 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0090 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0091 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0092 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0093 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0094 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0095 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0096 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0097 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0098 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0099 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0100 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\46616265.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmpcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0021 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0022 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0023 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0024 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0025 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0026 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0027 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0028 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0029 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0030 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0031 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0032 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0033 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0034 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0035 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0036 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0037 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0038 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0039 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0040 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0041 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0042 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0043 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0044 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0045 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0046 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0047 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0048 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0049 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0050 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0051 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0052 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0053 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0054 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0055 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0056 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0057 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0058 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0059 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0060 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0061 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0062 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0063 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0064 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0065 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0066 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0067 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0068 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0069 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0070 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0071 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0072 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0073 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0074 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0075 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0076 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0077 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0078 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0079 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0080 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0081 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0082 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0083 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0084 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0085 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0086 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0087 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0088 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0089 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0090 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0091 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0092 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0093 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0094 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0095 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0096 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0097 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0098 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0099 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0100 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

Addition.txt parte 2

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ar.yahoo.com?fr=fp-comodo&type=138430100005_12.1.0.6914_i_hp
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-4206844412-3915076-1266158226-501\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/
HKU\S-1-5-21-4206844412-3915076-1266158226-501\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-4206844412-3915076-1266158226-501\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4206844412-3915076-1266158226-1001 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://ar.search_path.yahoo.com/search_path?p={searchTerms}&fr=chr-comodo&type=138430100005_12.1.0.6914_i_ds
SearchScopes: HKU\S-1-5-21-4206844412-3915076-1266158226-1007 -> {254400EB-C42E-48D7-89F3-F0C453074118} URL = 
SearchScopes: HKU\S-1-5-21-4206844412-3915076-1266158226-501 -> {254400EB-C42E-48D7-89F3-F0C453074118} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-06] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Hay 7863 más sitios.

IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\1-2005-search.com -> www.1-2005-search.com

Hay 12653 más sitios.

IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\1-2005-search.com -> www.1-2005-search.com

Hay 12653 más sitios.

IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\1-2005-search.com -> www.1-2005-search.com

Hay 12653 más sitios.


==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2013-08-22 10:25 - 2021-03-08 20:16 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\Windows Live\Shared;C:\Python27;C:\Python27\Scripts;C:\adb
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-4206844412-3915076-1266158226-501\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 10.129.132.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
Firewall de Windows está habilitado.

Network Binding:
=============
Ethernet: SoftEther Lightweight Network Protocol -> selow (enabled) 
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled) 
Conexión de red Bluetooth: SoftEther Lightweight Network Protocol -> selow (enabled) 
Wi-Fi: SoftEther Lightweight Network Protocol -> selow (enabled) 
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled) 
PdaNet Broadband Connection: SoftEther Lightweight Network Protocol -> selow (enabled) 
PdaNet Broadband Connection: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled) 
Ethernet 2: SoftEther Lightweight Network Protocol -> selow (enabled) 
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled) 
VirtualBox Host-Only Network: SoftEther Lightweight Network Protocol -> selow (enabled) 
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled) 

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: Autodesk Licensing Service => 3
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: brave => 2
MSCONFIG\Services: bravem => 3
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: CxAudMsg => 2
MSCONFIG\Services: DragonUpdater => 2
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LmpcService => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: NitroDriverReadSpool8 => 2
MSCONFIG\Services: nlsX86cc => 2
MSCONFIG\Services: SamsungUPDUtilSvc => 2
MSCONFIG\Services: TurboVPNService => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: WindscribeService => 2
MSCONFIG\Services: ZAtheros Bt and Wlan Coex Agent => 2
HKLM\...\StartupApproved\StartupFolder: => "Acelerador de inicio de AutoCAD.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Intel AppUp(SM) center"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "mcui_exe"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "Lightshot"
HKLM\...\StartupApproved\Run32: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\StartupFolder: => "hide.me VPN.lnk"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\StartupFolder: => "PdaNet Desktop.lnk"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\Run: => "TunnelBear"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\Run: => "STUISpeedLauncher"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\StartupApproved\Run: => "TunnelBear"
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\StartupApproved\Run: => "TunnelBear"
HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\StartupApproved\Run: => "Lync"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [TCP Query User{6799B78F-4919-43EC-9117-A8006F5B4751}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{03DE6259-91B7-41C0-BDAA-698714875818}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)

