Virus invasivo. Vuelve todos los días

Hola a todos, hace días que mi computadora no para de funcionar mal y estar suuuper leenta. Además de desaparecer ciertas cosas, como la carpeta del TuneUp de mi menu inicio/Todos los programas. Todos los días el AdwCleaner me detecta, y elimina, seis PUPs :slight_smile:PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop com PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar com PUP.Optional.Legacy HKU.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop com PUP.Optional.Legacy HKU.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar com PUP.Optional.Legacy HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop com PUP.Optional.Legacy HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar com

El caso es que no hay forma de librarme de ellos, todos los días aparecen y la PC se vuelve lentísima, Firefox y Spotify no cierran, a menos que les termine el proceso. Por favor ayudaa… jajaja y gracias de antemano, ya me han salvado varias veces! Diego

Realiza los siguientes pasos, , aunque ya hayas echo alguno, sin cambiar el orden

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware,

Manual Malwarebytes, para que sepas usarlo y configurarlo.

  • Realiza un Análisis Personalizado,marcando Todas las casillas de la derecha y de la Izquierda actualizando si te lo pide.
  • Pulsar en “Eliminar Seleccionados” para enviarlo a la cuarentena y Reinicias el sistema.
  • Para acceder posteriormente al informe del análisis : Informes >> Registro de análisis >> Pulsar en >> Exportar >> Copiar al Portapapeles, y lo pegas en tu respuesta

2) Descarga Adwcleaner en el escritorio.

  • Desactiva tu antivirus :arrow_forward:Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad.

  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • Si no encuentra nada, pulsamos “Omitir Reparación

  • El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"

Puedes mirar su manual >> Manual de Adwcleaner

3) Descarga Ccleaner

Instalalo y ejecútalo. En la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador. Clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad.

Pega los reportes de Malwarebytes, AdwCleaner y comentas como va el problema.


Bueno bueno, he escaneado y los muy desgraciados volvieron. Pego los dos informes a continuación. Gracias de nuevo como siempre!

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 20/5/19
Hora del análisis: 19:55
Archivo de registro: 4bed509a-7b52-11e9-a6e7-74d435b3613b.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.586
Versión del paquete de actualización: 1.0.10684
Licencia: Caducado

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: DI3GO-PC\DI3GO

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 250439
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 4 min, 19 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

/////////////////////////////

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-04-03.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    05-20-2019
# Duration: 00:00:05
# OS:       Windows 7 Home Premium
# Cleaned:  6
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar. com
Deleted       HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop. com
Deleted       HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar. com
Deleted       HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop. com
Deleted       HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar. com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1978 octets] - [01/05/2019 12:42:15]
AdwCleaner[C00].txt - [1998 octets] - [01/05/2019 12:44:43]
AdwCleaner[S01].txt - [1396 octets] - [03/05/2019 21:50:04]
AdwCleaner[C01].txt - [1562 octets] - [03/05/2019 21:50:25]
AdwCleaner[S02].txt - [1518 octets] - [04/05/2019 09:59:42]
AdwCleaner[C02].txt - [1684 octets] - [04/05/2019 10:00:24]
AdwCleaner[S03].txt - [1623 octets] - [04/05/2019 10:20:36]
AdwCleaner[S04].txt - [1684 octets] - [04/05/2019 11:08:08]
AdwCleaner[C04].txt - [1870 octets] - [04/05/2019 11:08:25]
AdwCleaner[S05].txt - [1823 octets] - [04/05/2019 21:25:11]
AdwCleaner[C05].txt - [1989 octets] - [04/05/2019 21:26:20]
AdwCleaner[S06].txt - [1945 octets] - [05/05/2019 10:10:38]
AdwCleaner[C06].txt - [2111 octets] - [05/05/2019 10:11:17]
AdwCleaner[S07].txt - [2806 octets] - [05/05/2019 10:34:44]
AdwCleaner[C07].txt - [2882 octets] - [05/05/2019 10:35:00]
AdwCleaner[S08].txt - [2172 octets] - [05/05/2019 10:38:18]
AdwCleaner[C08].txt - [2358 octets] - [05/05/2019 10:38:33]
AdwCleaner[S09].txt - [2294 octets] - [05/05/2019 10:43:25]
AdwCleaner[S10].txt - [2355 octets] - [05/05/2019 11:26:40]
AdwCleaner[S11].txt - [2416 octets] - [05/05/2019 13:05:46]
AdwCleaner[S12].txt - [3018 octets] - [05/05/2019 13:34:51]
AdwCleaner[S13].txt - [3079 octets] - [05/05/2019 13:41:05]
AdwCleaner[S14].txt - [3140 octets] - [05/05/2019 22:05:41]
AdwCleaner[C14].txt - [3196 octets] - [05/05/2019 22:13:13]
AdwCleaner[S15].txt - [2721 octets] - [05/05/2019 22:16:23]
AdwCleaner[C15].txt - [2907 octets] - [05/05/2019 22:16:43]
AdwCleaner[S16].txt - [2860 octets] - [06/05/2019 18:41:41]
AdwCleaner[C16].txt - [3026 octets] - [06/05/2019 18:41:57]
AdwCleaner[S17].txt - [2965 octets] - [06/05/2019 18:51:32]
AdwCleaner[S18].txt - [3026 octets] - [06/05/2019 18:52:04]
AdwCleaner[C18].txt - [3212 octets] - [06/05/2019 18:53:09]
AdwCleaner[S19].txt - [3148 octets] - [06/05/2019 18:59:16]
AdwCleaner[S20].txt - [3209 octets] - [06/05/2019 21:24:40]
AdwCleaner[S21].txt - [3270 octets] - [07/05/2019 08:32:41]
AdwCleaner[S22].txt - [3331 octets] - [07/05/2019 08:50:16]
AdwCleaner[S23].txt - [3392 octets] - [07/05/2019 09:36:50]
AdwCleaner[S24].txt - [3453 octets] - [07/05/2019 18:25:44]
AdwCleaner[S25].txt - [3514 octets] - [07/05/2019 20:09:05]
AdwCleaner[C25].txt - [3700 octets] - [07/05/2019 20:09:16]
AdwCleaner[S26].txt - [3636 octets] - [07/05/2019 20:15:34]
AdwCleaner[C26].txt - [3822 octets] - [07/05/2019 20:16:36]
AdwCleaner[S27].txt - [3758 octets] - [07/05/2019 21:08:38]
AdwCleaner[S28].txt - [3836 octets] - [08/05/2019 00:24:27]
AdwCleaner[C28].txt - [4002 octets] - [08/05/2019 00:24:45]
AdwCleaner[S29].txt - [3958 octets] - [11/05/2019 10:39:47]
AdwCleaner[C29].txt - [4124 octets] - [11/05/2019 10:40:02]
AdwCleaner[S30].txt - [4063 octets] - [11/05/2019 10:44:54]
AdwCleaner[S31].txt - [4124 octets] - [12/05/2019 01:01:28]
AdwCleaner[S32].txt - [4202 octets] - [14/05/2019 12:31:23]
AdwCleaner[C32].txt - [4368 octets] - [14/05/2019 12:31:36]
AdwCleaner[S33].txt - [4307 octets] - [14/05/2019 12:33:52]
AdwCleaner[C33].txt - [4493 octets] - [14/05/2019 12:34:04]
AdwCleaner[S34].txt - [4429 octets] - [14/05/2019 12:49:55]
AdwCleaner[S35].txt - [4490 octets] - [14/05/2019 18:02:11]
AdwCleaner[S36].txt - [4551 octets] - [14/05/2019 20:02:09]
AdwCleaner[S37].txt - [4629 octets] - [15/05/2019 00:09:26]
AdwCleaner[C37].txt - [4795 octets] - [15/05/2019 00:09:56]
AdwCleaner[S38].txt - [4734 octets] - [15/05/2019 08:12:00]
AdwCleaner[S39].txt - [4795 octets] - [15/05/2019 08:23:43]
AdwCleaner[S40].txt - [4856 octets] - [15/05/2019 14:30:53]
AdwCleaner[S41].txt - [4934 octets] - [16/05/2019 09:46:45]
AdwCleaner[C41].txt - [5100 octets] - [16/05/2019 09:47:18]
AdwCleaner[S42].txt - [5039 octets] - [16/05/2019 09:51:05]
AdwCleaner[C42].txt - [5225 octets] - [16/05/2019 09:51:12]
AdwCleaner[S43].txt - [5161 octets] - [16/05/2019 09:54:20]
AdwCleaner[S44].txt - [5222 octets] - [16/05/2019 10:04:11]
AdwCleaner[S45].txt - [5283 octets] - [16/05/2019 10:24:49]
AdwCleaner[C45].txt - [5469 octets] - [16/05/2019 10:24:53]
AdwCleaner[S46].txt - [5405 octets] - [16/05/2019 10:27:23]
AdwCleaner[S47].txt - [5466 octets] - [16/05/2019 13:50:03]
AdwCleaner[S48].txt - [5527 octets] - [16/05/2019 15:28:50]
AdwCleaner[S49].txt - [5605 octets] - [17/05/2019 10:10:02]
AdwCleaner[C49].txt - [5771 octets] - [17/05/2019 10:10:49]
AdwCleaner[S50].txt - [5710 octets] - [17/05/2019 10:14:21]
AdwCleaner[S51].txt - [5771 octets] - [17/05/2019 10:16:17]
AdwCleaner[S52].txt - [6643 octets] - [18/05/2019 21:22:04]
AdwCleaner[C52].txt - [6701 octets] - [18/05/2019 21:22:28]
AdwCleaner[S53].txt - [5954 octets] - [18/05/2019 21:28:02]
AdwCleaner[S54].txt - [6032 octets] - [19/05/2019 01:04:40]
AdwCleaner[C54].txt - [6198 octets] - [19/05/2019 01:05:37]
AdwCleaner[S55].txt - [6948 octets] - [20/05/2019 09:22:05]
AdwCleaner[C55].txt - [7006 octets] - [20/05/2019 09:22:24]
AdwCleaner[S56].txt - [6259 octets] - [20/05/2019 09:29:05]
AdwCleaner[S57].txt - [7076 octets] - [20/05/2019 10:21:16]
AdwCleaner[C57].txt - [7152 octets] - [20/05/2019 11:01:00]
AdwCleaner[S58].txt - [6442 octets] - [20/05/2019 11:05:44]
AdwCleaner[S59].txt - [6503 octets] - [20/05/2019 11:46:01]
AdwCleaner[S60].txt - [6564 octets] - [20/05/2019 11:58:24]
AdwCleaner[S61].txt - [6625 octets] - [20/05/2019 12:51:33]
AdwCleaner[S62].txt - [7442 octets] - [20/05/2019 20:00:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C62].txt ##########
  • Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

