Virus detectados ¿quedan rastros?

Addition.txt parte 2

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ar.yahoo.com?fr=fp-comodo&type=138430100005_12.1.0.6914_i_hp
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-4206844412-3915076-1266158226-501\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/
HKU\S-1-5-21-4206844412-3915076-1266158226-501\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-4206844412-3915076-1266158226-501\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4206844412-3915076-1266158226-1001 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://ar.search_path.yahoo.com/search_path?p={searchTerms}&fr=chr-comodo&type=138430100005_12.1.0.6914_i_ds
SearchScopes: HKU\S-1-5-21-4206844412-3915076-1266158226-1007 -> {254400EB-C42E-48D7-89F3-F0C453074118} URL = 
SearchScopes: HKU\S-1-5-21-4206844412-3915076-1266158226-501 -> {254400EB-C42E-48D7-89F3-F0C453074118} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-06] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Hay 7863 más sitios.

IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\1-2005-search.com -> www.1-2005-search.com

Hay 12653 más sitios.

IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\1-2005-search.com -> www.1-2005-search.com

Hay 12653 más sitios.

IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\1-2005-search.com -> www.1-2005-search.com

Hay 12653 más sitios.


==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2013-08-22 10:25 - 2021-03-08 20:16 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\Windows Live\Shared;C:\Python27;C:\Python27\Scripts;C:\adb
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-4206844412-3915076-1266158226-501\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 10.129.132.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
Firewall de Windows está habilitado.

Network Binding:
=============
Ethernet: SoftEther Lightweight Network Protocol -> selow (enabled) 
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled) 
Conexión de red Bluetooth: SoftEther Lightweight Network Protocol -> selow (enabled) 
Wi-Fi: SoftEther Lightweight Network Protocol -> selow (enabled) 
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled) 
PdaNet Broadband Connection: SoftEther Lightweight Network Protocol -> selow (enabled) 
PdaNet Broadband Connection: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled) 
Ethernet 2: SoftEther Lightweight Network Protocol -> selow (enabled) 
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled) 
VirtualBox Host-Only Network: SoftEther Lightweight Network Protocol -> selow (enabled) 
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled) 

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: Autodesk Licensing Service => 3
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: brave => 2
MSCONFIG\Services: bravem => 3
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: CxAudMsg => 2
MSCONFIG\Services: DragonUpdater => 2
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LmpcService => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: NitroDriverReadSpool8 => 2
MSCONFIG\Services: nlsX86cc => 2
MSCONFIG\Services: SamsungUPDUtilSvc => 2
MSCONFIG\Services: TurboVPNService => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: WindscribeService => 2
MSCONFIG\Services: ZAtheros Bt and Wlan Coex Agent => 2
HKLM\...\StartupApproved\StartupFolder: => "Acelerador de inicio de AutoCAD.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Intel AppUp(SM) center"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "mcui_exe"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "Lightshot"
HKLM\...\StartupApproved\Run32: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\StartupFolder: => "hide.me VPN.lnk"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\StartupFolder: => "PdaNet Desktop.lnk"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\Run: => "TunnelBear"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\Run: => "STUISpeedLauncher"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\StartupApproved\Run: => "TunnelBear"
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\StartupApproved\Run: => "TunnelBear"
HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\StartupApproved\Run: => "Lync"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [TCP Query User{6799B78F-4919-43EC-9117-A8006F5B4751}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{03DE6259-91B7-41C0-BDAA-698714875818}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)

==================== Puntos de Restauración =========================

22-02-2021 20:38:11 Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127
24-02-2021 02:27:33 ZHPcleaner
03-03-2021 22:48:51 Punto de control programado
06-03-2021 23:20:38 Eliminado Qualcomm Atheros 11ac Wireless LAN Installer

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Temporizador de eventos de alta precisión
Description: Temporizador de eventos de alta precisión
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Dispositivos de sistema estándar)
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (03/08/2021 02:34:16 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (03/08/2021 02:34:16 AM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (03/06/2021 11:21:22 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy8 - 0000000000000198,0x00560034,000000AF20743100,0,000000AF20746130,4096,[0]). HR = 0x80070057, El parámetro no es correcto.
.


Operación:
   Procesar PreFinalCommitSnapshots

Contexto:
   Contexto de ejecución: System Provider

Error: (02/24/2021 02:37:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: MBAMService.exe, versión: 3.2.0.943, marca de tiempo: 0x5fbd5689
Nombre del módulo con errores: ntdll.dll, versión: 6.3.9600.19678, marca de tiempo: 0x5e82c88a
Código de excepción: 0xc0000008
Desplazamiento de errores: 0x00000000000ecf40
Identificador del proceso con errores: 0x788
Hora de inicio de la aplicación con errores: 0x01d70ad3686f3882
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: efbab4bd-76c6-11eb-8486-2016d8bee72a
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (02/22/2021 08:42:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: lghub_installer.exe, versión: 2020.12.3534.0, marca de tiempo: 0x5fcebcd8
Nombre del módulo con errores: ntdll.dll, versión: 6.3.9600.19678, marca de tiempo: 0x5e82c88a
Código de excepción: 0xc000000d
Desplazamiento de errores: 0x0000000000102c20
Identificador del proceso con errores: 0x12b8
Hora de inicio de la aplicación con errores: 0x01d70973bdf289ea
Ruta de acceso de la aplicación con errores: C:\Users\Gastón.idea-PC\Desktop\lghub_installer.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: a51879f9-7567-11eb-8480-2016d8bee72a
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (02/10/2021 05:04:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: avp.exe, versión: 21.2.16.590, marca de tiempo: 0xd2b8f349
Nombre del módulo con errores: app_core_legacy.dll, versión: 30.549.0.860, marca de tiempo: 0x5f8a359a
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00094bde
Identificador del proceso con errores: 0x1c0
Hora de inicio de la aplicación con errores: 0x01d6ff835937a7fd
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.2\avp.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.2\app_core_legacy.dll
Identificador del informe: 9b8c5263-6b76-11eb-8423-2016d8bee72a
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (02/01/2021 08:41:41 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: El procedimiento de recopilación para el servicio "C:\Windows\System32\winspool.drv" en el archivo DLL "Spooler" generó una excepción o devolvió un estado no válido. Los datos de rendimiento devueltos por el archivo DLL del contador no se devolverán en el bloque de datos de rendimiento. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de excepción o de estado.

Error: (02/01/2021 08:41:41 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows no puede cargar el archivo DLL del contador extensible rdyboost. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error de Windows.


Errores del sistema:
=============
Error: (03/08/2021 10:35:50 PM) (Source: DCOM) (EventID: 10010) (User: IDEAPC)
Description: El servidor {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (03/08/2021 10:33:50 PM) (Source: DCOM) (EventID: 10010) (User: IDEAPC)
Description: El servidor {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (03/08/2021 09:44:20 PM) (Source: DCOM) (EventID: 10010) (User: IDEAPC)
Description: El servidor {1B1F472E-3221-4826-97DB-2C2324D389AE} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (03/08/2021 09:43:51 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a42\SystemRoot\System32\Config\RegBack\SYSTEM

Error: (03/08/2021 09:29:37 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: El controlador Bluetooth esperaba un evento HCI con un tamaño determinado pero no lo recibió.

Error: (03/08/2021 09:24:05 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: El controlador Bluetooth esperaba un evento HCI con un tamaño determinado pero no lo recibió.

Error: (03/08/2021 09:18:15 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: El controlador Bluetooth esperaba un evento HCI con un tamaño determinado pero no lo recibió.

Error: (03/08/2021 09:08:13 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: El controlador Bluetooth esperaba un evento HCI con un tamaño determinado pero no lo recibió.


Windows Defender:
================
Date: 2020-10-04 21:50:02.952
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {2BD98CA3-3F05-4A69-83D1-43C01B599CD2}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-10-02 11:02:17.873
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {847310EB-F7EA-4EEB-A253-C6DCD96EBCAF}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-09-30 22:01:35.340
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {E1A749B4-3B8F-485C-AD42-E5E4D041E3AB}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-09-30 03:00:48.780
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {7EB62FEA-086A-4692-BBCD-2F1D067CD06D}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-09-30 01:29:53.090
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {0091D587-A2BF-4EA9-A94C-C0BE32E20631}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-09-27 00:32:07.633
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará revertirlas a un conjunto de firmas conocidas.
Firmas intentadas: Actual
Código de error: 0x80070002
Descripción del error: El sistema no puede encontrar el archivo especificado. 
Versión de firma: 0.0.0.0;0.0.0.0
Versión de motor: 0.0.0.0

Date: 2020-07-21 21:59:24.036
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.313.1456.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16900.4
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

Date: 2020-04-13 21:52:26.118
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.313.856.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16900.4
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

Date: 2020-04-05 23:47:00.261
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.313.211.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16900.4
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

Date: 2020-03-27 21:34:28.884
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.311.1622.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16800.2
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

==================== Información de la memoria =========================== 

BIOS: LENOVO 5ECN95WW(V9.00) 12/19/2012
Placa base: LENOVO INVALID
Procesador: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Porcentaje de memoria en uso: 13%
RAM física total: 8057.77 MB
RAM física disponible: 7008.25 MB
Virtual total: 12631.77 MB
Virtual disponible: 11578.98 MB

==================== Unidades ================================

Drive c: (Windows8_OS) (Fixed) (Total:650.86 GB) (Free:432.55 GB) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:19.07 GB) NTFS

\\?\Volume{7bd11e14-143d-476c-8bbf-561493cebe3c}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.65 GB) NTFS
\\?\Volume{eba66397-d88a-473c-b213-8e2e62d3520b}\ () (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
\\?\Volume{efd4189c-d2ed-48d6-b668-a86d2592e284}\ (PBR_DRV) (Fixed) (Total:20 GB) (Free:10.93 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 3D63DBBB)

Partition: GPT.

Inicias el ordenador en Modo Normal.

:one: Ahora debes de hacer una COPIA DE SEGURIDAD DEL REGISTRO, para ello:

  • Descargas DelFix en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

  • Marcas solamente la casilla de Create registry backup, el resto te aseguras de que no estén seleccionadas.

  • Presionas en Run.

Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.

Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
Start::
CloseProcesses:
BootExecute: autocheck autochk * sdnclean64.exe
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\BraveSoftwareUpdateTaskMachineCore" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\BraveSoftwareUpdateTaskMachineUA" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\Java Update Scheduler" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
2021-02-20 17:40 - 2021-02-20 18:17 - 000000000 ____D C:\ProgramData\BSD
2021-02-21 12:51 - 2019-06-17 03:15 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-02-21 12:51 - 2017-01-07 20:39 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
S3 aswTap; C:\WINDOWS\system32\DRIVERS\aswTap.sys [44640 2014-04-22] (AVAST Software a.s. -> The OpenVPN Project)
2021-02-23 19:25 - 2020-04-14 04:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\46616265.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LmpcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\46616265.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmpcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
End::

Lo guardas con el nombre de FIXLIST.TXT en tu escritorio (MUY IMPORTANTE). Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.

:warning: El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.

Finalmente, inicia de nuevo el equipo desde el :arrow_forward: Modo Seguro haces el siguiente 2º MÉTODO.

  1. Ejecutas nuevamente FRST.exe (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador).

  2. Presionas sobre Fix/Corregir y esperas a que finalice el proceso. No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.

  3. Cunado finalice, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta.

  4. Reinicias el ordenador en Modo Normal compruebas durante un rato el funcionamiento de este y comentas como sigue el problema inicialmente planteado.

:warning: Muy Importante :warning: Coloca el reporte que te he pedido como se muestra en la siguiente imagen:

Salu2.

Hola, dejo logs

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 28-02-2021
Ejecutado por Gastón (09-03-2021 00:24:43) Run:4
Ejecutado desde C:\Users\Gastón.idea-PC\Desktop
Perfiles cargados: Gastón & lnvitado & Invitado
Modo de Inicio: Safe Mode (with Networking)
==============================================

fixlist contenido:
*****************
CloseProcesses:
BootExecute: autocheck autochk * sdnclean64.exe
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\BraveSoftwareUpdateTaskMachineCore" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\BraveSoftwareUpdateTaskMachineUA" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\Java Update Scheduler" /ENABLE
Task: {618291D8-E52B-4E76-A3A6-187EA19C76C9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
2021-02-20 17:40 - 2021-02-20 18:17 - 000000000 ____D C:\ProgramData\BSD
2021-02-21 12:51 - 2019-06-17 03:15 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-02-21 12:51 - 2017-01-07 20:39 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
S3 aswTap; C:\WINDOWS\system32\DRIVERS\aswTap.sys [44640 2014-04-22] (AVAST Software a.s. -> The OpenVPN Project)
2021-02-23 19:25 - 2020-04-14 04:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\46616265.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LmpcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\46616265.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmpcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ning�n archivo)
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:

*****************

Procesos cerrados correctamente.
HKLM\System\CurrentControlSet\Control\Session Manager\\"BootExecute"="autocheck autochk *" => valor restaurado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{618291D8-E52B-4E76-A3A6-187EA19C76C9}" => no encontrado
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{618291D8-E52B-4E76-A3A6-187EA19C76C9}" => no encontrado
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{618291D8-E52B-4E76-A3A6-187EA19C76C9}" => no encontrado
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{618291D8-E52B-4E76-A3A6-187EA19C76C9}" => no encontrado
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{618291D8-E52B-4E76-A3A6-187EA19C76C9}" => no encontrado
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{618291D8-E52B-4E76-A3A6-187EA19C76C9}" => no encontrado
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{618291D8-E52B-4E76-A3A6-187EA19C76C9}" => no encontrado
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => no encontrado
"C:\ProgramData\BSD" => no encontrado
"C:\Program Files (x86)\Spybot - Search & Destroy 2" => no encontrado
"C:\ProgramData\Spybot - Search & Destroy" => no encontrado
aswTap => servicio no encontrado.
"C:\WINDOWS\system32\Tasks\Avast Software" => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\46616265.sys => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\BFE => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\BITS => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\dps => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\LmpcService => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\\"Default"="" => valor restaurado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\\"AlternateShell"="cmd.exe" => valor restaurado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\vss => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\WSService => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\46616265.sys => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\BITS => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\camsvc => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\dps => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\lfsvc => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\LmpcService => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\msiserver => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\SamSs => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\srv => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\srv2 => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\srvnet => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\vss => no encontrado
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\WSService => no encontrado
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ning�n archivo) => Error: Ninguna corrección automática encontrada para esta entrada.

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 12 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 3 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en PdaNet Broadband Connection mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= Final de CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Interfaz se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-4206844412-3915076-1266158226-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-4206844412-3915076-1266158226-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5279124 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 41834 B
Edge => 0 B
Chrome => 0 B
Brave => 2204752 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 832 B
NetworkService => 832 B
Gastón.idea-PC => 58366 B
lnvitado => 58366 B
Invitado => 58366 B

RecycleBin => 0 B
EmptyTemp: => 15.3 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 00:25:26 ====

Saludos

OK.

¿Cómo sigue el ordenador en general?

Slau2.

Holas

El system y lo de abrir el administrador de tareas y que tenga cpu/disco alto sigue.

Aviso: compré un adaptador wifi usb ya que estos días necesito conexión a internet estable y no quiero arriesgarme a que me pase lo de quedarme sin internet y se apague la pc. Deshabilité el adaptador que venía incluido con la notebook e instalé los drivers del nuevo.

Saludos

@Diarasas

Pon una captura de pantalla como ya sabes de esto que dices.

Miras el siguiente tema: Herramientas de desinstalación de Antivirus, AntiSpyware y Firewall y del listado de Herramientas que hay descargas las correspondientes para:

  • Avast
  • AVG
  • Avira
  • Comodo
  • McAfee

Y siguiendo sus correspondientes instrucciones desintalas/eliminas completamente los rastros de estos.

Comentas como sigue.

Salu2.

Hola

Ya hice lo de las herramientas de desinstalación. El paso 3 decía que pase el ccleaner ¿lo hago? (desmarcando la opción de Eliminar Dumps de Memoria)

Sobre lo del system alto, estuve usándolo un rato al equipo y veo que estuvo calmado.

Te paso foto del administrador de tareas, este se mantiene unos segundos alto y luego se calma.

Hola @Diarasas

Sí, claro. Hazlo pero desmarcando dicha opción, ya que así se conservaran los dmp para que después con @frica los podáis analizar.

¿Tuviste algún problema en desinstalar alguno de los antivirus/restos con sus correspondientes herramientas? ¿Fue todo bien?

OK.

OK.

Lo haces, me comentas acerca de lo que te digo y seguimos.

Salu2.

Hola

Ya pasé el Ccleaner, desactivando esa opción.

Respecto a los desinstaladores, todo OK, aunque creo que el comodo no se desinstaló bien ya que usando el search siguen saliendo rastros

Hola @Diarasas

Ok. Perfecto.

Perfecto. Vuelve a ejecutar FRST y quitaremos esos restos de antivirus que queden residuales y persistentes. Traes los dos reportes, como siempre.

Salu2.

Hola

Estuve viendo en el search y al final siguen quedando rastros del avg, avast y comodo ¿Los elimino con botón secundario?.

Dejo reportes

FRST

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 28-02-2021
Ejecutado por Gastón (administrador) sobre IDEAPC (LENOVO 20150) (12-03-2021 20:52:06)
Ejecutado desde C:\Users\Gastón.idea-PC\Desktop
Perfiles cargados: Gastón & lnvitado & Invitado
Platform: Windows 8.1 Single Language (Update) (X64) Idioma: Español (España, internacional)
Navegador predeterminado: "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" --single-argument %1
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) [Archivo no firmado]
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel® Services Manager -> Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [NoThumbnailCache] 1
HKLM\...\Policies\Explorer: [DisableThumbnailCache] 1
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [NoPublishingWizard] 1
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Run: [f.lux] => C:\Users\Gastón.idea-PC\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Michael Herf -> Flux Software LLC)
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [123792272 2021-02-22] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2223048 2021-03-06] (Brave Software, Inc. -> Brave Software, Inc.)
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\Run: [f.lux] => C:\Users\Gastón.idea-PC\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Michael Herf -> Flux Software LLC)
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-28] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\Run: [f.lux] => C:\Users\Gastón.idea-PC\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Michael Herf -> Flux Software LLC)
HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-28] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\Run: [STUISpeedLauncher] => "C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe" -speedlauncher -minVer:6.6.58.0
HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\us005PC: C:\Windows\System32\spool\prtprocs\x64\us005pc.dll [52240 2016-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Nitro PDF Port Monitor: C:\WINDOWS\system32\nitrolocalmon2.dll [29704 2012-12-13] (Nitro PDF Software -> Nitro PDF Software)
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\us005 Langmon: C:\WINDOWS\system32\us005lm.dll [31256 2016-09-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\89.1.21.76\Installer\chrmstp.exe [2021-03-12] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-01-24] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-01-24] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acelerador de inicio de AutoCAD.lnk [2016-06-16]
ShortcutTarget: Acelerador de inicio de AutoCAD.lnk -> C:\Program Files (x86)\Common Files\Autodesk Shared\acstart17.exe (Autodesk, Inc -> Autodesk, Inc)
Startup: C:\Users\Gastón.idea-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk [2021-02-20]
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe (June Fabrics Technology Inc. -> )