==================== Puntos de Restauración =========================

22-02-2021 20:38:11 Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127
24-02-2021 02:27:33 ZHPcleaner
03-03-2021 22:48:51 Punto de control programado
06-03-2021 23:20:38 Eliminado Qualcomm Atheros 11ac Wireless LAN Installer

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Temporizador de eventos de alta precisión
Description: Temporizador de eventos de alta precisión
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Dispositivos de sistema estándar)
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (03/08/2021 02:34:16 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (03/08/2021 02:34:16 AM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (03/06/2021 11:21:22 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy8 - 0000000000000198,0x00560034,000000AF20743100,0,000000AF20746130,4096,[0]). HR = 0x80070057, El parámetro no es correcto.
.


Operación:
   Procesar PreFinalCommitSnapshots

Contexto:
   Contexto de ejecución: System Provider

Error: (02/24/2021 02:37:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: MBAMService.exe, versión: 3.2.0.943, marca de tiempo: 0x5fbd5689
Nombre del módulo con errores: ntdll.dll, versión: 6.3.9600.19678, marca de tiempo: 0x5e82c88a
Código de excepción: 0xc0000008
Desplazamiento de errores: 0x00000000000ecf40
Identificador del proceso con errores: 0x788
Hora de inicio de la aplicación con errores: 0x01d70ad3686f3882
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: efbab4bd-76c6-11eb-8486-2016d8bee72a
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (02/22/2021 08:42:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: lghub_installer.exe, versión: 2020.12.3534.0, marca de tiempo: 0x5fcebcd8
Nombre del módulo con errores: ntdll.dll, versión: 6.3.9600.19678, marca de tiempo: 0x5e82c88a
Código de excepción: 0xc000000d
Desplazamiento de errores: 0x0000000000102c20
Identificador del proceso con errores: 0x12b8
Hora de inicio de la aplicación con errores: 0x01d70973bdf289ea
Ruta de acceso de la aplicación con errores: C:\Users\Gastón.idea-PC\Desktop\lghub_installer.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: a51879f9-7567-11eb-8480-2016d8bee72a
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (02/10/2021 05:04:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: avp.exe, versión: 21.2.16.590, marca de tiempo: 0xd2b8f349
Nombre del módulo con errores: app_core_legacy.dll, versión: 30.549.0.860, marca de tiempo: 0x5f8a359a
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00094bde
Identificador del proceso con errores: 0x1c0
Hora de inicio de la aplicación con errores: 0x01d6ff835937a7fd
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.2\avp.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.2\app_core_legacy.dll
Identificador del informe: 9b8c5263-6b76-11eb-8423-2016d8bee72a
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (02/01/2021 08:41:41 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: El procedimiento de recopilación para el servicio "C:\Windows\System32\winspool.drv" en el archivo DLL "Spooler" generó una excepción o devolvió un estado no válido. Los datos de rendimiento devueltos por el archivo DLL del contador no se devolverán en el bloque de datos de rendimiento. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de excepción o de estado.

Error: (02/01/2021 08:41:41 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows no puede cargar el archivo DLL del contador extensible rdyboost. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error de Windows.


Errores del sistema:
=============
Error: (03/08/2021 10:35:50 PM) (Source: DCOM) (EventID: 10010) (User: IDEAPC)
Description: El servidor {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (03/08/2021 10:33:50 PM) (Source: DCOM) (EventID: 10010) (User: IDEAPC)
Description: El servidor {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (03/08/2021 09:44:20 PM) (Source: DCOM) (EventID: 10010) (User: IDEAPC)
Description: El servidor {1B1F472E-3221-4826-97DB-2C2324D389AE} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (03/08/2021 09:43:51 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a42\SystemRoot\System32\Config\RegBack\SYSTEM

Error: (03/08/2021 09:29:37 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: El controlador Bluetooth esperaba un evento HCI con un tamaño determinado pero no lo recibió.

Error: (03/08/2021 09:24:05 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: El controlador Bluetooth esperaba un evento HCI con un tamaño determinado pero no lo recibió.

Error: (03/08/2021 09:18:15 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: El controlador Bluetooth esperaba un evento HCI con un tamaño determinado pero no lo recibió.

Error: (03/08/2021 09:08:13 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: El controlador Bluetooth esperaba un evento HCI con un tamaño determinado pero no lo recibió.