  • En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05.2019
Ran by DI3GO (administrator) on DI3GO-PC (Gigabyte Technology Co., Ltd. H81M-H) (21-05-2019 10:08:01)
Running from C:\Users\DI3GO\Desktop
Loaded Profiles: DI3GO (Available Profiles: DI3GO)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-652934076-137026013-63333771-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9198512 2019-04-10] (Support.com, Inc. -> SUPERAntiSpyware)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.l3codecp] => C:\Windows\system32\l3codecp.acm [182272 2009-07-13] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.l3codecp] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-13] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.81\Installer\chrmstp.exe [2018-09-04] (Google Inc -> Google Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E2889DA-62D4-4C81-B58E-391257DC97A0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1C800223-4903-417C-91A3-E3AC4B0A5025} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {2BC40426-9DF2-47EA-AE9A-35DA3EB0965F} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648 2017-04-14] () [File not signed]
Task: {4225291B-6CC3-4813-9045-15A3EC8B631F} - System32\Tasks\AdobeGCInvoker-1.0-DI3GO-PC-DI3GO => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {498DE932-BF18-4AFB-A333-CBF30FE8DC1D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {57AFD438-F869-4109-9BBA-482EA5BDFBFA} - System32\Tasks\{B807970E-6BD4-486A-BD61-710B709312C4} => C:\Windows\system32\pcalua.exe -a "H:\PROGRAMAS\Cool Edit Pro\Registration.exe" -d "H:\PROGRAMAS\Cool Edit Pro"
Task: {5A734A97-6EDE-462E-A9EE-8304E6C58E4B} - System32\Tasks\SafeZone scheduled Autoupdate 1492370845 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [1057824 2017-08-04] (AVAST Software s.r.o. -> Avast Software)
Task: {630E9C5D-1EB4-4181-84DD-0ED548D1EAA7} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [459576 2014-06-16] (AVG Netherlands B.V. -> TuneUp Software)
Task: {6D3058AD-C777-4BDB-AF9C-DBDBB879EE7C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6DC7A51A-1B75-428D-9FE1-09E232E578B1} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2925960 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
Task: {78E3E865-9B62-4BE0-B95E-316F1F3F877D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {7AD42B17-88BB-4C37-ACF3-1B6B65E055C3} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {7BFFA0E7-75C4-491F-811F-A9E1E2FC46E6} - System32\Tasks\{5DA3A399-FBC4-4F23-B9A7-AC113C3D1785} => C:\Program Files (x86)\VideoLAN\VLC\vlc.exe [137152 2016-06-01] (VideoLAN -> VideoLAN)
Task: {9A4E039A-7DD2-45C6-B4D4-552BB18B7D06} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {9BB9A140-3538-4C14-9507-31E13491D9D8} - System32\Tasks\AdobeAAMUpdater-1.0-DI3GO-PC-DI3GO => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {A45C9A00-4193-4109-841B-37D34C39B41F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {B90D42F7-AFC5-4C72-B0C8-0E27BFB41467} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {C860A5F8-8E2F-4409-8B5B-75191B7844FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {D106008D-A2EA-4C76-A6FA-7DFBFBBE2190} - System32\Tasks\{3891CDAB-F512-4D73-9719-D876B8830EE8} => C:\Windows\system32\pcalua.exe -a C:\PROGTRABAJO\CoolPro\cep2reg.exe -d C:\PROGTRABAJO\CoolPro
Task: {EAB9A7F9-6C3A-4CA6-86E1-8D0323B8F42A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC2B9705-F97E-4555-BFF1-C71405A028AA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {FB5C9B47-4CA4-43C9-8F67-07181F7DEB0D} - System32\Tasks\{188088C9-8AE9-4475-A02F-9971CA54F588} => C:\Windows\system32\pcalua.exe -a C:\COSAS\BleachBit-Portable\bleachbit_console.exe -d C:\COSAS\BleachBit-Portable