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {0813AF20-659B-4445-9E56-BB8FC5CF3346} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {0CE4F5A8-F4CA-45E4-AC54-6834A43B5988} - System32\Tasks\Microsoft\Windows\PLA\WPPTracingSession => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "WPPTracingSession" "$(Arg0)"
Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {11E4D3ED-D620-4FD8-AF84-A6B789DA242D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [978672 2017-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {139788A8-F7FD-4B88-BC47-F66A3AC2EFCD} - System32\Tasks\UsbFix Monitor => C:\Program Files (x86)\UsbFix\Modules\UsbFixMonitor.exe [1239176 2020-12-02] (SOSVIRUS (LE BOZEC CEDRIC, DOMINIQUE, MARIE) -> )
Task: {1808EBE6-33B6-4E4B-AC95-DF54ACD237EE} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157544 2020-07-22] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {1ACBE919-7AC7-4EFB-A076-17E61FB13151} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B1C8F00-FA30-49C9-8A04-B4F9FBEEB9B3} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {2EA21998-14F2-44C7-946A-1070CFA87DCF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {2FDCE8D8-DC52-4CBD-897C-FDE12823E88E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {67A9884E-E842-4593-AA7F-A3C9388232A6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {69F69A34-524B-4901-92FD-05FBDD8D0C08} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {8626F4D6-2AE4-4526-AF36-E08513EFCD54} - System32\Tasks\Google Updater and Installer => C:\Users\Gastón\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-06-12] (Google Inc -> Google Inc.)
Task: {88A4F2D3-5D09-4C2D-945D-E8041C360C09} - System32\Tasks\UsbFix Boot Scan => C:\Program Files (x86)\UsbFix\UsbFix.exe [2053256 2020-12-02] (SOSVIRUS (LE BOZEC CEDRIC, DOMINIQUE, MARIE) -> )
Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {9D080B6F-914C-4B49-8F56-68CE7D609E7F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [978672 2017-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F982064-3372-400C-B7A8-EE8DFA35BDFA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A93978FA-15D9-4C85-BE53-CE2788E74212} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {ABC584C4-7B63-4D2E-8686-B9777D34D832} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle America, Inc. -> Oracle Corporation)
Task: {ECA9C953-9493-41ED-8707-CBE0E969D7A0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4C4FD96-1DB7-43F1-B0F0-7C94A9AB7D97} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157544 2020-07-22] (Brave Software, Inc. -> BraveSoftware Inc.)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 190.105.0.5 190.105.0.4
Tcpip\..\Interfaces\{5C517605-40D6-45EB-BF01-0EF24F14546E}: [NameServer] 10.129.132.1
Tcpip\..\Interfaces\{6FA458E3-03A5-460E-85BC-F581433F1F05}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{8B09C289-CF1B-4C59-B3A0-08F027A2FBD8}: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{91CE4EF5-316D-48ED-B01F-A2FEF2828C90}: [DhcpNameServer] 190.105.0.5 190.105.0.4

FireFox:
========
FF ProfilePath: C:\Users\Gastón.idea-PC\AppData\Roaming\Mozilla\Firefox\Profiles\4JP5qivp.default [2021-02-20]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-08-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2012-12-13] (Nitro PDF Software -> Nitro PDF)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-07-22] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-07-22] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin HKU\S-1-5-21-4206844412-3915076-1266158226-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gastón.idea-PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies SF -> Unity Technologies ApS)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Gastón.idea-PC\AppData\Local\Google\Chrome\User Data\Default [2021-03-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gastón.idea-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-10-06]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm

Brave: 
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-03-12]
BRA DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}&t=brave
BRA DefaultSearchKeyword: Default -> :d
BRA DefaultSuggestURL: Default -> hxxps://ac.duckduckgo.com/ac/?q={searchTerms}&type=list
BRA Extension: (Video Downloader professional) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2020-07-24]
BRA Extension: (Secure Bookmarks) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\leocjgngiajhfiikjolfhcpiokgbinep [2020-07-21]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-02-20]
BRA Extension: (Brave User Model Installer) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\ahiocclicnhmiobhocikfdamfccbehhn [2020-12-20]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-03-12]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-11-29]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\golcdmhaefcpmdoofahgnhnfldidgjfl [2021-03-12]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-02-20]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-03-10]
BRA Extension: (Origin Trials Updates) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\OriginTrials [2020-10-02]
BRA Extension: (Brave Ad Block Updater (EasyList Spanish)) - C:\Users\Gastón.idea-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\pdecoifadfkklajdlmndjpkhabpklldh [2021-03-12]
StartMenuInternet: Brave - C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-24] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado]
S4 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [77944 2014-06-21] (Autodesk, Inc -> Autodesk)
S2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe [384280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5708808 2018-04-21] (BattlEye Innovations e.K. -> )
S4 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157544 2020-07-22] (Brave Software, Inc. -> BraveSoftware Inc.)
S4 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157544 2020-07-22] (Brave Software, Inc. -> BraveSoftware Inc.)
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation -> Microsoft Corporation)
S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [775296 2018-04-21] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10897296 2021-02-22] (Logitech Inc -> Logitech, Inc.)
S4 LmpcService; C:\Program Files\Lock My PC 4\LmpcServ.exe [52592 2007-06-12] (FSPro Labs -> )
S4 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software -> Nitro PDF Software)
S4 nlsX86cc; C:\WINDOWS\SysWOW64\NLSSRV32.EXE [70152 2012-12-13] (Nitro PDF Software -> Nalpeiron Ltd.)
S2 RunSwUSB; C:\Windows\runSW.exe [59232 2018-05-02] (Realtek Semiconductor Corp. -> )
S3 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [508488 2018-04-25] (HP Inc. -> )
S4 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [143664 2018-04-11] (Samsung Electronics CO., LTD. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S4 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-01-24] (Atheros) [Archivo no firmado]