Windows Defender:
================
Date: 2020-10-04 21:50:02.952
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {2BD98CA3-3F05-4A69-83D1-43C01B599CD2}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-10-02 11:02:17.873
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {847310EB-F7EA-4EEB-A253-C6DCD96EBCAF}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-09-30 22:01:35.340
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {E1A749B4-3B8F-485C-AD42-E5E4D041E3AB}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-09-30 03:00:48.780
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {7EB62FEA-086A-4692-BBCD-2F1D067CD06D}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-09-30 01:29:53.090
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {0091D587-A2BF-4EA9-A94C-C0BE32E20631}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-09-27 00:32:07.633
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará revertirlas a un conjunto de firmas conocidas.
Firmas intentadas: Actual
Código de error: 0x80070002
Descripción del error: El sistema no puede encontrar el archivo especificado. 
Versión de firma: 0.0.0.0;0.0.0.0
Versión de motor: 0.0.0.0

Date: 2020-07-21 21:59:24.036
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.313.1456.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16900.4
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

Date: 2020-04-13 21:52:26.118
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.313.856.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16900.4
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

Date: 2020-04-05 23:47:00.261
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.313.211.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16900.4
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

Date: 2020-03-27 21:34:28.884
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.311.1622.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16800.2
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

==================== Información de la memoria =========================== 

BIOS: LENOVO 5ECN95WW(V9.00) 12/19/2012
Placa base: LENOVO INVALID
Procesador: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Porcentaje de memoria en uso: 13%
RAM física total: 8057.77 MB
RAM física disponible: 7008.25 MB
Virtual total: 12631.77 MB
Virtual disponible: 11578.98 MB

==================== Unidades ================================

Drive c: (Windows8_OS) (Fixed) (Total:650.86 GB) (Free:432.55 GB) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:19.07 GB) NTFS

\\?\Volume{7bd11e14-143d-476c-8bbf-561493cebe3c}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.65 GB) NTFS
\\?\Volume{eba66397-d88a-473c-b213-8e2e62d3520b}\ () (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
\\?\Volume{efd4189c-d2ed-48d6-b668-a86d2592e284}\ (PBR_DRV) (Fixed) (Total:20 GB) (Free:10.93 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 3D63DBBB)

Partition: GPT.

Inicias el ordenador en Modo Normal.

:one: Ahora debes de hacer una COPIA DE SEGURIDAD DEL REGISTRO, para ello:

  • Descargas DelFix en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

  • Marcas solamente la casilla de Create registry backup, el resto te aseguras de que no estén seleccionadas.

  • Presionas en Run.

Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.

Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
Start::
CloseProcesses:
BootExecute: autocheck autochk * sdnclean64.exe
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\BraveSoftwareUpdateTaskMachineCore" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\BraveSoftwareUpdateTaskMachineUA" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\Java Update Scheduler" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
2021-02-20 17:40 - 2021-02-20 18:17 - 000000000 ____D C:\ProgramData\BSD
2021-02-21 12:51 - 2019-06-17 03:15 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-02-21 12:51 - 2017-01-07 20:39 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
S3 aswTap; C:\WINDOWS\system32\DRIVERS\aswTap.sys [44640 2014-04-22] (AVAST Software a.s. -> The OpenVPN Project)
2021-02-23 19:25 - 2020-04-14 04:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\46616265.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LmpcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\46616265.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmpcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
End::

Lo guardas con el nombre de FIXLIST.TXT en tu escritorio (MUY IMPORTANTE). Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.

:warning: El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.

Finalmente, inicia de nuevo el equipo desde el :arrow_forward: Modo Seguro haces el siguiente 2º MÉTODO.

  1. Ejecutas nuevamente FRST.exe (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador).

  2. Presionas sobre Fix/Corregir y esperas a que finalice el proceso. No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.

  3. Cunado finalice, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta.

  4. Reinicias el ordenador en Modo Normal compruebas durante un rato el funcionamiento de este y comentas como sigue el problema inicialmente planteado.

:warning: Muy Importante :warning: Coloca el reporte que te he pedido como se muestra en la siguiente imagen:

Salu2.