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-652934076-137026013-63333771-1000] => localhost:8080
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{20E331B7-3CAE-49B4-8F3B-C957C0852AFF}: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{3495421A-A9ED-49C6-BE69-4FC0E3843B0C}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DA120F5D-DA6B-455B-892F-8AC4BB05006F}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-652934076-137026013-63333771-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-ar/?ocid=iehp
HKU\S-1-5-21-652934076-137026013-63333771-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKU\S-1-5-21-652934076-137026013-63333771-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-652934076-137026013-63333771-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: eivmyjng.default
FF ProfilePath: C:\Users\DI3GO\AppData\Roaming\Mozilla\Firefox\Profiles\eivmyjng.default [2019-05-21]
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\DI3GO\AppData\Roaming\Mozilla\Firefox\Profiles\eivmyjng.default\Extensions\[email protected] [2019-05-15]
FF Extension: (Al traductor de Google) - C:\Users\DI3GO\AppData\Roaming\Mozilla\Firefox\Profiles\eivmyjng.default\Extensions\[email protected] [2019-05-15]
FF Extension: (uBlock Origin) - C:\Users\DI3GO\AppData\Roaming\Mozilla\Firefox\Profiles\eivmyjng.default\Extensions\[email protected] [2019-05-14]
FF Extension: (Undo Close Tab Button) - C:\Users\DI3GO\AppData\Roaming\Mozilla\Firefox\Profiles\eivmyjng.default\Extensions\[email protected] [2019-05-14]
FF Extension: (Zoom Image) - C:\Users\DI3GO\AppData\Roaming\Mozilla\Firefox\Profiles\eivmyjng.default\Extensions\{b14f4076-e80d-4baa-8c7d-8c65dfd2519c}.xpi [2019-05-14]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com.ar/webhp?tab=ww&ei=NHvyWJO5IImKwgTC-IfIAQ&ved=0EKkuCAIoAQ
CHR StartupUrls: Default -> "hxxps://www.google.com.ar/webhp?tab=ww&ei=NHvyWJO5IImKwgTC-IfIAQ&ved=0EKkuCAIoAQ"
CHR Profile: C:\Users\DI3GO\AppData\Local\Google\Chrome\User Data\Default [2019-05-21]
CHR Extension: (Presentaciones) - C:\Users\DI3GO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-22]
CHR Extension: (Documentos) - C:\Users\DI3GO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-22]
CHR Extension: (Google Drive) - C:\Users\DI3GO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-15]
CHR Extension: (YouTube) - C:\Users\DI3GO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-15]
CHR Extension: (uBlock Origin) - C:\Users\DI3GO\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-05-07]
CHR Extension: (Adobe Acrobat) - C:\Users\DI3GO\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-16]
CHR Extension: (Hojas de cálculo) - C:\Users\DI3GO\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-22]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\DI3GO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-04]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\DI3GO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-09]
CHR Extension: (Gmail) - C:\Users\DI3GO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-05]
CHR Extension: (Chrome Media Router) - C:\Users\DI3GO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-04]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344184 2017-07-10] (Intel Corporation - pGFX -> Intel Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1069248 2014-02-06] (@ByELDI -> ) [File not signed]
S3 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
S4 TuneUp.Defrag; C:\Windows\System32\TuneUpDefragService.exe [505600 2017-07-09] (TuneUp Software GmbH -> TuneUp Software)
S3 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-06-16] (AVG Netherlands B.V. -> TuneUp Software)
S3 UxTuneUp; C:\Windows\System32\uxtuneup.dll [43320 2014-06-16] (AVG Netherlands B.V. -> TuneUp Software)
S3 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [36152 2014-06-16] (AVG Netherlands B.V. -> TuneUp Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 272D2D2F; C:\Windows\System32\drivers\272D2D2F.sys [478392 2019-05-16] (Kaspersky Lab -> Kaspersky Lab ZAO)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205400 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [254128 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196000 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320624 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [57888 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [257832 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166848 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88160 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1031000 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [476776 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [220640 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [53904 2017-04-15] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385848 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2017-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [6182400 2009-10-02] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
S3 BCMH43XX; C:\Windows\System32\DRIVERS\bcmwlhigh664.sys [789496 2009-05-05] (Broadcom Corporation -> Broadcom Corporation)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [58368 2017-04-15] (Microsoft Windows Hardware Compatibility Publisher -> GenesysLogic)
R3 gKbdfltr; C:\Windows\System32\DRIVERS\gKbdfltr.sys [26560 2017-07-20] (KYE SYSTEMS CORP. -> )
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31728 2017-04-15] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ioFakDrv; C:\Windows\System32\DRIVERS\ioFakDrv.sys [35928 2017-07-20] (KYE Systems Corp -> KYE System Corp.)
R3 ioFakMap; C:\Windows\System32\DRIVERS\ioFakMap.sys [24664 2017-07-20] (KYE Systems Corp -> KYE System Corp.)
S3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [200752 2017-08-07] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [41512 2018-01-11] (Intel Corporation -> )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2017-04-15] () [File not signed]
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-03-26] (AVG Technologies CZ, s.r.o. -> TuneUp Software)
U3 a1xix7nx; C:\Windows\System32\Drivers\a1xix7nx.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 cpuz140; \??\C:\Users\DI3GO\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-21 10:08 - 2019-05-21 10:09 - 000024915 _____ C:\Users\DI3GO\Desktop\FRST.txt
2019-05-21 10:07 - 2019-05-21 10:08 - 000000000 ____D C:\FRST
2019-05-21 10:05 - 2019-05-21 10:05 - 002435072 _____ (Farbar) C:\Users\DI3GO\Desktop\FRST64.exe
2019-05-20 21:42 - 2019-05-20 21:42 - 000000085 _____ C:\Windows\wininit.ini
2019-05-20 15:42 - 2019-05-21 00:50 - 000003458 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-DI3GO-PC-DI3GO
2019-05-20 11:58 - 2019-05-20 20:04 - 000007518 _____ C:\Users\DI3GO\Desktop\AdwCleaner[S60].txt
2019-05-20 11:57 - 2019-05-20 19:59 - 000001540 _____ C:\Users\DI3GO\Desktop\Malwarebytes.txt
2019-05-20 11:36 - 2019-05-20 11:52 - 000002016 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-05-20 11:36 - 2019-05-20 11:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-05-20 11:36 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-05-20 11:34 - 2019-05-20 11:34 - 063389768 _____ (Malwarebytes ) C:\Users\DI3GO\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.586-1.0.10666.exe
2019-05-18 10:59 - 2019-05-18 11:00 - 000000000 ___SD C:\ComboFix
2019-05-18 10:59 - 2019-05-18 10:59 - 000000000 ____D C:\Qoobox
2019-05-18 10:59 - 2011-06-26 03:45 - 000256000 _____ C:\Windows\PEV.exe
2019-05-18 10:59 - 2010-11-07 14:20 - 000208896 _____ C:\Windows\MBR.exe
2019-05-18 10:59 - 2009-04-20 01:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2019-05-18 10:59 - 2000-08-30 21:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2019-05-18 10:59 - 2000-08-30 21:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2019-05-18 10:59 - 2000-08-30 21:00 - 000098816 _____ C:\Windows\sed.exe
2019-05-18 10:59 - 2000-08-30 21:00 - 000080412 _____ C:\Windows\grep.exe
2019-05-18 10:59 - 2000-08-30 21:00 - 000068096 _____ C:\Windows\zip.exe
2019-05-17 17:15 - 2019-05-18 10:53 - 000002772 _____ C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2019-05-17 10:47 - 2018-12-20 17:40 - 000001472 _____ C:\Windows\system32\Drivers\etc\hosts.20190517-104714.backup
2019-05-17 10:39 - 2019-05-18 10:58 - 005660510 ____R (Swearware) C:\Users\DI3GO\Downloads\ComboFix.exe
2019-05-17 10:37 - 2019-05-17 10:39 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\DI3GO\Downloads\spybotsd-2.7.64.0.exe
2019-05-17 10:37 - 2019-05-17 10:37 - 044829216 _____ (Microsoft Corporation) C:\Users\DI3GO\Downloads\Windows-KB890830-x64-V5.72.exe
2019-05-17 10:20 - 2019-05-20 08:43 - 000000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2019-05-17 10:18 - 2019-05-17 10:18 - 002011144 _____ (Malwarebytes ) C:\Users\DI3GO\Downloads\mbae-setup-1.13.1.63.exe
2019-05-16 16:39 - 2019-05-16 16:39 - 000000492 _____ C:\TDSSKiller.3.1.0.26_16.05.2019_16.39.37_log.txt
2019-05-16 16:38 - 2019-05-16 16:38 - 000478392 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\272D2D2F.sys
2019-05-15 08:26 - 2019-05-15 08:26 - 021315608 _____ (Piriform Software Ltd) C:\Users\DI3GO\Downloads\ccsetup557.exe
2019-05-14 14:43 - 2019-05-21 10:04 - 000000000 ____D C:\Users\DI3GO\AppData\LocalLow\Mozilla
2019-05-14 14:43 - 2019-05-14 14:43 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-05-14 14:43 - 2019-05-14 14:43 - 000000924 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-05-14 14:43 - 2019-05-14 14:43 - 000000000 ____D C:\Users\DI3GO\AppData\Roaming\Mozilla
2019-05-14 14:43 - 2019-05-14 14:43 - 000000000 ____D C:\Users\DI3GO\AppData\Local\Mozilla
2019-05-14 14:43 - 2019-05-14 14:43 - 000000000 ____D C:\ProgramData\Mozilla
2019-05-14 14:43 - 2019-05-14 14:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-05-14 14:42 - 2019-05-21 10:04 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-05-09 13:42 - 2019-05-09 13:42 - 021254208 _____ (Piriform Software Ltd) C:\Users\DI3GO\Downloads\ccsetup556.exe
2019-05-08 17:23 - 2019-05-08 17:25 - 000000000 ____D C:\Users\DI3GO\Desktop\wysywyg
2019-05-05 13:34 - 2019-05-05 13:34 - 007025360 _____ (Malwarebytes) C:\Users\DI3GO\Desktop\adwcleaner_7.3.exe
2019-05-05 13:23 - 2019-04-24 20:57 - 000362888 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-05-05 10:24 - 2019-05-17 10:41 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2019-05-05 10:23 - 2019-05-20 21:44 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-05-05 10:23 - 2019-05-18 11:12 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2019-05-01 12:41 - 2019-05-01 12:44 - 000000000 ____D C:\AdwCleaner
2019-04-29 09:29 - 2019-05-04 11:14 - 000000000 ____D C:\Users\DI3GO\AppData\Local\Downloaded Installations
2019-04-29 09:29 - 2019-04-29 09:29 - 000000000 ____D C:\ProgramData\Apple
2019-04-25 15:42 - 2019-05-05 11:19 - 000000000 ____D C:\Users\DI3GO\AppData\LocalLow\Perfect Parallel
2019-04-25 15:42 - 2019-04-25 15:42 - 000000000 ____D C:\Users\DI3GO\Documents\SkidRow
2019-04-25 15:42 - 2019-04-25 15:42 - 000000000 ____D C:\Users\DI3GO\AppData\LocalLow\Unity
2019-04-24 21:17 - 2019-04-24 21:17 - 000285232 _____ (Mozilla) C:\Users\DI3GO\Downloads\Firefox Installer.es-AR.exe
2019-04-23 17:54 - 2019-04-23 17:54 - 000000512 _____ C:\Users\DI3GO\Documents\salvo abril 2019.reg
2019-04-23 17:45 - 2019-04-23 18:30 - 000000000 ____D C:\Users\DI3GO\Desktop\AFICHES