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 AMPPAL; C:\WINDOWS\System32\drivers\AMPPAL.sys [195584 2011-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 fwdrv; C:\WINDOWS\system32\DRIVERS\fwdrv.sys [27840 2014-03-22] (Web Solution Mart -> Web Solution Mart)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-05-14] (Martin Malik - REALiX -> REALiX(tm))
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [657176 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1400584 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [96008 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [230976 2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [86656 2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [275664 2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [101112 2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [190952 2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 LGHUBTemperatureService; C:\ProgramData\LGHUB\depots\73248\driver_cpu_temperature\logi_core_temp.sys [25448 2021-02-22] (Logitech Inc. -> Logitech)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [38136 2021-02-22] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [26672 2021-02-22] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66808 2021-02-22] (Logitech Inc -> Logitech)
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [58280 2018-07-27] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
S3 Neo_VPN; C:\WINDOWS\system32\DRIVERS\Neo_VPN.sys [38432 2018-03-10] (SoftEther Corporation -> SoftEther Corporation)
S3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [29888 2020-06-10] (TEFINCOM S.A. -> WireGuard LLC)
S3 phantomtap; C:\WINDOWS\system32\DRIVERS\phantomtap.sys [35664 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 RtlWlanu; C:\WINDOWS\system32\DRIVERS\rtwlanu.sys [7026496 2018-05-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [50888 2018-06-09] (SoftEther Corporation -> SoftEther Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap-tb-0901; C:\WINDOWS\system32\DRIVERS\tap-tb-0901.sys [38656 2015-08-10] (TunnelBear, Inc. -> The OpenVPN Project)
R3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapnordvpn; C:\WINDOWS\system32\DRIVERS\tapnordvpn.sys [35592 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\system32\DRIVERS\tapprotonvpn.sys [39864 2020-04-06] (ProtonVPN AG -> The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\system32\DRIVERS\tapwindscribe0901.sys [45560 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
S3 TS_ARN5416; C:\WINDOWS\system32\DRIVERS\ts_athrx.sys [3508584 2017-05-11] (TamoSoft Ltd -> TamoSoft)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-12-18] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [194976 2015-12-18] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [125008 2015-11-10] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29576 2020-08-02] (WireGuard LLC -> WireGuard LLC)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-03-12 20:52 - 2021-03-12 20:53 - 000027342 _____ C:\Users\Gastón.idea-PC\Desktop\FRST.txt
2021-03-12 17:53 - 2021-03-12 17:53 - 000009385 _____ C:\Users\Gastón.idea-PC\Desktop\UsbFix_Report.txt
2021-03-11 00:37 - 2021-03-11 00:37 - 004146112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgremoverx.exe
2021-03-10 16:57 - 2021-03-10 16:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-Link
2021-03-10 16:56 - 2021-03-10 16:56 - 000000000 ____D C:\Program Files (x86)\TP-Link
2021-03-10 16:56 - 2018-05-04 14:38 - 007026496 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\rtwlanu.sys
2021-03-10 16:56 - 2018-05-04 14:38 - 007026496 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlanu.sys
2021-03-10 16:56 - 2018-05-04 14:38 - 001183040 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\system32\Rtlihvs.dll
2021-03-10 16:56 - 2018-05-04 14:38 - 000115008 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\system32\RtlExtUI.dll
2021-03-10 16:56 - 2018-05-04 14:38 - 000049472 _____ (Windows (R) Server 2003 DDK provider) C:\WINDOWS\system32\rtlCoInst.dll
2021-03-10 16:56 - 2018-05-04 14:38 - 000028147 _____ C:\WINDOWS\system32\netrtwlanu.cat
2021-03-10 16:56 - 2018-05-04 14:38 - 000013286 _____ C:\WINDOWS\system32\PwrTblRate_T3Uv1_Enc.txt
2021-03-10 16:56 - 2018-05-04 14:38 - 000013286 _____ C:\WINDOWS\system32\Drivers\PwrTblRate_T3Uv1_Enc.txt
2021-03-10 16:56 - 2018-05-04 14:38 - 000011347 _____ C:\WINDOWS\system32\rtlCoInst.dat
2021-03-10 16:56 - 2018-05-04 14:38 - 000011079 _____ C:\WINDOWS\system32\PwrTblLmt_T3Uv1_Enc.txt
2021-03-10 16:56 - 2018-05-04 14:38 - 000011079 _____ C:\WINDOWS\system32\Drivers\PwrTblLmt_T3Uv1_Enc.txt
2021-03-10 16:56 - 2018-05-02 15:01 - 000509792 _____ (Realtek) C:\WINDOWS\SwUSB.exe
2021-03-10 16:56 - 2018-05-02 15:01 - 000059232 _____ () C:\WINDOWS\runSW.exe
2021-03-10 16:47 - 2021-03-10 16:56 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Local\TP-Link
2021-03-10 16:47 - 2021-03-10 16:55 - 000000000 ____D C:\ProgramData\TP-Link
2021-03-09 00:15 - 2021-03-09 00:15 - 000000255 _____ C:\Users\Gastón.idea-PC\Desktop\DelFix1.txt
2021-03-09 00:02 - 2021-03-09 00:02 - 000067177 _____ C:\Users\Gastón.idea-PC\Desktop\nuevoFixlog.txt
2021-03-08 23:54 - 2021-03-08 23:54 - 000000255 _____ C:\Users\Gastón.idea-PC\Desktop\DelFix.txt
2021-03-08 22:35 - 2021-03-08 22:59 - 000085912 _____ C:\Users\Gastón.idea-PC\Desktop\viejoooAddition.txt
2021-03-08 22:33 - 2021-03-08 23:08 - 000044330 _____ C:\Users\Gastón.idea-PC\Desktop\viejooooFRST.txt
2021-03-08 20:16 - 2021-03-08 20:20 - 000017998 _____ C:\Users\Gastón.idea-PC\Desktop\viejooFixlog.txt
2021-03-08 19:56 - 2021-03-08 19:56 - 000797760 _____ C:\Users\Gastón.idea-PC\Desktop\delfix.exe
2021-03-06 21:50 - 2021-03-06 21:50 - 007461704 _____ (VS Revo Group ) C:\Users\Gastón.idea-PC\Desktop\revosetup.exe
2021-03-06 21:50 - 2021-03-06 21:50 - 000001021 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2021-03-06 21:50 - 2021-03-06 21:50 - 000001021 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2021-03-06 18:46 - 2021-03-06 18:46 - 000262144 ____N C:\WINDOWS\Minidump\030621-67812-01.dmp
2021-03-04 20:42 - 2021-03-04 20:42 - 000275664 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2021-03-04 20:02 - 2021-03-04 20:29 - 000091249 _____ C:\Users\Gastón.idea-PC\Desktop\AdditioVIEJOOn.txt
2021-03-04 20:00 - 2021-03-04 20:22 - 000045359 _____ C:\Users\Gastón.idea-PC\Desktop\VIEJOOFRST.txt
2021-03-04 19:57 - 2021-03-04 19:57 - 000230976 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2021-03-04 19:57 - 2021-03-04 19:57 - 000190952 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2021-03-04 19:57 - 2021-03-04 19:57 - 000101112 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2021-03-04 19:57 - 2021-03-04 19:57 - 000086656 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2021-03-04 19:56 - 2021-02-19 21:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2021-03-04 19:55 - 2021-02-19 21:08 - 001042712 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2021-03-04 19:55 - 2021-02-19 21:08 - 000514840 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2021-03-04 19:12 - 2021-03-04 19:12 - 002301440 _____ (Farbar) C:\Users\Gastón.idea-PC\Desktop\FRST64.exe
2021-03-02 20:49 - 2021-03-02 20:49 - 000009801 _____ C:\Users\Gastón.idea-PC\Desktop\document.pdf
2021-03-01 21:54 - 2021-03-01 21:54 - 000688640 _____ C:\Users\Gastón.idea-PC\Desktop\TDSSKiller.3.1.0.28_01.03.2021_20.49.46_log.txt
2021-03-01 20:49 - 2021-03-01 20:55 - 000688640 _____ C:\TDSSKiller.3.1.0.28_01.03.2021_20.49.46_log.txt
2021-03-01 20:41 - 2021-03-01 20:42 - 000009290 _____ C:\TDSSKiller.3.1.0.28_01.03.2021_20.41.30_log.txt
2021-03-01 20:41 - 2021-03-01 20:41 - 000009124 _____ C:\TDSSKiller.3.1.0.28_01.03.2021_20.41.18_log.txt
2021-03-01 20:40 - 2021-03-01 20:41 - 000000562 _____ C:\TDSSKiller.3.1.0.28_01.03.2021_20.40.58_log.txt
2021-03-01 19:41 - 2021-03-01 19:41 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\467354ED.sys
2021-03-01 19:40 - 2021-03-01 20:39 - 000000000 ____D C:\Users\Gastón.idea-PC\Desktop\mbar
2021-03-01 19:31 - 2021-03-01 19:35 - 000009668 _____ C:\Users\Gastón.idea-PC\Desktop\UsbFix.txt
2021-03-01 19:27 - 2021-03-12 17:53 - 000001906 _____ C:\Users\Public\Desktop\UsbFix Anti-Malware.lnk
2021-03-01 19:27 - 2021-03-12 17:53 - 000001906 _____ C:\ProgramData\Desktop\UsbFix Anti-Malware.lnk
2021-03-01 19:27 - 2021-03-01 19:27 - 000003208 _____ C:\WINDOWS\system32\Tasks\UsbFix Monitor
2021-03-01 19:27 - 2021-03-01 19:27 - 000003206 _____ C:\WINDOWS\system32\Tasks\UsbFix Boot Scan
2021-03-01 19:27 - 2021-03-01 19:27 - 000000000 ____D C:\Program Files (x86)\UsbFix
2021-03-01 19:09 - 2021-03-01 19:09 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Gastón.idea-PC\Desktop\mbar-1.10.3.1001.exe
2021-03-01 19:09 - 2021-03-01 19:09 - 005054744 _____ (AO Kaspersky Lab) C:\Users\Gastón.idea-PC\Desktop\tdsskiller.exe
2021-03-01 19:09 - 2021-03-01 19:09 - 004868504 _____ (SOSVirus) C:\Users\Gastón.idea-PC\Desktop\UsbFix_2020.exe
2021-02-27 03:01 - 2021-02-27 03:02 - 238184200 _____ C:\Users\Gastón.idea-PC\Desktop\kv1pvqjq.exe
2021-02-27 02:59 - 2021-02-27 02:59 - 000000000 ____D C:\KVRT2020_Data
2021-02-27 02:56 - 2021-02-27 02:56 - 100704688 _____ (AO Kaspersky Lab) C:\Users\Gastón.idea-PC\Desktop\KVRT.exe
2021-02-26 20:54 - 2021-02-27 01:52 - 000000576 _____ C:\Users\Gastón.idea-PC\Desktop\ESET Online Scanner.lnk
2021-02-26 20:53 - 2021-02-26 20:53 - 015019488 _____ (ESET spol. s r.o.) C:\Users\Gastón.idea-PC\Desktop\esetonlinescanner.exe
2021-02-24 02:33 - 2021-02-24 02:33 - 000000608 _____ C:\Users\Gastón.idea-PC\Desktop\cc_20210224_023308.reg
2021-02-24 02:10 - 2021-02-24 02:30 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Roaming\ZHP
2021-02-24 02:10 - 2021-02-24 02:10 - 000000895 _____ C:\Users\Gastón.idea-PC\Desktop\ZHPCleaner.lnk
2021-02-24 02:10 - 2021-02-24 02:10 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Local\ZHP
2021-02-23 23:53 - 2021-02-23 23:53 - 000006618 _____ C:\Users\Gastón.idea-PC\Desktop\cc_20210223_235311.reg
2021-02-23 23:44 - 2021-02-23 23:45 - 003324568 _____ (Nicolas Coolman) C:\Users\Gastón.idea-PC\Desktop\ZHPCleaner.exe
2021-02-23 23:44 - 2021-02-23 23:44 - 001790024 _____ (Malwarebytes) C:\Users\Gastón.idea-PC\Desktop\JRT.exe
2021-02-23 23:43 - 2021-02-23 23:44 - 008463216 _____ (Malwarebytes) C:\Users\Gastón.idea-PC\Desktop\adwcleaner_8.1.exe
2021-02-23 23:42 - 2021-02-23 23:42 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-23 23:41 - 2021-02-23 23:41 - 002084016 _____ (Malwarebytes) C:\Users\Gastón.idea-PC\Desktop\MBSetup.exe
2021-02-23 23:20 - 2021-03-02 16:32 - 000024982 _____ C:\Users\Gastón.idea-PC\Desktop\PROFESOReset.txt
2021-02-23 19:50 - 2021-02-23 20:09 - 000000000 ____D C:\FSTool
2021-02-22 20:42 - 2021-03-12 20:51 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Roaming\LGHUB
2021-02-22 20:42 - 2021-03-12 20:51 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Local\LGHUB
2021-02-22 20:42 - 2021-02-22 20:42 - 000000718 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2021-02-22 20:42 - 2021-02-22 20:42 - 000000718 _____ C:\ProgramData\Desktop\Logitech G HUB.lnk
2021-02-22 20:42 - 2021-02-22 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2021-02-22 20:42 - 2021-02-22 20:42 - 000000000 ____D C:\Program Files\LGHUB
2021-02-22 20:40 - 2021-02-22 20:40 - 000066808 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_xlcore.sys
2021-02-22 20:40 - 2021-02-22 20:40 - 000038136 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_bus_enum.sys
2021-02-22 20:40 - 2021-02-22 20:40 - 000026672 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_vir_hid.sys
2021-02-22 20:39 - 2021-02-22 20:42 - 000000000 ____D C:\ProgramData\LGHUB
2021-02-20 15:15 - 2021-02-20 15:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PdaNet for Android
2021-02-20 15:15 - 2021-02-20 15:15 - 000000000 ____D C:\Program Files (x86)\PdaNet for Android
2021-02-20 15:15 - 2011-11-25 01:25 - 000015360 _____ (June Fabrics Technology Inc.) C:\WINDOWS\system32\Drivers\pneteth.sys
2021-02-19 21:09 - 2021-02-19 21:09 - 001400584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2021-02-19 21:09 - 2021-02-19 21:09 - 000657176 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klgse.sys
2021-02-19 21:09 - 2021-02-19 21:09 - 000327936 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2021-02-19 21:09 - 2021-02-19 21:09 - 000300808 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kneps.sys
2021-02-19 21:09 - 2021-02-19 21:09 - 000155912 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwfp.sys
2021-02-19 21:09 - 2021-02-19 21:09 - 000096008 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpnpflt.sys
2021-02-19 21:08 - 2021-02-19 21:08 - 000250032 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\cm_km.sys
2021-02-19 21:08 - 2021-02-19 21:08 - 000211704 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klbackupflt.sys
2021-02-19 21:08 - 2021-02-19 21:08 - 000126216 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kldisk.sys
2021-02-19 21:08 - 2021-02-19 21:08 - 000112904 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klmouflt.sys
2021-02-19 21:08 - 2021-02-19 21:08 - 000112392 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klkbdflt.sys
2021-02-19 21:08 - 2021-02-19 21:08 - 000110336 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klbackupdisk.sys
2021-02-19 21:08 - 2021-02-19 21:08 - 000098040 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
2021-02-19 21:08 - 2021-02-19 21:08 - 000085256 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpd.sys
2021-02-19 21:08 - 2021-02-19 21:08 - 000041656 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klelam.sys
2021-02-12 21:13 - 2021-02-12 21:25 - 000247654 _____ C:\TDSSKiller.3.1.0.28_12.02.2021_21.13.47_log.txt
2021-02-12 21:13 - 2021-02-12 21:13 - 000000562 _____ C:\TDSSKiller.3.1.0.28_12.02.2021_21.13.36_log.txt
2021-02-12 20:13 - 2021-02-12 20:13 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\3153729B.sys
2021-02-12 04:16 - 2021-02-12 04:16 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Local\ESET
2021-02-12 03:59 - 2021-02-12 03:59 - 000000000 ____D C:\Program Files\AVG