Hola, dejo logs

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 28-02-2021
Ejecutado por Gastón (09-03-2021 00:24:43) Run:4
Ejecutado desde C:\Users\Gastón.idea-PC\Desktop
Perfiles cargados: Gastón & lnvitado & Invitado
Modo de Inicio: Safe Mode (with Networking)
==============================================

fixlist contenido:
*****************
CloseProcesses:
BootExecute: autocheck autochk * sdnclean64.exe
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\BraveSoftwareUpdateTaskMachineCore" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\BraveSoftwareUpdateTaskMachineUA" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\Java Update Scheduler" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
2021-02-20 17:40 - 2021-02-20 18:17 - 000000000 ____D C:\ProgramData\BSD
2021-02-21 12:51 - 2019-06-17 03:15 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-02-21 12:51 - 2017-01-07 20:39 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
S3 aswTap; C:\WINDOWS\system32\DRIVERS\aswTap.sys [44640 2014-04-22] (AVAST Software a.s. -> The OpenVPN Project)
2021-02-23 19:25 - 2020-04-14 04:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\46616265.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LmpcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\46616265.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmpcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ning�n archivo)
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:

*****************

Procesos cerrados correctamente.
HKLM\System\CurrentControlSet\Control\Session Manager\\"BootExecute"="autocheck autochk *" => valor restaurado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{618291D8-E52B-4E76-A3A6-187EA19C76C9}" => no encontrado
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{618291D8-E52B-4E76-A3A6-187EA19C76C9}" => no encontrado
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{618291D8-E52B-4E76-A3A6-187EA19C76C9}" => no encontrado
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{618291D8-E52B-4E76-A3A6-187EA19C76C9}" => no encontrado
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{618291D8-E52B-4E76-A3A6-187EA19C76C9}" => no encontrado
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{618291D8-E52B-4E76-A3A6-187EA19C76C9}" => no encontrado
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{618291D8-E52B-4E76-A3A6-187EA19C76C9}" => no encontrado
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"C:\ProgramData\BSD" => no encontrado
"C:\Program Files (x86)\Spybot - Search & Destroy 2" => no encontrado
"C:\ProgramData\Spybot - Search & Destroy" => no encontrado
aswTap => servicio no encontrado.
"C:\WINDOWS\system32\Tasks\Avast Software" => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\46616265.sys => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\BFE => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\BITS => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\dps => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\LmpcService => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\\"Default"="" => valor restaurado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\\"AlternateShell"="cmd.exe" => valor restaurado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\vss => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\WSService => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\46616265.sys => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\BITS => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\camsvc => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\dps => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\lfsvc => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\LmpcService => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\msiserver => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\SamSs => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\srv => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\srv2 => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\srvnet => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\vss => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\WSService => no encontrado
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ning�n archivo) => Error: Ninguna corrección automática encontrada para esta entrada.

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 12 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 3 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en PdaNet Broadband Connection mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= Final de CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Interfaz se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-4206844412-3915076-1266158226-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-4206844412-3915076-1266158226-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5279124 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 41834 B
Edge => 0 B
Chrome => 0 B
Brave => 2204752 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 832 B
NetworkService => 832 B
Gastón.idea-PC => 58366 B
lnvitado => 58366 B
Invitado => 58366 B

RecycleBin => 0 B
EmptyTemp: => 15.3 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 00:25:26 ====

Saludos

OK.

¿Cómo sigue el ordenador en general?

Slau2.

Holas

El system y lo de abrir el administrador de tareas y que tenga cpu/disco alto sigue.

Aviso: compré un adaptador wifi usb ya que estos días necesito conexión a internet estable y no quiero arriesgarme a que me pase lo de quedarme sin internet y se apague la pc. Deshabilité el adaptador que venía incluido con la notebook e instalé los drivers del nuevo.

Saludos

@Diarasas

Pon una captura de pantalla como ya sabes de esto que dices.

Miras el siguiente tema: Herramientas de desinstalación de Antivirus, AntiSpyware y Firewall y del listado de Herramientas que hay descargas las correspondientes para:

  • Avast
  • AVG
  • Avira
  • Comodo
  • McAfee

Y siguiendo sus correspondientes instrucciones desintalas/eliminas completamente los rastros de estos.

Comentas como sigue.

Salu2.

Hola

Ya hice lo de las herramientas de desinstalación. El paso 3 decía que pase el ccleaner ¿lo hago? (desmarcando la opción de Eliminar Dumps de Memoria)

Sobre lo del system alto, estuve usándolo un rato al equipo y veo que estuvo calmado.

Te paso foto del administrador de tareas, este se mantiene unos segundos alto y luego se calma.