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-21 10:00 - 2017-04-15 19:47 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-05-21 09:59 - 2018-09-06 09:40 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-05-21 09:51 - 2017-04-15 19:08 - 000000000 __SHD C:\Users\DI3GO\IntelGraphicsProfiles
2019-05-21 09:50 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-21 02:25 - 2009-07-14 01:45 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-21 02:25 - 2009-07-14 01:45 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-21 02:25 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2019-05-20 23:35 - 2017-04-16 17:35 - 000000000 ____D C:\Users\DI3GO\AppData\Roaming\vlc
2019-05-20 21:48 - 2019-02-24 13:42 - 000000000 ____D C:\Users\DI3GO\AppData\LocalLow\uTorrent
2019-05-20 21:48 - 2017-04-16 17:12 - 000000000 ____D C:\Users\DI3GO\AppData\Roaming\uTorrent
2019-05-20 21:47 - 2017-04-18 08:25 - 000000000 ____D C:\Users\DI3GO\Documents\CClean
2019-05-20 20:05 - 2017-05-25 02:23 - 000000000 ____D C:\Users\DI3GO\AppData\Local\CrashDumps
2019-05-20 19:34 - 2017-04-16 19:31 - 000000000 ____D C:\Users\DI3GO\AppData\Roaming\Spotify
2019-05-20 19:20 - 2017-04-16 19:32 - 000000000 ____D C:\Users\DI3GO\AppData\Local\Spotify
2019-05-20 12:57 - 2009-07-13 23:34 - 000455310 ____R C:\Windows\system32\Drivers\etc\hosts.20190520-214029.backup
2019-05-20 12:00 - 2019-01-17 11:21 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2019-05-20 11:36 - 2019-01-17 11:22 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-05-20 09:31 - 2009-07-13 23:34 - 000455310 ____R C:\Windows\system32\Drivers\etc\hosts.20190520-125700.backup
2019-05-20 08:47 - 2017-06-15 12:01 - 000000034 _____ C:\Users\DI3GO\AppData\Roaming\AdobeWLCMCache.dat
2019-05-19 18:22 - 2018-11-29 09:22 - 000000000 _____ C:\Windows\system32\last.dump
2019-05-19 14:42 - 2017-04-18 12:37 - 000000000 ____D C:\Users\DI3GO\AppData\Local\ElevatedDiagnostics
2019-05-19 09:29 - 2009-07-13 23:34 - 000455310 ____R C:\Windows\system32\Drivers\etc\hosts.20190520-093149.backup
2019-05-18 11:12 - 2009-07-13 23:34 - 000455310 ____R C:\Windows\system32\Drivers\etc\hosts.20190519-092912.backup
2019-05-17 13:18 - 2017-06-21 20:06 - 000001456 _____ C:\Users\DI3GO\AppData\Local\Adobe Save for Web 13.0 Prefs
2019-05-17 12:58 - 2019-04-18 19:05 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2019-05-17 12:58 - 2019-04-18 19:05 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2019-05-17 12:15 - 2017-07-19 08:54 - 000000000 ____D C:\COSAS
2019-05-17 11:55 - 2017-04-16 19:32 - 000001805 _____ C:\Users\DI3GO\Desktop\Spotify.lnk
2019-05-17 11:55 - 2017-04-16 19:32 - 000001791 _____ C:\Users\DI3GO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2019-05-17 10:47 - 2009-07-13 23:34 - 000455310 ____R C:\Windows\system32\Drivers\etc\hosts.20190518-111200.backup
2019-05-16 16:48 - 2019-01-18 10:17 - 000000280 _____ C:\VundoFix.txt
2019-05-16 14:06 - 2017-04-15 16:52 - 000000000 ____D C:\Program Files (x86)\Google
2019-05-16 09:15 - 2017-09-23 12:38 - 000002792 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-05-15 08:27 - 2019-03-19 09:33 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-05-14 19:49 - 2017-04-16 19:31 - 000911688 _____ (Spotify Ltd) C:\Users\DI3GO\Downloads\SpotifySetup.exe
2019-05-13 10:04 - 2017-04-17 13:51 - 000000000 ____D C:\PROGTRABAJO
2019-05-11 09:47 - 2018-09-06 09:31 - 006961728 _____ C:\Windows\system32\FNTCACHE.DAT
2019-05-06 13:46 - 2017-04-16 17:23 - 000000000 ____D C:\Users\DI3GO\AppData\Roaming\tor
2019-05-05 22:22 - 2017-04-17 14:11 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-05-05 22:22 - 2017-04-17 14:11 - 000000000 ____D C:\Windows\system32\Macromed
2019-05-05 22:07 - 2018-09-06 11:41 - 000570936 _____ C:\Users\DI3GO\AppData\Local\GDIPFONTCACHEV1.DAT
2019-05-05 13:23 - 2017-04-15 19:34 - 000000000 ____D C:\ProgramData\AVAST Software
2019-05-05 13:19 - 2017-04-15 16:22 - 000000000 ____D C:\Users\DI3GO
2019-05-05 13:17 - 2019-04-19 12:33 - 000000000 ____D C:\Users\DI3GO\AppData\Roaming\Voralent
2019-05-05 13:17 - 2019-01-17 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2019-05-05 13:17 - 2018-12-19 09:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-05-05 13:17 - 2018-10-06 11:17 - 000000000 ____D C:\Windows\erdnt
2019-05-05 13:17 - 2017-09-23 00:06 - 000000000 ____D C:\Program Files\CCleaner
2019-05-05 13:17 - 2017-04-16 17:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2019-05-05 13:17 - 2017-04-16 17:42 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2019-05-05 13:17 - 2017-04-16 16:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-05-05 13:17 - 2017-04-15 19:47 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-05-05 13:17 - 2017-04-15 19:43 - 000000000 ____D C:\Program Files\AVAST Software
2019-05-05 13:17 - 2017-04-15 17:31 - 000000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2019-05-05 13:17 - 2009-07-14 02:09 - 000000000 ____D C:\Windows\System32\Tasks\WPD
2019-05-05 13:17 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\system32\Msdtc
2019-05-05 13:17 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\registration
2019-05-05 13:17 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\AppCompat
2019-05-05 13:16 - 2017-04-17 12:10 - 000000000 ____D C:\Users\DI3GO\AppData\Local\Adobe
2019-05-05 13:14 - 2017-04-15 17:30 - 000000000 __RHD C:\MSOCache
2019-05-04 21:26 - 2018-02-17 18:19 - 000000000 ____D C:\Users\DI3GO\AppData\Roaming\MPC-HC
2019-04-29 17:49 - 2018-10-13 12:48 - 000000000 ____D C:\Users\DI3GO\Desktop\PDFs
2019-04-29 09:50 - 2018-01-19 20:47 - 000000000 ____D C:\Users\DI3GO\AppData\Local\ACD Systems
2019-04-29 09:50 - 2018-01-19 20:46 - 000000000 ____D C:\Program Files\Common Files\ACD Systems
2019-04-28 19:14 - 2019-01-11 20:48 - 000000000 ____D C:\PELLI
2019-04-25 09:16 - 2018-07-17 11:59 - 000000000 ____D C:\Users\DI3GO\AppData\Local\AVAST Software
2019-04-24 20:58 - 2019-04-12 13:06 - 000000077 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2019-04-24 20:58 - 2019-02-19 14:09 - 000257832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-04-24 20:58 - 2017-04-16 16:27 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-04-24 20:58 - 2017-04-15 19:47 - 000476776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-04-24 20:58 - 2017-04-15 19:47 - 000385848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-04-24 20:58 - 2017-04-15 19:47 - 000220640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-04-24 20:58 - 2017-04-15 19:47 - 000166848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-04-24 20:58 - 2017-04-15 19:47 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-04-24 20:58 - 2017-04-15 19:47 - 000088160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-04-24 20:57 - 2019-01-18 10:52 - 000254128 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-04-24 20:57 - 2019-01-17 12:07 - 000320624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-04-24 20:57 - 2019-01-17 12:07 - 000196000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-04-24 20:57 - 2019-01-17 12:07 - 000057888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-04-24 20:57 - 2019-01-17 12:07 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-04-24 20:57 - 2017-11-17 15:47 - 000205400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-04-24 20:57 - 2017-04-15 19:47 - 001031000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-04-24 20:56 - 2009-07-14 02:08 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-04-23 16:47 - 2017-04-16 17:34 - 000001062 _____ C:\Users\Public\Desktop\VLC.lnk
2019-04-22 15:13 - 2019-04-19 13:19 - 000002954 _____ C:\Windows\System32\Tasks\{5DA3A399-FBC4-4F23-B9A7-AC113C3D1785}
2019-04-22 00:24 - 2018-10-23 00:46 - 000000743 _____ C:\Users\DI3GO\Desktop\tor.exe.lnk

==================== Files in the root of some directories =======

2017-06-15 12:01 - 2019-05-20 08:47 - 000000034 _____ () C:\Users\DI3GO\AppData\Roaming\AdobeWLCMCache.dat
2019-04-11 14:08 - 2019-04-13 10:17 - 000008419 _____ () C:\Users\DI3GO\AppData\Roaming\PStrip.bak
2019-04-11 14:08 - 2019-04-11 14:10 - 000008419 _____ () C:\Users\DI3GO\AppData\Roaming\PStrip.bk!
2019-04-13 10:17 - 2019-04-11 14:08 - 000008361 _____ () C:\Users\DI3GO\AppData\Roaming\PStrip.bko
2019-04-11 13:47 - 2019-04-13 10:19 - 000008488 _____ () C:\Users\DI3GO\AppData\Roaming\PStrip.ini
2017-06-21 20:06 - 2019-05-17 13:18 - 000001456 _____ () C:\Users\DI3GO\AppData\Local\Adobe Save for Web 13.0 Prefs
2018-11-06 14:26 - 2018-11-06 14:26 - 000000000 _____ () C:\Users\DI3GO\AppData\Local\oobelibMkey.log
2017-07-23 10:16 - 2018-03-11 10:23 - 000007602 _____ () C:\Users\DI3GO\AppData\Local\resmon.resmoncfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\User32.dll
[2010-11-21 00:24] - [2017-04-15 18:57] - 001008640 _____ (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79

C:\Windows\SysWOW64\User32.dll
[2010-11-21 00:24] - [2017-04-15 18:57] - 000833024 _____ (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE


LastRegBack: 2019-05-13 12:08
==================== End of FRST.txt ============================
Y este el de addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05.2019
Ran by DI3GO (21-05-2019 10:09:26)
Running from C:\Users\DI3GO\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2017-04-15 19:22:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-652934076-137026013-63333771-500 - Administrator - Disabled)
DI3GO (S-1-5-21-652934076-137026013-63333771-1000 - Administrator - Enabled) => C:\Users\DI3GO
HomeGroupUser$ (S-1-5-21-652934076-137026013-63333771-1002 - Limited - Enabled)
Invitado (S-1-5-21-652934076-137026013-63333771-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-652934076-137026013-63333771-1000\...\uTorrent) (Version: 3.5.5.44994 - BitTorrent Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Master Collection CC 2015 (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C3}) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Muse CC 2017 (HKLM-x32\...\MUSE_2017_0_2) (Version: 2017.0.2.60 - Adobe Systems Incorporated)
Adobe Muse CC 2018 (HKLM-x32\...\MUSE_2018_0) (Version: 2018.0.0.685 - Adobe Systems Incorporated)
Adobe Scout CC (HKLM\...\{BA573BFE-83B4-11E3-93D2-D231FEB1DC81}) (Version: 1.1.3.354121 - Adobe Systems Incorporated) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.57 - Piriform)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version:  - Progdigy Software S.A.R.L.)
Cool Edit Pro 2.0 (HKLM-x32\...\Cool Edit Pro 2.0) (Version:  - )
Eines de correcció del Microsoft Office 2013: català (HKLM-x32\...\{90150000-001F-0403-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM-x32\...\{90150000-001F-0456-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
FileZilla Client 3.25.1 (HKLM-x32\...\FileZilla Client) (Version: 3.25.1 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.81 - Google Inc.)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Human Anatomy Atlas version 7.4.01 (HKLM-x32\...\{0DDE4272-3433-4C74-ADA6-72350805D612}_is1) (Version: 7.4.01 - Visible Body - m!DVT)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4578 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) USB 3.0\3.1 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 5.0.3.42 - Intel Corporation)
K-Lite Mega Codec Pack 14.8.8 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.8.8 - KLCP)
KMSpico v9.2.1 Beta (HKLM\...\KMSpico_is1) (Version: 9.2.1 Beta - )
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Mozilla Firefox 66.0.5 (x64 es-ES) (HKLM\...\Mozilla Firefox 66.0.5 (x64 es-ES)) (Version: 66.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.5 - Mozilla)
Mozilla Thunderbird 52.3.0 (x86 es-AR) (HKLM-x32\...\Mozilla Thunderbird 52.3.0 (x86 es-AR)) (Version: 52.3.0 - Mozilla)
NEF Codec (HKLM-x32\...\{D6506521-0959-4FA3-875F-E2E28830B0D2}) (Version: 1.30.0 - Nikon Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (HKLM\...\Microsoft .NET Framework 4 Client Profile ESN Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Paquete de idioma de Microsoft .NET Framework 4 Extended ESN (HKLM\...\Microsoft .NET Framework 4 Extended ESN Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.99.311.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8098 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM-x32\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2817430) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Spotify (HKU\S-1-5-21-652934076-137026013-63333771-1000\...\Spotify) (Version: 1.1.7.13766.gf9dc3904 - Spotify AB)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1026 - SUPERAntiSpyware.com)
TuneUp Utilities 2014 (es-MX) (HKLM-x32\...\{460EA1C5-B71F-4DEA-99C1-A82016ADECD2}) (Version: 14.0.1000.296 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}) (Version: 14.0.1000.324 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.324 - TuneUp Software)
Vegas Pro 13.0 (64-bit) (HKLM\...\{204DC300-0BC8-11E5-B87F-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-652934076-137026013-63333771-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-652934076-137026013-63333771-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\TuneUp Utilities 2014\SDShelEx-x64.dll [2014-06-16] (AVG Netherlands B.V. -> TuneUp Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AXShlEx.dll [2009-09-18] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2009-02-09] (Alcohol Soft Development Team) [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [TuneUp Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\TuneUp Utilities 2014\DseShExt-x64.dll [2014-06-16] (AVG Netherlands B.V. -> TuneUp Software)
ContextMenuHandlers4: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\TuneUp Utilities 2014\SDShelEx-x64.dll [2014-06-16] (AVG Netherlands B.V. -> TuneUp Software)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [DreamScene] -> {BE800AEB-A440-4B63-94CD-AA6B43647DF9} => C:\Windows\System32\DreamScene.dll [2018-04-13] (Microsoft Corporation -> Microsoft Corporation) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2017-07-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2018-04-13 12:16 - 2018-04-13 12:16 - 000275360 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\System32\DreamScene.dll
2010-11-21 00:24 - 2017-05-16 09:39 - 000014848 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\SLWGA.dll
2010-11-21 00:24 - 2017-04-15 18:57 - 001008640 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\USER32.dll
2010-11-21 00:24 - 2017-04-15 18:57 - 000833024 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\USER32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\272D2D2F.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\272D2D2F.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7941 more sites.

IE trusted site: HKU\S-1-5-21-652934076-137026013-63333771-1000\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-652934076-137026013-63333771-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-652934076-137026013-63333771-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-652934076-137026013-63333771-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-652934076-137026013-63333771-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-652934076-137026013-63333771-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-652934076-137026013-63333771-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-652934076-137026013-63333771-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-652934076-137026013-63333771-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-652934076-137026013-63333771-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-652934076-137026013-63333771-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-652934076-137026013-63333771-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-652934076-137026013-63333771-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-652934076-137026013-63333771-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-652934076-137026013-63333771-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-652934076-137026013-63333771-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-652934076-137026013-63333771-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-652934076-137026013-63333771-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-652934076-137026013-63333771-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-652934076-137026013-63333771-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-652934076-137026013-63333771-1000\...\123simsen.com -> www.123simsen.com

There are 7941 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:34 - 2019-05-20 21:40 - 000455310 ____R C:\Windows\system32\drivers\etc\hosts

127.0.0.1	uds.licenses.adobe.com
127.0.0.1	genuine.adobe.com
127.0.0.1	activate.adobe.com
127.0.0.1	practivate.adobe.com
127.0.0.1	ereg.adobe.com
127.0.0.1	activate.wip3.adobe.com
127.0.0.1	wip3.adobe.com
127.0.0.1	3dns-3.adobe.com
127.0.0.1	3dns-2.adobe.com
127.0.0.1	adobe-dns.adobe.com
127.0.0.1	adobe-dns-2.adobe.com
127.0.0.1	adobe-dns-3.adobe.com
127.0.0.1	ereg.wip3.adobe.com
127.0.0.1	activate-sea.adobe.com
127.0.0.1	wwis-dubc1-vip60.adobe.com
127.0.0.1	activate-sjc0.adobe.com
127.0.0.1	lmlicenses.wip4.adobe.com
127.0.0.1	lm.licenses.adobe.com
127.0.0.1	na1r.services.adobe.com
127.0.0.1	hlrcv.stage.adobe.com
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com

There are 15626 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-652934076-137026013-63333771-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 186.130.128.250 - 186.130.129.250
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeUpdateService => 3
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: TuneUp.Defrag => 3
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Avast Cleanup Premium.lnk => C:\Windows\pss\Avast Cleanup Premium.lnk.CommonStartup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Synchronizer => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: NeroFilterCheck => C:\Windows\SysWOW64\NeroCheck.exe                                                                                                                                                                                                                                        
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Spotify => "C:\Users\DI3GO\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\DI3GO\AppData\Roaming\Spotify\Spotify.exe --autostart

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{59FF9411-291F-4211-B2F7-E3E58E906175}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FBA2001E-205F-47EA-AFF4-76F818A477E1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D4E4B0A-1947-4FDB-86AD-D6A25AE99E68}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe (@ByELDI -> ) [File not signed]
FirewallRules: [{A816414C-7F85-4A6B-B233-99219D536847}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe (@ByELDI -> ) [File not signed]
FirewallRules: [{36EB160B-9B94-4F30-B3C8-355206C90686}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe (@ByELDI -> ) [File not signed]
FirewallRules: [{E979DC86-9091-463F-ABAD-3E7EE502EFB8}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe (@ByELDI -> ) [File not signed]
FirewallRules: [{850CBCC6-F717-4A37-AFC1-D6CB859B716F}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe (@ByELDI -> ) [File not signed]
FirewallRules: [{469F0711-95CC-4F81-B30A-365093CC54AA}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe (@ByELDI -> ) [File not signed]
FirewallRules: [{71826C6E-153C-4B7B-930C-5EEB6537EB34}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Edge Inspect CC\EdgeInspect.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
FirewallRules: [{FF4DE399-3EE8-4284-A033-57C063DDEA32}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609_0\SZBrowser.exe (AVAST Software s.r.o. -> Avast Software)
FirewallRules: [{E682B4A3-29B8-4D8D-99D7-B50BBDD9C586}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe (AVAST Software s.r.o. -> Avast Software)
FirewallRules: [TCP Query User{AC77ACCF-80F1-4CAB-A384-EDE5CD26EBD7}C:\users\di3go\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\di3go\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{0AD66FCA-6BD8-4997-811A-0B119ED8E281}C:\users\di3go\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\di3go\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{C82E5DE6-E954-4349-A75C-DBFB1C6E103A}C:\program files\adobe\adobe scout cc\scout.exe] => (Block) C:\program files\adobe\adobe scout cc\scout.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
FirewallRules: [UDP Query User{EE6DCD45-02DA-4212-9B7C-D12E78A268DF}C:\program files\adobe\adobe scout cc\scout.exe] => (Block) C:\program files\adobe\adobe scout cc\scout.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
FirewallRules: [{11A46639-AE26-49C1-98FD-49DB0B0864AB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [TCP Query User{E7B29874-D689-469A-A164-84B43889AED0}C:\program files\adobe\adobe muse cc 2017\muse.exe] => (Block) C:\program files\adobe\adobe muse cc 2017\muse.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
FirewallRules: [UDP Query User{D01AC63B-B8BD-48B0-8F14-CE216A6A7729}C:\program files\adobe\adobe muse cc 2017\muse.exe] => (Block) C:\program files\adobe\adobe muse cc 2017\muse.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
FirewallRules: [TCP Query User{B0913AD4-45EC-4C4C-9C8A-12DCAC574E2B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{407F4B02-6D4F-4C74-8E21-5D655872C968}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{506D5D51-DBC9-4D5F-9103-D73EE0B95EDB}C:\program files\adobe\adobe edge animate cc 2015\edgeanimate.exe] => (Block) C:\program files\adobe\adobe edge animate cc 2015\edgeanimate.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [UDP Query User{87E98A05-8224-49EC-A31A-1FC1CEA246B2}C:\program files\adobe\adobe edge animate cc 2015\edgeanimate.exe] => (Block) C:\program files\adobe\adobe edge animate cc 2015\edgeanimate.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{37F3E0C8-37BF-4971-8F87-5EF5FCB38E26}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5BCAF7C1-190D-470A-996B-4FE04B78C8F4}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{DDCD39CC-3CC8-489E-B92A-25C37DD3526F}C:\users\di3go\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\di3go\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{125101DA-1742-48A4-AAC3-144561FF848C}C:\users\di3go\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\di3go\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{9F019BA6-8367-4989-BCFE-CC8E166EF72C}C:\users\di3go\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\di3go\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{6BECBB31-5057-45AA-B537-F9A0669FCD48}C:\users\di3go\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\di3go\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