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-03-12 20:52 - 2019-11-22 23:43 - 000000000 ____D C:\FRST
2021-03-12 20:35 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\Inf
2021-03-12 20:23 - 2014-07-05 00:25 - 000000000 ____D C:\Program Files\CCleaner
2021-03-12 19:03 - 2014-06-12 11:44 - 000003594 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4206844412-3915076-1266158226-1001
2021-03-12 18:01 - 2020-07-22 02:39 - 000002370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2021-03-12 18:01 - 2020-07-22 02:39 - 000002329 _____ C:\Users\Public\Desktop\Brave.lnk
2021-03-12 18:01 - 2020-07-22 02:39 - 000002329 _____ C:\ProgramData\Desktop\Brave.lnk
2021-03-12 17:50 - 2015-01-12 20:05 - 000000000 __SHD C:\Users\Gastón\IntelGraphicsProfiles
2021-03-12 17:49 - 2013-08-22 11:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-11 03:14 - 2017-09-09 21:42 - 000007597 _____ C:\Users\Gastón.idea-PC\AppData\Local\Resmon.ResmonCfg
2021-03-11 00:24 - 2015-09-03 00:15 - 000000000 ____D C:\ProgramData\AVAST Software
2021-03-10 19:09 - 2021-01-21 05:23 - 000001232 _____ C:\Users\Gastón.idea-PC\Desktop\Roblox Studio.lnk
2021-03-10 19:09 - 2019-09-21 21:44 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-03-10 16:56 - 2016-11-26 21:15 - 000000000 ____D C:\temp
2021-03-10 16:56 - 2013-06-18 07:12 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-03-10 16:51 - 2015-01-12 19:27 - 000000000 ____D C:\Users\Gastón.idea-PC
2021-03-09 00:15 - 2020-06-13 21:28 - 000000252 _____ C:\DelFix.txt
2021-03-08 21:13 - 2018-04-29 22:14 - 000004128 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-06 21:50 - 2020-06-19 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-03-06 21:50 - 2018-03-12 04:35 - 000000000 ____D C:\Program Files\VS Revo Group
2021-03-06 21:34 - 2017-07-10 01:21 - 000000000 ____D C:\ProgramData\Doctor Web
2021-03-06 18:46 - 2015-02-13 20:13 - 000000000 ____D C:\WINDOWS\Minidump
2021-03-04 19:57 - 2020-04-27 03:54 - 000000000 ____D C:\Program Files\Common Files\AV
2021-03-04 19:57 - 2017-11-28 02:38 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2021-03-04 19:56 - 2013-08-22 10:25 - 000262144 _____ C:\WINDOWS\system32\config\ELAM
2021-03-04 19:55 - 2012-07-26 05:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-03 21:32 - 2020-09-13 00:45 - 000000000 ____D C:\Users\Gastón.idea-PC\.Loquendo
2021-03-03 20:48 - 2015-12-26 22:42 - 000000000 ____D C:\Users\Gastón.idea-PC\Documents\Camtasia Studio
2021-03-01 20:39 - 2017-07-30 17:07 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2021-02-28 17:37 - 2017-01-19 16:25 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Roaming\Nitro PDF
2021-02-26 20:54 - 2014-09-24 12:25 - 001104098 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-26 20:54 - 2014-09-24 11:40 - 000164164 _____ C:\WINDOWS\system32\perfc00A.dat
2021-02-26 20:54 - 2014-09-24 11:40 - 000090690 _____ C:\WINDOWS\system32\perfh00A.dat
2021-02-24 02:29 - 2015-01-12 18:29 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Local\Google
2021-02-23 23:52 - 2012-07-26 05:12 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-23 23:26 - 2020-07-22 02:36 - 000003474 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2021-02-23 23:26 - 2014-07-05 00:25 - 000002806 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-02-23 23:26 - 2014-06-21 18:14 - 000003704 _____ C:\WINDOWS\system32\Tasks\Java Update Scheduler
2021-02-23 23:25 - 2020-07-22 02:36 - 000003346 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2021-02-22 20:42 - 2015-12-31 00:46 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Local\CrashDumps
2021-02-22 20:38 - 2016-04-10 02:56 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-21 12:51 - 2015-01-12 20:19 - 000000000 ___RD C:\Users\Gastón.idea-PC\Desktop\UT
2021-02-21 01:01 - 2018-09-16 18:39 - 000000132 _____ C:\Users\Gastón.idea-PC\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2021-02-20 17:47 - 2013-08-22 10:25 - 000000259 _____ C:\WINDOWS\win.ini
2021-02-16 18:56 - 2015-01-12 18:04 - 000000000 ____D C:\Users\Gastón.idea-PC\AppData\Local\Packages
2021-02-16 18:34 - 2014-10-08 02:15 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-12 20:13 - 2020-06-10 21:47 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-12 07:24 - 2013-06-18 07:50 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo

==================== Archivos en la raíz de algunos directorios ========

2007-10-04 12:00 - 2007-10-04 12:00 - 000003134 __RSH () C:\Program Files (x86)\Common Files\Logo.ico
2018-03-10 18:49 - 2018-03-10 18:49 - 000000000 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\fv3_input
2019-11-09 18:22 - 2019-11-09 18:46 - 000000141 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\jjv5conf.json
2018-09-16 18:39 - 2021-02-21 01:01 - 000000132 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2017-12-26 20:45 - 2018-01-04 05:00 - 000000013 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\rbx_hook
2015-10-02 18:31 - 2015-10-02 18:31 - 000001167 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\trace_FilterInstaller.1.txt
2015-10-02 18:43 - 2015-10-02 18:43 - 000000905 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\trace_FilterInstaller.txt
2015-10-02 18:31 - 2015-10-02 18:43 - 000000000 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2017-12-26 20:45 - 2017-12-31 16:10 - 000000024 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\version
2015-11-22 12:28 - 2015-11-22 12:28 - 000000000 _____ () C:\Users\Gastón.idea-PC\AppData\Roaming\Microsoft\F999.tmp
2019-04-18 20:51 - 2019-04-18 20:51 - 000001111 _____ () C:\Users\Gastón.idea-PC\AppData\Local\gamma_ramp.reg
2019-07-24 22:07 - 2019-07-25 18:53 - 001313336 _____ (Roblox Corporation) C:\Users\Gastón.idea-PC\AppData\Local\Installer.exe
2017-09-09 21:42 - 2021-03-11 03:14 - 000007597 _____ () C:\Users\Gastón.idea-PC\AppData\Local\Resmon.ResmonCfg
2015-01-16 03:29 - 2015-01-16 03:29 - 000000003 _____ () C:\Users\Gastón.idea-PC\AppData\Local\updater.log
2015-04-24 22:56 - 2020-10-22 07:10 - 000000424 _____ () C:\Users\Gastón.idea-PC\AppData\Local\UserProducts.xml
2020-07-23 02:44 - 2020-07-23 02:44 - 000000000 _____ () C:\Users\Gastón.idea-PC\AppData\Local\{3AA36954-D573-4BC4-8233-7EE0A681818B}
2021-02-06 17:59 - 2021-02-06 17:59 - 000000000 _____ () C:\Users\Gastón.idea-PC\AppData\Local\{98D9E10F-DDCB-469D-B4F6-02657790FD20}
2015-05-22 15:47 - 2015-05-22 15:47 - 000000000 _____ () C:\Users\Gastón.idea-PC\AppData\Local\{A508A5A3-761F-428E-8BB0-9DAE1C482C92}
2017-01-20 20:10 - 2017-01-20 20:10 - 000000000 _____ () C:\Users\Gastón.idea-PC\AppData\Local\{EC9B42B7-A186-4455-AE3A-F9BCE67525D6}

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2021-03-12 19:03
==================== Final de FRST.txt ========================

No @Diarasas pon también el Aditions, NO HAGAS NADA DE ESO QUE DICES.

Aditions 1

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 28-02-2021
Ejecutado por Gastón (12-03-2021 20:53:43)
Ejecutado desde C:\Users\Gastón.idea-PC\Desktop
Windows 8.1 Single Language (Update) (X64) (2015-01-12 23:05:08)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-4206844412-3915076-1266158226-500 - Administrator - Disabled)
Gastón (S-1-5-21-4206844412-3915076-1266158226-1001 - Administrator - Enabled) => C:\Users\Gastón.idea-PC
HomeGroupUser$ (S-1-5-21-4206844412-3915076-1266158226-1006 - Limited - Enabled)
Invitado (S-1-5-21-4206844412-3915076-1266158226-501 - Limited - Disabled) => C:\Users\Invitado
lnvitado (S-1-5-21-4206844412-3915076-1266158226-1007 - Administrator - Enabled) => C:\Users\lnvitado