16-05-2019 10:17:38 JRT Pre-Junkware Removal
18-05-2019 10:59:51 ComboFix created restore point

==================== Faulty Device Manager Devices =============

Name: Intel(R) Management Engine Interface 
Description: Intel(R) Management Engine Interface 
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/21/2019 09:51:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (05/21/2019 09:50:58 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x80070005.

Error: (05/21/2019 01:35:36 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Error del Programador de activación de licencias (sppuinotify.dll) con el siguiente código:
0x80070005

Error: (05/21/2019 12:35:36 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Error del Programador de activación de licencias (sppuinotify.dll) con el siguiente código:
0x80070005

Error: (05/20/2019 11:35:22 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Error del Programador de activación de licencias (sppuinotify.dll) con el siguiente código:
0x80070005

Error: (05/20/2019 10:35:36 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Error del Programador de activación de licencias (sppuinotify.dll) con el siguiente código:
0x80070005

Error: (05/20/2019 09:50:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Service_KMS.exe, versión: 12.1.0.0, marca de tiempo: 0x52f3d085
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0x00000000
Desplazamiento de errores: 0x000007fe93f50565
Id. del proceso con errores: 0x364
Hora de inicio de la aplicación con errores: 0x01d50f6f28411e14
Ruta de acceso de la aplicación con errores: C:\Program Files\KMSpico\Service_KMS.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: 71c17f51-7b62-11e9-901b-74d435b3613b

Error: (05/20/2019 09:50:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.


System errors:
=============
Error: (05/21/2019 09:51:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Service KMSELDI se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (05/20/2019 10:35:36 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: No se puede iniciar un servidor DCOM: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} como /. Error 
"5"
al iniciar este comando:
C:\Windows\System32\slui.exe -Embedding

Error: (05/20/2019 09:50:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Service KMSELDI se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (05/20/2019 09:49:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Protección de software terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.

Error: (05/20/2019 09:49:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Presentation Foundation Font Cache 3.0.0.0 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

Error: (05/20/2019 09:49:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Office Software Protection Platform se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (05/20/2019 09:49:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) HD Graphics Control Panel Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (05/20/2019 09:44:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Service KMSELDI se terminó de manera inesperada. Esto ha sucedido 1 veces.


CodeIntegrity:
===================================

Date: 2019-05-20 21:40:12.170
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume5\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-05-20 21:40:12.123
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume5\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-05-20 21:31:25.510
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume5\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-05-20 21:31:25.494
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume5\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-05-20 20:02:44.086
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume5\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-05-20 19:26:04.478
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume5\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-05-20 19:26:04.464
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume5\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-05-20 19:26:04.452
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume5\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. F5 01/20/2014
Motherboard: Gigabyte Technology Co., Ltd. H81M-H
Processor: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Percentage of memory in use: 90%
Total physical RAM: 3988.75 MB
Available physical RAM: 397.16 MB
Total Virtual: 7975.7 MB
Available Virtual: 2488.64 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:760.65 GB) NTFS
Drive e: (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: () (Fixed) (Total:465.66 GB) (Free:216.98 GB) NTFS
Drive h: (HDD 2) (Fixed) (Total:465.76 GB) (Free:115.28 GB) NTFS

\\?\Volume{631178c3-2210-11e7-b84f-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 5EBFA627)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0ADD0ADD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

En tu escritorio tienes este archivo/carpeta…wysywyg…sabes que es??


Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKU\S-1-5-21-652934076-137026013-63333771-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKU\S-1-5-21-652934076-137026013-63333771-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
U3 a1xix7nx; C:\Windows\System32\Drivers\a1xix7nx.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 cpuz140; \??\C:\Users\DI3GO\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ATTENTION
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
DeleteKey:HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
DeleteKey:HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar. com
DeleteKey:HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop. com
DeleteKey:HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar. com
DeleteKey:HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop. com
DeleteKey:HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar. com


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)

  • Ejecutas Frst.exe.

  • Presionas el botón Fix y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el pc, realizando un nuevo analisis con Adwcleaner y me pegas el nuevo log

Hola Miguel wysywig es un software que tengo que instalar, la carpeta contiene archivos. La cree yo. Hago lo que me dices ahora, y te pego los resultados. Muchas gracias!!

Buenas de nuevo, la PC parace tranquila, pero el Adwcleaner sigue detectando. Te pego los dos informes: Fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 19-05.2019
Ran by DI3GO (22-05-2019 08:30:45) Run:1
Running from C:\Users\DI3GO\Desktop
Loaded Profiles: DI3GO (Available Profiles: DI3GO)
Boot Mode: Safe Mode (minimal)
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKU\S-1-5-21-652934076-137026013-63333771-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKU\S-1-5-21-652934076-137026013-63333771-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
U3 a1xix7nx; C:\Windows\System32\Drivers\a1xix7nx.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 cpuz140; \??\C:\Users\DI3GO\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ATTENTION
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
DeleteKey:HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
DeleteKey:HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar. com
DeleteKey:HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop. com
DeleteKey:HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar. com
DeleteKey:HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop. com
DeleteKey:HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar. com


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKU\S-1-5-21-652934076-137026013-63333771-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKU\S-1-5-21-652934076-137026013-63333771-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
a1xix7nx => service not found.
HKLM\System\CurrentControlSet\Services\cpuz140 => removed successfully
cpuz140 => service removed successfully
"CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"" => removed successfully
"BVTFilter" => removed successfully
"BVTConsumer" => removed successfully
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com => not found
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar. com => not found
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop. com => not found
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar. com => not found
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop. com => not found
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar. com => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-652934076-137026013-63333771-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer" => removed successfully
"HKU\S-1-5-21-652934076-137026013-63333771-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-652934076-137026013-63333771-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El catálogo Winsock se restableció correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.


========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= End of CMD: =========


========= netsh advfirewall reset =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows. Asegúrese de que el servicio se está ejecutando e intente la solicitud de nuevo.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows. Asegúrese de que el servicio se está ejecutando e intente la solicitud de nuevo.