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Security Cloud (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Security Cloud (Disabled - Up to date) {F41710F6-65D1-4F66-2B68-CCCF63D4A09E}
FW: Kaspersky Security Cloud (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 9 ActiveX (HKLM-x32\...\{8E9DB7EF-5DD3-499E-BA2A-A1F3153A4DF8}) (Version: 9.0.115.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.17) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.17 - Adobe Systems Incorporated)
Analizador y SDK de MSXML 4.0 SP2 (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
AutoCAD 2007 - Español (HKLM-x32\...\{5783F2D7-5001-040A-0002-0060B0CE6BBA}) (Version: 17.0.54.110 - Autodesk)
Autodesk DWF Viewer (HKLM-x32\...\Autodesk DWF Viewer) (Version: 6.5 - Autodesk, Inc.)
Bentley IEG License Service (HKLM-x32\...\{D56865D0-28E9-4972-990E-01B1074FE4FE}) (Version: 2.0.11.0 - Bentley Systems Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 89.1.21.76 - Los creadores de Brave)
BuduLock (HKLM-x32\...\{7FA7F183-5284-4A79-BC87-429EABCBC5ED}) (Version: 1.1.2 - BuduSuite)
Camtasia 9 (HKLM\...\{5B345FC0-9E6D-4D22-9718-682DB0CF2414}) (Version: 9.0.0.1306 - TechSmith Corporation) Hidden
Camtasia 9 (HKLM-x32\...\{357abfe9-0513-4326-9e53-3b7654e9819d}) (Version: 9.0.0.1306 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
f.lux (HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\Flux) (Version:  - )
f.lux (HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\Flux) (Version:  - )
f.lux (HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\Flux) (Version:  - )
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version:  - Richard)
Guía del usuario (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo) Hidden
Hardwipe 5.2.1 (HKLM\...\{0F322F97-B3FB-4423-B23E-4E486693CD16}) (Version: 5.2.1 - Big Angry Dog)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Graphics Driver Software (HKLM-x32\...\{11fd8837-78a3-461c-810a-8857f36bfa18}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{1c5c7b65-90a8-44b8-b1f6-0f6bae9f3eb5}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Iridium Browser (HKLM\...\{5ABE3355-9D56-41DC-BD0A-F160B823FC57}) (Version: 54.0.0 - The Iridium Authors)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Kaspersky Security Cloud (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Security Cloud (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10242 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo Service Bridge (HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\cbe8636f7dd0cf1d) (Version: 1.4.0.0 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\cbe8636f7dd0cf1d) (Version: 1.4.0.0 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\cbe8636f7dd0cf1d) (Version: 1.4.0.0 - Lenovo)
Lock My PC Free Edition 4.9.5 (HKLM\...\Lock My PC Free Edition_is1) (Version: 4.9.5 - )
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version:  - Logitech)
Loquendo TTS 7 Carlos Multimedia High Quality (HKLM-x32\...\{CCB512D7-4500-4E5F-A2EA-26D512E4B2BF}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 Carmen Multimedia High Quality (HKLM-x32\...\{08E73A78-70C4-4168-BB68-98B6D7A9001F}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 Engine Full Distribution (HKLM-x32\...\{16096EE7-3343-4835-B9AF-C63492BD89B3}) (Version: 7.5.0 - Loquendo)
Loquendo TTS 7 Jorge Multimedia High Quality (HKLM-x32\...\{22BF5757-B409-4936-B711-959FE897BD4A}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 SDK Distribution (HKLM-x32\...\{30139AC2-AB19-4AEA-865F-2154240D851F}) (Version: 7.3.1 - Loquendo)
Loquendo TTS 7 Soledad Multimedia High Quality (HKLM-x32\...\{5A073D9F-DC37-4581-BD40-A88EEAB5048D}) (Version: 7.3.1 - Loquendo)
Loquendo TTS 7 Spanish (HKLM-x32\...\{02B7FE27-CF87-4380-B57B-9D7A543B1674}) (Version: 7.4.0 - Loquendo)
Macro Recorder 5.8.0 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.8.0 - Jitbit Software)
Macromedia Flash Player 8 (HKLM-x32\...\ShockwaveFlash) (Version: 8 - Macromedia)
Memory Cleaner 2.70 (HKLM\...\MemClean) (Version: 2.70 - KoshyJohn.com)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219.473 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219.473 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
Nitro Pro 8 (HKLM\...\{34BE77EE-B563-49D7-A8A0-FFD76D29BBD3}) (Version: 8.0.10.7 - Nitro)
Oracle VM VirtualBox 5.0.12 (HKLM\...\{6F93731D-89E1-4A8F-BDA9-D104860DDB02}) (Version: 5.0.12 - Oracle Corporation)
Paquete de controladores de Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Paquete de controladores de Windows - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Paquete de controladores de Windows - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Paquete de controladores de Windows - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Paquete de controladores de Windows - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PdaNet+ for Android 5.23 (HKLM-x32\...\PdaNet_is1) (Version:  - June Fabrics Technology)
'PTC Places' Namespace Shell Extension (HKLM-x32\...\{B7715210-136C-4832-8A60-33BFF6CC0EF1}) (Version: 1.1.13 - PTC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
RAM Advanse 9.5 (HKLM-x32\...\{EB06BB46-ED24-4661-8996-A447F1EBC2E7}) (Version: 9.5.0 - Bentley Systems Inc.)
RAM License Support (HKLM-x32\...\{AD6331AF-466F-4D25-B467-EEB2AAF2032C}) (Version: 2.0.2.0 - Bentley Systems, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6675 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Revo Uninstaller 2.2.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.2.2 - VS Revo Group, Ltd.)
Roblox Player for Gastón (HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Player for Gastón (HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Player for Invitado (HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - Roblox Corporation)
Roblox Studio for Gastón (HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\roblox-studio) (Version:  - Roblox Corporation)
Roblox Studio for Gastón (HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\roblox-studio) (Version:  - Roblox Corporation)
Roblox Studio for Gastón (HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\roblox-studio) (Version:  - Roblox Corporation)
Roblox Studio for Invitado (HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - Roblox Corporation)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
ThinkPad UltraNav Driver (HKLM\...\Elantech) (Version: 11.4.10.2 - ELAN Microelectronic Corp.)
TP-Link Archer T3U Driver (HKLM-x32\...\{CEB0679A-4607-4705-9D40-86734A7E94EA}) (Version: 2.1.0 - TP-Link)
Unity Web Player (HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Update for Skype for Business 2016 (KB4484501) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5758925D-D737-4467-8928-BE143AB9699B}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4484501) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5758925D-D737-4467-8928-BE143AB9699B}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4484501) 64-Bit Edition (HKLM\...\{90160000-012B-0C0A-1000-0000000FF1CE}_Office16.PROPLUS_{5758925D-D737-4467-8928-BE143AB9699B}) (Version:  - Microsoft)
UsbFix Anti-Malware Premium (HKLM-x32\...\Usbfix) (Version: 11.0.3.2 - SOSVirus (SOSVirus.Net))
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
Windchill ProductPoint Client Manager (HKLM-x32\...\{129024FF-A6C9-4696-91BC-570C6C05193A}) (Version: 1.1.187 - PTC)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Yousician Launcher version 1.0 (HKLM-x32\...\{EF45EAE9-523E-47C3-8634-A81923B11DD5}_is1) (Version: 1.0 - Yousician)

Packages:
=========
AccuWeather for Windows 8 -> C:\Program Files\WindowsApps\AccuWeather.AccuWeatherforWindows8_4.1.0.31_x64__8zz2pj9h1h1d8 [2021-02-01] (AccuWeather)
Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_2.2.26.0_x86__k1h2ywk1493x8 [2021-02-01] (LENOVO INC.)
Evernote Touch -> C:\Program Files\WindowsApps\Evernote.Evernote_3.3.0.102_x86__q4d96b2w5wcc2 [2021-02-01] (Evernote)
Juegos -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Corporation) [MS Ad]
Lenovo Support -> C:\Program Files\WindowsApps\E046963F.LenovoSupport_2.0.5.0_x86__k1h2ywk1493x8 [2021-02-01] (Lenovo, INC.)
Live TV -> C:\Program Files\WindowsApps\FilmOnLiveTVFree.FilmOnLiveTVFree_1.3.6.115_x64__zx03kxexxb716 [2021-02-01] (FilmOn TV Inc.)
PowerDVD for Lenovo Idea -> C:\Program Files\WindowsApps\CyberLinkCorp.id.PowerDVDforLenovoIdea_1.1.2618.24808_x86__hgg5mn3xps74a [2021-02-01] (CYBERLINK COM CORPORATION)
rara music -> C:\Program Files\WindowsApps\rara.com.rara.com_1.0.25.23_neutral__2tghmx54nqzjm [2021-02-01] (RARA MEDIA GROUP LIMITED)
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2021-02-01] (Zinio LLC)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-4206844412-3915076-1266158226-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4206844412-3915076-1266158226-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4206844412-3915076-1266158226-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4206844412-3915076-1266158226-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4206844412-3915076-1266158226-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4206844412-3915076-1266158226-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4206844412-3915076-1266158226-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32-x32: [Identificador de icono superpuesto para firmas digitales de AutoCAD] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\SysWOW64\AcSignIcon.dll [2006-03-05] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1-x32: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files (x86)\Common Files\Autodesk shared\dwf common\DWFShellExtension.dll [2005-11-15] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Common Files\Nitro\Pro\8.0\NPShellExtension64.dll [2012-12-13] (Nitro PDF Software -> Nitro PDF)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [BigAngryDog_HWipe] -> {B0FFE529-A5D3-4ECE-91C0-9E3585C373D8} => C:\Program Files\Hardwipe\hw-bin\hwshell.dll [2017-04-03] (Big Angry Dog Ltd -> Big Angry Dog)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers3: [BigAngryDog_HWipe] -> {8154B7C1-BB68-457C-931A-5BFABBA86CD9} => C:\Program Files\Hardwipe\hw-bin\hwshell.dll [2017-04-03] (Big Angry Dog Ltd -> Big Angry Dog)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2013-01-24] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado]
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2012-05-18] () [Archivo no firmado]

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\Gastón.idea-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\bea1cfeb4774fda6\Iridium.lnk -> C:\Program Files\Iridium\iridium.exe (The browser authors) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\Users\Gastón.idea-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\200ce23fec0ce6d1\Iridium.lnk -> C:\Program Files\Iridium\iridium.exe (The browser authors) -> --profile-directory=Default

==================== Módulos cargados (Lista blanca) =============

2013-01-24 19:12 - 2013-01-24 19:12 - 000033408 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\CommApi.dll
2013-01-24 19:12 - 2013-01-24 19:12 - 000203392 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\FolderViewImpl.dll
2013-01-24 19:12 - 2013-01-24 19:12 - 000034432 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\ipc.dll
2013-01-24 19:13 - 2013-01-24 19:13 - 000290944 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll
2013-01-24 19:13 - 2013-01-24 19:13 - 000027264 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\TCPConnection.dll
2013-01-24 19:13 - 2013-01-24 19:13 - 000113280 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\utils.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

Aditions 2

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ar.yahoo.com?fr=fp-comodo&type=138430100005_12.1.0.6914_i_hp
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-4206844412-3915076-1266158226-501\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/
HKU\S-1-5-21-4206844412-3915076-1266158226-501\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-4206844412-3915076-1266158226-501\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4206844412-3915076-1266158226-1001 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://ar.search_path.yahoo.com/search_path?p={searchTerms}&fr=chr-comodo&type=138430100005_12.1.0.6914_i_ds
SearchScopes: HKU\S-1-5-21-4206844412-3915076-1266158226-1007 -> {254400EB-C42E-48D7-89F3-F0C453074118} URL = 
SearchScopes: HKU\S-1-5-21-4206844412-3915076-1266158226-501 -> {254400EB-C42E-48D7-89F3-F0C453074118} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-06] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Hay 7863 más sitios.

IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\1-2005-search.com -> www.1-2005-search.com

Hay 12653 más sitios.

IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\1-2005-search.com -> www.1-2005-search.com

Hay 12653 más sitios.

IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\1-2005-search.com -> www.1-2005-search.com

Hay 12653 más sitios.


==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2013-08-22 10:25 - 2021-03-09 00:24 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\Windows Live\Shared;C:\Python27;C:\Python27\Scripts;C:\adb
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-4206844412-3915076-1266158226-501\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 10.129.132.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
Firewall de Windows está habilitado.

Network Binding:
=============
Ethernet: SoftEther Lightweight Network Protocol -> selow (enabled) 
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled) 
Conexión de red Bluetooth: SoftEther Lightweight Network Protocol -> selow (enabled) 
Wi-Fi: SoftEther Lightweight Network Protocol -> selow (enabled) 
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled) 
PdaNet Broadband Connection: SoftEther Lightweight Network Protocol -> selow (enabled) 
PdaNet Broadband Connection: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled) 
Ethernet 2: SoftEther Lightweight Network Protocol -> selow (enabled) 
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled) 
VirtualBox Host-Only Network: SoftEther Lightweight Network Protocol -> selow (enabled) 
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled) 

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: Autodesk Licensing Service => 3
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: brave => 2
MSCONFIG\Services: bravem => 3
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: CxAudMsg => 2
MSCONFIG\Services: DragonUpdater => 2
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LmpcService => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: NitroDriverReadSpool8 => 2
MSCONFIG\Services: nlsX86cc => 2
MSCONFIG\Services: SamsungUPDUtilSvc => 2
MSCONFIG\Services: TurboVPNService => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: WindscribeService => 2
MSCONFIG\Services: ZAtheros Bt and Wlan Coex Agent => 2
HKLM\...\StartupApproved\StartupFolder: => "Acelerador de inicio de AutoCAD.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Intel AppUp(SM) center"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "mcui_exe"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "Lightshot"
HKLM\...\StartupApproved\Run32: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\StartupFolder: => "hide.me VPN.lnk"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\StartupFolder: => "PdaNet Desktop.lnk"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\Run: => "TunnelBear"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\Run: => "STUISpeedLauncher"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4206844412-3915076-1266158226-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\StartupApproved\Run: => "TunnelBear"
HKU\S-1-5-21-4206844412-3915076-1266158226-1007\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\StartupApproved\Run: => "TunnelBear"
HKU\S-1-5-21-4206844412-3915076-1266158226-501\...\StartupApproved\Run: => "Lync"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [TCP Query User{65C9F37A-DB95-4ADC-9504-393D75D987AD}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{A0AE64B1-233D-41BE-8217-19582F7BC43A}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{2F9241F4-ABBD-438F-8FF3-9CDE47950BC7}C:\program files (x86)\bravesoftware\brave-browser\application\brave.exe] => (Block) C:\program files (x86)\bravesoftware\brave-browser\application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [UDP Query User{76CF494D-2635-498E-8B44-5D00750F9798}C:\program files (x86)\bravesoftware\brave-browser\application\brave.exe] => (Block) C:\program files (x86)\bravesoftware\brave-browser\application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{2D0DDE84-CDE6-4962-9021-2E39EBB9F8A8}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)

==================== Puntos de Restauración =========================

24-02-2021 02:27:33 ZHPcleaner
03-03-2021 22:48:51 Punto de control programado
06-03-2021 23:20:38 Eliminado Qualcomm Atheros 11ac Wireless LAN Installer
10-03-2021 16:55:50 Installed TP-Link Wireless Adapter WPS Tool and Driver

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Temporizador de eventos de alta precisión
Description: Temporizador de eventos de alta precisión
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Dispositivos de sistema estándar)
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: [CommView] Atheros AR9485WB-EG Wireless Network Adapter
Description: [CommView] Atheros AR9485WB-EG Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TamoSoft
Service: TS_ARN5416
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================

Errores del sistema:
=============
Error: (03/12/2021 08:53:34 PM) (Source: DCOM) (EventID: 10010) (User: IDEAPC)
Description: El servidor {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (03/12/2021 07:04:59 PM) (Source: DCOM) (EventID: 10010) (User: IDEAPC)
Description: El servidor {1B1F472E-3221-4826-97DB-2C2324D389AE} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (03/12/2021 07:04:29 PM) (Source: DCOM) (EventID: 10010) (User: IDEAPC)
Description: El servidor {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (03/12/2021 07:03:58 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a42\SystemRoot\System32\Config\RegBack\SYSTEM

Error: (03/12/2021 05:55:32 PM) (Source: DCOM) (EventID: 10010) (User: IDEAPC)
Description: El servidor {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (03/12/2021 05:48:32 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: El controlador Bluetooth esperaba un evento HCI con un tamaño determinado pero no lo recibió.

Error: (03/11/2021 03:24:54 AM) (Source: DCOM) (EventID: 10010) (User: IDEAPC)
Description: El servidor {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (03/11/2021 03:22:54 AM) (Source: DCOM) (EventID: 10010) (User: IDEAPC)
Description: El servidor {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} no se registró con DCOM dentro del tiempo de espera requerido.


Windows Defender:
================
Date: 2020-10-04 21:50:02.952
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {2BD98CA3-3F05-4A69-83D1-43C01B599CD2}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-10-02 11:02:17.873
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {847310EB-F7EA-4EEB-A253-C6DCD96EBCAF}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-09-30 22:01:35.340
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {E1A749B4-3B8F-485C-AD42-E5E4D041E3AB}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-09-30 03:00:48.780
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {7EB62FEA-086A-4692-BBCD-2F1D067CD06D}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-09-30 01:29:53.090
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {0091D587-A2BF-4EA9-A94C-C0BE32E20631}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-09-27 00:32:07.633
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará revertirlas a un conjunto de firmas conocidas.
Firmas intentadas: Actual
Código de error: 0x80070002
Descripción del error: El sistema no puede encontrar el archivo especificado. 
Versión de firma: 0.0.0.0;0.0.0.0
Versión de motor: 0.0.0.0

Date: 2020-07-21 21:59:24.036
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.313.1456.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16900.4
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

Date: 2020-04-13 21:52:26.118
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.313.856.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16900.4
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

Date: 2020-04-05 23:47:00.261
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.313.211.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16900.4
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

Date: 2020-03-27 21:34:28.884
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.311.1622.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16800.2
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

==================== Información de la memoria =========================== 

BIOS: LENOVO 5ECN95WW(V9.00) 12/19/2012
Placa base: LENOVO INVALID
Procesador: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Porcentaje de memoria en uso: 19%
RAM física total: 8057.77 MB
RAM física disponible: 6510.62 MB
Virtual total: 12631.77 MB
Virtual disponible: 11319.77 MB

==================== Unidades ================================

Drive c: (Windows8_OS) (Fixed) (Total:650.86 GB) (Free:436.1 GB) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:19.07 GB) NTFS

\\?\Volume{7bd11e14-143d-476c-8bbf-561493cebe3c}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.65 GB) NTFS
\\?\Volume{eba66397-d88a-473c-b213-8e2e62d3520b}\ () (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
\\?\Volume{efd4189c-d2ed-48d6-b668-a86d2592e284}\ (PBR_DRV) (Fixed) (Total:20 GB) (Free:10.93 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 3D63DBBB)

Partition: GPT.

==================== Final de Addition.txt =======================

Okis

Hola @Diarasas

:one: Ahora debes de hacer una COPIA DE SEGURIDAD DEL REGISTRO, para ello:

  • Reinicias el ordenador en Modo Normal.

  • Descargas DelFix en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

  • Marcas solamente la casilla de Create registry backup, el resto te aseguras de que no estén seleccionadas.

  • Presionas en Run.

Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.

Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
S3 phantomtap; C:\WINDOWS\system32\DRIVERS\phantomtap.sys [35664 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
2021-03-11 00:24 - 2015-09-03 00:15 - 000000000 ____D C:\ProgramData\AVAST Software
2021-02-12 03:59 - 2021-02-12 03:59 - 000000000 ____D C:\Program Files\AVG
2021-03-11 00:37 - 2021-03-11 00:37 - 004146112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgremoverx.exe

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END

Lo guardas con el nombre de FIXLIST.TXT en tu escritorio (MUY IMPORTANTE). Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.

:warning: El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.

Finalmente (OJO, sigues en MODO NORMAL AHORA):

  1. Ejecutas nuevamente FRST.exe (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador).

  2. Presionas sobre Fix/Corregir y esperas a que finalice el proceso. No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.

  3. Cunado finalice, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta.

  4. Reinicias el ordenador en Modo Normal compruebas durante un rato el funcionamiento de este y comentas como sigue el problema inicialmente planteado.

:warning: Muy Importante :warning: Coloca el reporte que te he pedido como se muestra en la siguiente imagen:

Salu2.