========= End of CMD: =========


========= netsh int ipv4 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 119018435 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 4653056 B
Edge => 0 B
Chrome => 130651 B
Firefox => 25355473 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 65960 B
systemprofile32 => 84387 B
LocalService => 66496 B
NetworkService => 33058 B
DI3GO => 143103 B

RecycleBin => 0 B
EmptyTemp: => 142.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 08:30:57 ====

AdwCleaner (el previo a la limpieza)

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-04-03.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    05-22-2019
# Duration: 00:00:32
# OS:       Windows 7 Home Premium
# Scanned:  27198
# Detected: 1


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Conduit            HKCU\Software\Conduit

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1978 octets] - [01/05/2019 12:42:15]
AdwCleaner[C00].txt - [1998 octets] - [01/05/2019 12:44:43]
AdwCleaner[S01].txt - [1396 octets] - [03/05/2019 21:50:04]
AdwCleaner[C01].txt - [1562 octets] - [03/05/2019 21:50:25]
AdwCleaner[S02].txt - [1518 octets] - [04/05/2019 09:59:42]
AdwCleaner[C02].txt - [1684 octets] - [04/05/2019 10:00:24]
AdwCleaner[S03].txt - [1623 octets] - [04/05/2019 10:20:36]
AdwCleaner[S04].txt - [1684 octets] - [04/05/2019 11:08:08]
AdwCleaner[C04].txt - [1870 octets] - [04/05/2019 11:08:25]
AdwCleaner[S05].txt - [1823 octets] - [04/05/2019 21:25:11]
AdwCleaner[C05].txt - [1989 octets] - [04/05/2019 21:26:20]
AdwCleaner[S06].txt - [1945 octets] - [05/05/2019 10:10:38]
AdwCleaner[C06].txt - [2111 octets] - [05/05/2019 10:11:17]
AdwCleaner[S07].txt - [2806 octets] - [05/05/2019 10:34:44]
AdwCleaner[C07].txt - [2882 octets] - [05/05/2019 10:35:00]
AdwCleaner[S08].txt - [2172 octets] - [05/05/2019 10:38:18]
AdwCleaner[C08].txt - [2358 octets] - [05/05/2019 10:38:33]
AdwCleaner[S09].txt - [2294 octets] - [05/05/2019 10:43:25]
AdwCleaner[S10].txt - [2355 octets] - [05/05/2019 11:26:40]
AdwCleaner[S11].txt - [2416 octets] - [05/05/2019 13:05:46]
AdwCleaner[S12].txt - [3018 octets] - [05/05/2019 13:34:51]
AdwCleaner[S13].txt - [3079 octets] - [05/05/2019 13:41:05]
AdwCleaner[S14].txt - [3140 octets] - [05/05/2019 22:05:41]
AdwCleaner[C14].txt - [3196 octets] - [05/05/2019 22:13:13]
AdwCleaner[S15].txt - [2721 octets] - [05/05/2019 22:16:23]
AdwCleaner[C15].txt - [2907 octets] - [05/05/2019 22:16:43]
AdwCleaner[S16].txt - [2860 octets] - [06/05/2019 18:41:41]
AdwCleaner[C16].txt - [3026 octets] - [06/05/2019 18:41:57]
AdwCleaner[S17].txt - [2965 octets] - [06/05/2019 18:51:32]
AdwCleaner[S18].txt - [3026 octets] - [06/05/2019 18:52:04]
AdwCleaner[C18].txt - [3212 octets] - [06/05/2019 18:53:09]
AdwCleaner[S19].txt - [3148 octets] - [06/05/2019 18:59:16]
AdwCleaner[S20].txt - [3209 octets] - [06/05/2019 21:24:40]
AdwCleaner[S21].txt - [3270 octets] - [07/05/2019 08:32:41]
AdwCleaner[S22].txt - [3331 octets] - [07/05/2019 08:50:16]
AdwCleaner[S23].txt - [3392 octets] - [07/05/2019 09:36:50]
AdwCleaner[S24].txt - [3453 octets] - [07/05/2019 18:25:44]
AdwCleaner[S25].txt - [3514 octets] - [07/05/2019 20:09:05]
AdwCleaner[C25].txt - [3700 octets] - [07/05/2019 20:09:16]
AdwCleaner[S26].txt - [3636 octets] - [07/05/2019 20:15:34]
AdwCleaner[C26].txt - [3822 octets] - [07/05/2019 20:16:36]
AdwCleaner[S27].txt - [3758 octets] - [07/05/2019 21:08:38]
AdwCleaner[S28].txt - [3836 octets] - [08/05/2019 00:24:27]
AdwCleaner[C28].txt - [4002 octets] - [08/05/2019 00:24:45]
AdwCleaner[S29].txt - [3958 octets] - [11/05/2019 10:39:47]
AdwCleaner[C29].txt - [4124 octets] - [11/05/2019 10:40:02]
AdwCleaner[S30].txt - [4063 octets] - [11/05/2019 10:44:54]
AdwCleaner[S31].txt - [4124 octets] - [12/05/2019 01:01:28]
AdwCleaner[S32].txt - [4202 octets] - [14/05/2019 12:31:23]
AdwCleaner[C32].txt - [4368 octets] - [14/05/2019 12:31:36]
AdwCleaner[S33].txt - [4307 octets] - [14/05/2019 12:33:52]
AdwCleaner[C33].txt - [4493 octets] - [14/05/2019 12:34:04]
AdwCleaner[S34].txt - [4429 octets] - [14/05/2019 12:49:55]
AdwCleaner[S35].txt - [4490 octets] - [14/05/2019 18:02:11]
AdwCleaner[S36].txt - [4551 octets] - [14/05/2019 20:02:09]
AdwCleaner[S37].txt - [4629 octets] - [15/05/2019 00:09:26]
AdwCleaner[C37].txt - [4795 octets] - [15/05/2019 00:09:56]
AdwCleaner[S38].txt - [4734 octets] - [15/05/2019 08:12:00]
AdwCleaner[S39].txt - [4795 octets] - [15/05/2019 08:23:43]
AdwCleaner[S40].txt - [4856 octets] - [15/05/2019 14:30:53]
AdwCleaner[S41].txt - [4934 octets] - [16/05/2019 09:46:45]
AdwCleaner[C41].txt - [5100 octets] - [16/05/2019 09:47:18]
AdwCleaner[S42].txt - [5039 octets] - [16/05/2019 09:51:05]
AdwCleaner[C42].txt - [5225 octets] - [16/05/2019 09:51:12]
AdwCleaner[S43].txt - [5161 octets] - [16/05/2019 09:54:20]
AdwCleaner[S44].txt - [5222 octets] - [16/05/2019 10:04:11]
AdwCleaner[S45].txt - [5283 octets] - [16/05/2019 10:24:49]
AdwCleaner[C45].txt - [5469 octets] - [16/05/2019 10:24:53]
AdwCleaner[S46].txt - [5405 octets] - [16/05/2019 10:27:23]
AdwCleaner[S47].txt - [5466 octets] - [16/05/2019 13:50:03]
AdwCleaner[S48].txt - [5527 octets] - [16/05/2019 15:28:50]
AdwCleaner[S49].txt - [5605 octets] - [17/05/2019 10:10:02]
AdwCleaner[C49].txt - [5771 octets] - [17/05/2019 10:10:49]
AdwCleaner[S50].txt - [5710 octets] - [17/05/2019 10:14:21]
AdwCleaner[S51].txt - [5771 octets] - [17/05/2019 10:16:17]
AdwCleaner[S52].txt - [6643 octets] - [18/05/2019 21:22:04]
AdwCleaner[C52].txt - [6701 octets] - [18/05/2019 21:22:28]
AdwCleaner[S53].txt - [5954 octets] - [18/05/2019 21:28:02]
AdwCleaner[S54].txt - [6032 octets] - [19/05/2019 01:04:40]
AdwCleaner[C54].txt - [6198 octets] - [19/05/2019 01:05:37]
AdwCleaner[S55].txt - [6948 octets] - [20/05/2019 09:22:05]
AdwCleaner[C55].txt - [7006 octets] - [20/05/2019 09:22:24]
AdwCleaner[S56].txt - [6259 octets] - [20/05/2019 09:29:05]
AdwCleaner[S57].txt - [7076 octets] - [20/05/2019 10:21:16]
AdwCleaner[C57].txt - [7152 octets] - [20/05/2019 11:01:00]
AdwCleaner[S58].txt - [6442 octets] - [20/05/2019 11:05:44]
AdwCleaner[S59].txt - [6503 octets] - [20/05/2019 11:46:01]
AdwCleaner[S60].txt - [6564 octets] - [20/05/2019 11:58:24]
AdwCleaner[S61].txt - [6625 octets] - [20/05/2019 12:51:33]
AdwCleaner[S62].txt - [7442 octets] - [20/05/2019 20:00:57]
AdwCleaner[C62].txt - [7518 octets] - [20/05/2019 20:01:16]
AdwCleaner[S63].txt - [6808 octets] - [20/05/2019 21:36:40]
AdwCleaner[S64].txt - [7625 octets] - [20/05/2019 21:49:25]
AdwCleaner[C64].txt - [7701 octets] - [20/05/2019 21:49:30]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S65].txt ##########

Y este es el Log de luego de la limpieza…

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-04-03.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    05-22-2019
# Duration: 00:00:02
# OS:       Windows 7 Home Premium
# Cleaned:  1
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Conduit