Hola

Fixlog

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 28-02-2021
Ejecutado por Gastón (13-03-2021 00:59:13) Run:5
Ejecutado desde C:\Users\Gastón.idea-PC\Desktop
Perfiles cargados: Gastón & lnvitado & Invitado
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
S3 phantomtap; C:\WINDOWS\system32\DRIVERS\phantomtap.sys [35664 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
2021-03-11 00:24 - 2015-09-03 00:15 - 000000000 ____D C:\ProgramData\AVAST Software
2021-02-12 03:59 - 2021-02-12 03:59 - 000000000 ____D C:\Program Files\AVG
2021-03-11 00:37 - 2021-03-11 00:37 - 004146112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgremoverx.exe

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
HKLM\System\CurrentControlSet\Services\phantomtap => eliminado correctamente
phantomtap => servicio eliminado correctamente
C:\ProgramData\AVAST Software => movido correctamente
C:\Program Files\AVG => movido correctamente
C:\WINDOWS\system32\avgremoverx.exe => movido correctamente

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 13 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en PdaNet Broadband Connection mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 13:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Wi-Fi 2:

   Sufijo DNS espec¡fico para la conexi¢n. . : cpe.telred.com.ar
   Direcci¢n IPv6 . . . . . . . . . . : 2800:af0:1008:364::2
   Direcci¢n IPv6 . . . . . . . . . . : 2800:af0:1008:364:cac:5ae9:e46:c534
   Direcci¢n IPv6 temporal. . . . . . : 2800:af0:1008:364:8004:5819:82f9:331a
   V¡nculo: direcci¢n IPv6 local. . . : fe80::cac:5ae9:e46:c534%22
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.14
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : fe80::4a5f:99ff:feee:159%22
                                       192.168.0.1

Adaptador de Ethernet PdaNet Broadband Connection:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet Ethernet 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet Conexi¢n de red Bluetooth:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet Ethernet:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet VirtualBox Host-Only Network:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::6d40:68b6:939f:2e92%3
   Direcci¢n IPv4 de configuraci¢n autom tica: 169.254.46.146
   M scara de subred . . . . . . . . . . . . : 255.255.0.0
   Puerta de enlace predeterminada . . . . . : 

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= Final de CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-4206844412-3915076-1266158226-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-4206844412-3915076-1266158226-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6348489 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 202264 B
Edge => 0 B
Chrome => 0 B
Brave => 2204752 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 832 B
NetworkService => 832 B
Gastón.idea-PC => 93213 B
lnvitado => 93213 B
Invitado => 93213 B

RecycleBin => 0 B
EmptyTemp: => 16.6 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 00:59:54 ====

Me fijé usando en “buscar en…” y siguen saliendo rastros : (

El alto cpu del administrador de tareas continua

Saludos

Hola, buenas @Diarasas

Pues debo informarte de que en el FRST todo ha ido correctamente y ha hecho lo que tenía que hacer. Tu ordenador actualmente está libre de malwares.

Pon una captura de pantalla o varias como ya sabes del administrador de tareas y despliegas todos los Procesos para que se vean de forma detallada los sub-procesos correspondientes. (desplegar las flechas).

Traes capturas de pantalla de todos esos restos que indicas, en estas que se vean los ficheros/carpetas residuales y me indicas sus ubicaciones genéricas.

Salu2.

Hola Ok, está bueno saber que ya no tengo malwares

Acá te dejo el administrador, se muestran los procesos que salen una vez que inicio windows pasado unos minutos

Estos serían los restos de los antivirus

C:\Windows\WinSxS\amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none
C:\FRST\Quarantine\C\ProgramData
C:\FRST\Quarantine\C\WINDOWS\system32\Tasks
C:\FRST\Quarantine\C\WINDOWS\system32\Tasks\Avast Software
C:\Windows\WinSxS
C:\Users\Gastón.idea-PC\AppData\Local
C:\Users\Gastón\AppData\Local\Temp\Low
C:\Users\Gastón\AppData\Local\Temp
C:\Users\Gastón\AppData\Local\Temp

C:\Users\Gastón\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\ProgramData

C:\Users\Gastón\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\ProgramData\AVAST Software

C:\Users\Gastón\AppData\Roaming\AVAST Software
C:\FRST\Quarantine\C\ProgramData\AVAST
 
C:\Windows\WinSxS\Manifests

C:\FRST\Quarantine\C\ProgramData\AVAST Software

C:\Users\Gastón\AppData\Roaming\AVAST Software\Avast\Cache\Local Storage

C:\Users\Gastón\AppData\Roaming\AVAST Software\Avast\log

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Users\Gastón\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.0.2502.149_0\common\skin\img

C:\Windows\System32\winevt\Logs
C:\Program Files (x86)\Comodo\Dragon\dragon.exe"
C:\Users\Gastón.idea-PC\AppData\Roaming\Mozilla\Firefox\Profiles\4JP5qivp.default\extensions

Saludos

Hola, buenas @Diarasas disculpa que haya tardado en responder.

:+1:

Respecto el Administrador de tareas OK.

Respecto a los restos de los antivirus OK.

Eliminas manualmente las siguientes carpetas/ubicaciones:

C:\Windows\WinSxS\amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none

C:\Users\Gastón\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\ProgramData\AVAST Software

C:\Users\Gastón\AppData\Roaming\AVAST Software

C:\Program Files\AVAST Software

C:\Program Files (x86)\Comodo

Y eliminas de tu navegador Chrome la siguiente extensión: gomekmidlodglbbmalcneegieacbdmki que es Avast Online Security - Chrome Web Store

Finalmente, traes un nuevo log de IFS.

Salu2.

1 me gusta

Holaaa

Carpetas y extensiones eliminadas. Dentro de C:\Windows\WinSxS\ hay otras de avast; ¿las elimino también?

Y acá está el IFS

[CODE][B]~~~~~~~~~~~| Inicio: [/B]

*IFS (InfoSpyware First Steps) v 1.3
*www.InfoSpyware.com | www.ForoSpyware.com
*Iniciado: 17/03/2021 a las 22h.32m.53s

[B]~~~~~~~~~~~|  Información del Sistema:[/B]

OS: Microsoft Windows 8.1 Single Language x64 
Idioma: Spanish (Argentina) (Argentina|es-AR)
Permisos de Administrador / ON
Windows se Inició en   Modo Normal
Drive: C:\WINDOWS (Install: \Device\HarddiskVolume5)

[B]~~~~~~~~~~~| Arquitectura Fisica:[/B]

CPU: LENOVO
CPU Modelo: 20150
Procesador: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz (x64-BasedPC)
Memoria RAM: 8 Gb. En Uso: 20 %
Video: Intel(R) HD Graphics 4000
Chip: Intel(R) HD Graphics Family Capacidad video:-1984 MB (Internal)

[B]~~~~~~~~~~~| Unidades[/B]

C: [FIXED|NTFS|Windows8_OS] - [650.8 Gb][434.1 Gb][216.2 Gb]
D: [FIXED|NTFS|LENOVO] - [25 Gb][19.1 Gb][5.9 Gb]
E: [CDROM]
[COLOR=#FF0000][B]C:\ Fragmentación total 21.29% - Desfragmentar unidad [/B][/COLOR]
D:\ Fragmentación total 0.00% - Correcto

[B]~~~~~~~~~~~| Seguridad del SO[/B]

SafeBoot: Inicio en Modo seguro Correcto
Security Center: Correcto (Servicio Activo)
Windows Update: [COLOR=#FF0000][B]El servicio no está activo[/B][/COLOR] [LST: 2021-02-03 00:44:29][LD: 2021-02-16 21:34:55][LI: 2020-12-16 23:49:03][NDT: 2021-03-18 14:48:55]
AV: Windows Defender *[COLOR=#FF0000][B]Protección Residente [OFF][/B][/COLOR] / [COLOR=#FF0000][B]Actualizar[/B][/COLOR]*
AV: Kaspersky Security Cloud *[COLOR=#FF0000][B]Protección Residente [OFF][/B][/COLOR] / Actualización vía la Nube*
SP: Windows Defender *[COLOR=#FF0000][B]Protección Residente [OFF][/B][/COLOR] / [COLOR=#FF0000][B]Actualizar[/B][/COLOR]*
SP: Kaspersky Security Cloud *[COLOR=#FF0000][B]Protección Residente [OFF][/B][/COLOR] / Actualización vía la Nube*
FW: Kaspersky Security Cloud *[COLOR=#FF0000][B]Protección Residente [OFF][/B][/COLOR]*
FW: Windows Firewall *Habilitado*

[B]~~~~~~~~~~~|  Update Check[/B]

Internet Explorer Versión Instalada 11
Adobe Reader Versión instalada 11.0.17

[B]~~~~~~~~~~~| Process List[/B] 


[B]~~~~~~~~~~~| Install Check[/B] 


Kaspersky Security Cloud [21.3.10.391]
CCleaner [5.77]

[B]~~~~~~~~~~~| Registry Check[/B]

HKLM\Run(x64): [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe /t
HKLM\Run(x64): [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
HKLM\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
HKLM\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\Run: [f.lux] "C:\Users\Gastón.idea-PC\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
HKLM\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
HKLM\Run: [LGHUB] "C:\Program Files\LGHUB\lghub.exe" --background
HKLM\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
Winlogon(x64): Shell = explorer.exe
Winlogon: Shell = explorer.exe
Userinit(x64): Userinit = userinit.exe,
Userinit: Userinit = userinit.exe,

[HKCR\.\.open\command] -> No se pudo obtener la información. 

[B]~~~~~~~~~~~| PUPs Check[/B]

C:\Users\Gastón.idea-PC\AppData\Roaming\dvdvideosoft

[B]~~~~~~~~~~~| Listado 7 Días (Predeterminado)[/B]

[16/03/2021 09:05] - C:\WINDOWS\MEMORY.DMP
[12/03/2021 21:04] - C:\WINDOWS\ntbtlog.txt
[13/03/2021 01:01] - C:\WINDOWS\runSW.log
[13/03/2021 01:01] - C:\WINDOWS\setupact.log
[13/03/2021 01:01] - C:\WINDOWS\setuperr.log

[B]~~~~~~~~~~~| C:\WINDOWS\Tasks:[/B]


[B]~~~~~~~~~~~| End Report[/B]
*Finalizado 22:37:13
*Se limpiaron los archivos temporales
*[1599815] C:\Users\Gastón.idea-PC\Desktop\IFS.exe
*Herramienta de Análisis e investigación [/CODE]

Saludos