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1978 octets] - [01/05/2019 12:42:15]
AdwCleaner[C00].txt - [1998 octets] - [01/05/2019 12:44:43]
AdwCleaner[S01].txt - [1396 octets] - [03/05/2019 21:50:04]
AdwCleaner[C01].txt - [1562 octets] - [03/05/2019 21:50:25]
AdwCleaner[S02].txt - [1518 octets] - [04/05/2019 09:59:42]
AdwCleaner[C02].txt - [1684 octets] - [04/05/2019 10:00:24]
AdwCleaner[S03].txt - [1623 octets] - [04/05/2019 10:20:36]
AdwCleaner[S04].txt - [1684 octets] - [04/05/2019 11:08:08]
AdwCleaner[C04].txt - [1870 octets] - [04/05/2019 11:08:25]
AdwCleaner[S05].txt - [1823 octets] - [04/05/2019 21:25:11]
AdwCleaner[C05].txt - [1989 octets] - [04/05/2019 21:26:20]
AdwCleaner[S06].txt - [1945 octets] - [05/05/2019 10:10:38]
AdwCleaner[C06].txt - [2111 octets] - [05/05/2019 10:11:17]
AdwCleaner[S07].txt - [2806 octets] - [05/05/2019 10:34:44]
AdwCleaner[C07].txt - [2882 octets] - [05/05/2019 10:35:00]
AdwCleaner[S08].txt - [2172 octets] - [05/05/2019 10:38:18]
AdwCleaner[C08].txt - [2358 octets] - [05/05/2019 10:38:33]
AdwCleaner[S09].txt - [2294 octets] - [05/05/2019 10:43:25]
AdwCleaner[S10].txt - [2355 octets] - [05/05/2019 11:26:40]
AdwCleaner[S11].txt - [2416 octets] - [05/05/2019 13:05:46]
AdwCleaner[S12].txt - [3018 octets] - [05/05/2019 13:34:51]
AdwCleaner[S13].txt - [3079 octets] - [05/05/2019 13:41:05]
AdwCleaner[S14].txt - [3140 octets] - [05/05/2019 22:05:41]
AdwCleaner[C14].txt - [3196 octets] - [05/05/2019 22:13:13]
AdwCleaner[S15].txt - [2721 octets] - [05/05/2019 22:16:23]
AdwCleaner[C15].txt - [2907 octets] - [05/05/2019 22:16:43]
AdwCleaner[S16].txt - [2860 octets] - [06/05/2019 18:41:41]
AdwCleaner[C16].txt - [3026 octets] - [06/05/2019 18:41:57]
AdwCleaner[S17].txt - [2965 octets] - [06/05/2019 18:51:32]
AdwCleaner[S18].txt - [3026 octets] - [06/05/2019 18:52:04]
AdwCleaner[C18].txt - [3212 octets] - [06/05/2019 18:53:09]
AdwCleaner[S19].txt - [3148 octets] - [06/05/2019 18:59:16]
AdwCleaner[S20].txt - [3209 octets] - [06/05/2019 21:24:40]
AdwCleaner[S21].txt - [3270 octets] - [07/05/2019 08:32:41]
AdwCleaner[S22].txt - [3331 octets] - [07/05/2019 08:50:16]
AdwCleaner[S23].txt - [3392 octets] - [07/05/2019 09:36:50]
AdwCleaner[S24].txt - [3453 octets] - [07/05/2019 18:25:44]
AdwCleaner[S25].txt - [3514 octets] - [07/05/2019 20:09:05]
AdwCleaner[C25].txt - [3700 octets] - [07/05/2019 20:09:16]
AdwCleaner[S26].txt - [3636 octets] - [07/05/2019 20:15:34]
AdwCleaner[C26].txt - [3822 octets] - [07/05/2019 20:16:36]
AdwCleaner[S27].txt - [3758 octets] - [07/05/2019 21:08:38]
AdwCleaner[S28].txt - [3836 octets] - [08/05/2019 00:24:27]
AdwCleaner[C28].txt - [4002 octets] - [08/05/2019 00:24:45]
AdwCleaner[S29].txt - [3958 octets] - [11/05/2019 10:39:47]
AdwCleaner[C29].txt - [4124 octets] - [11/05/2019 10:40:02]
AdwCleaner[S30].txt - [4063 octets] - [11/05/2019 10:44:54]
AdwCleaner[S31].txt - [4124 octets] - [12/05/2019 01:01:28]
AdwCleaner[S32].txt - [4202 octets] - [14/05/2019 12:31:23]
AdwCleaner[C32].txt - [4368 octets] - [14/05/2019 12:31:36]
AdwCleaner[S33].txt - [4307 octets] - [14/05/2019 12:33:52]
AdwCleaner[C33].txt - [4493 octets] - [14/05/2019 12:34:04]
AdwCleaner[S34].txt - [4429 octets] - [14/05/2019 12:49:55]
AdwCleaner[S35].txt - [4490 octets] - [14/05/2019 18:02:11]
AdwCleaner[S36].txt - [4551 octets] - [14/05/2019 20:02:09]
AdwCleaner[S37].txt - [4629 octets] - [15/05/2019 00:09:26]
AdwCleaner[C37].txt - [4795 octets] - [15/05/2019 00:09:56]
AdwCleaner[S38].txt - [4734 octets] - [15/05/2019 08:12:00]
AdwCleaner[S39].txt - [4795 octets] - [15/05/2019 08:23:43]
AdwCleaner[S40].txt - [4856 octets] - [15/05/2019 14:30:53]
AdwCleaner[S41].txt - [4934 octets] - [16/05/2019 09:46:45]
AdwCleaner[C41].txt - [5100 octets] - [16/05/2019 09:47:18]
AdwCleaner[S42].txt - [5039 octets] - [16/05/2019 09:51:05]
AdwCleaner[C42].txt - [5225 octets] - [16/05/2019 09:51:12]
AdwCleaner[S43].txt - [5161 octets] - [16/05/2019 09:54:20]
AdwCleaner[S44].txt - [5222 octets] - [16/05/2019 10:04:11]
AdwCleaner[S45].txt - [5283 octets] - [16/05/2019 10:24:49]
AdwCleaner[C45].txt - [5469 octets] - [16/05/2019 10:24:53]
AdwCleaner[S46].txt - [5405 octets] - [16/05/2019 10:27:23]
AdwCleaner[S47].txt - [5466 octets] - [16/05/2019 13:50:03]
AdwCleaner[S48].txt - [5527 octets] - [16/05/2019 15:28:50]
AdwCleaner[S49].txt - [5605 octets] - [17/05/2019 10:10:02]
AdwCleaner[C49].txt - [5771 octets] - [17/05/2019 10:10:49]
AdwCleaner[S50].txt - [5710 octets] - [17/05/2019 10:14:21]
AdwCleaner[S51].txt - [5771 octets] - [17/05/2019 10:16:17]
AdwCleaner[S52].txt - [6643 octets] - [18/05/2019 21:22:04]
AdwCleaner[C52].txt - [6701 octets] - [18/05/2019 21:22:28]
AdwCleaner[S53].txt - [5954 octets] - [18/05/2019 21:28:02]
AdwCleaner[S54].txt - [6032 octets] - [19/05/2019 01:04:40]
AdwCleaner[C54].txt - [6198 octets] - [19/05/2019 01:05:37]
AdwCleaner[S55].txt - [6948 octets] - [20/05/2019 09:22:05]
AdwCleaner[C55].txt - [7006 octets] - [20/05/2019 09:22:24]
AdwCleaner[S56].txt - [6259 octets] - [20/05/2019 09:29:05]
AdwCleaner[S57].txt - [7076 octets] - [20/05/2019 10:21:16]
AdwCleaner[C57].txt - [7152 octets] - [20/05/2019 11:01:00]
AdwCleaner[S58].txt - [6442 octets] - [20/05/2019 11:05:44]
AdwCleaner[S59].txt - [6503 octets] - [20/05/2019 11:46:01]
AdwCleaner[S60].txt - [6564 octets] - [20/05/2019 11:58:24]
AdwCleaner[S61].txt - [6625 octets] - [20/05/2019 12:51:33]
AdwCleaner[S62].txt - [7442 octets] - [20/05/2019 20:00:57]
AdwCleaner[C62].txt - [7518 octets] - [20/05/2019 20:01:16]
AdwCleaner[S63].txt - [6808 octets] - [20/05/2019 21:36:40]
AdwCleaner[S64].txt - [7625 octets] - [20/05/2019 21:49:25]
AdwCleaner[C64].txt - [7701 octets] - [20/05/2019 21:49:30]
AdwCleaner[S65].txt - [7008 octets] - [22/05/2019 08:34:33]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C65].txt ##########

Según el informe de Adwcleaner, el problema que plantea este está totalmente solucionado.

Esa nueva clave que te ha parecido es porque te has descargado algo o algún programa que tienes como el activador de Office ilegal que pueden crear ese tipo de claves.

ha sido eliminada pero es muy normal que esa clave se encuentre cada cierto tiempo en el PC, tampoco tiene ninguna relevancia.

lo demás está todo correcto y comenta si tienes alguna duda sobre el tema para poder darte las indicaciones finales para concluir

Muchísimas gracias Miguel, como siempre el foro me ha salvado la vida y la PC! jajaja ¿Sabes qué fué y que pudo haberlo traído? puede ser UTorrent? Entiendo lo de la entrada recurrente, lo tendré en cuenta. Por el resto funciona de pelos, Spotify era el infierno y ahora corre como siempre, liviano. El resto está fresco y estable como siempre lo estuvo. Te agradezaco mucho Miguel, siempre me había guiado por las experiencias de otros usuarios del foro, pero esta vez necesité asistencia extra. Un abrazo grande. DOY EL TEMA POR SOLUCIONADO.

Pues eso no se sabe, pero siempre cuidado con los sitios que se visitan y lo que se descarga

Para eliminar las herramientas usadas en la desinfección, realizas:

  • Descargas y Ejecutas >> Delfix, en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >>;Ejecutar como Administrador.)

  • Marca solamente la casilla Remove disinfection tools

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Si queda alguna herramienta, la desinstalas desde panel de Windows y aquellas que no estén listadas, se eliminan directamente.


Me alegro de haberte podido ayudar! :+1:


TEMA SOLUCIONADO

Este tema se cerró automáticamente 2 días después del último post. No se permiten nuevas respuestas.