Virus que desconecta los discos y congela la pc

Buenas noches.

Escribo por acá con la intención de pedir ayuda con un virus que tengo en mi pc. Este ocasiona que se apague los discos y se congele la pc, en especial cuando abro los navegadores si no es con lo único. Tampoco me permitía tampoco abrir el administrador de tareas, el inicio normal de windows iniciaba con un 96% del rendimiento del CPU. Pude quitar algunos detalles. Analicé la pc con Mbam, Mbar, Reimage, y me detectaron algunos virus. Mas no está eliminado del todo, aún sucede lo de que se apague uno de los disco duros al abrir el navegador, y no se que otras cosas más ocasione el virus con solo mencionarles alguno de los problemas que ocasiona.

Ojalá pudieran ayudarme, se los agradecería

1 me gusta

Hola @Angel_Munoz

Bienvenido al Foro!!!

En principio:

1.- Desinstala urgente con Revo Uninstaller en su Modo Avanzado:

  • Reimage

Manual de Revo Uninstaller.

Luego pega los reportes de Mbar y Mbam.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2.

no encuentro el reporte de mbam sino únicamente el de mbar. Lo coloco…

Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
  main:    v2019.12.16.04
  rootkit: v2019.12.16.04

Windows 7 Service Pack 1 x86 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.7601.17514
MUÑOZ SILVA :: MUÑOZSILVA-PC [administrator]

16/12/2019 04:20:38 a.m.
mbar-log-2019-12-16 (04-20-38).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 157848
Time elapsed: 28 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\MUÑOZ SILVA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\empezar.lnk (Trojan.Agent) -> Delete on reboot. [daea3e70e1e76fc7a9caee8c14ecdd23]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\empezar.lnk (Trojan.Agent) -> Delete on reboot. [ac18e5c98345f046551eb4c6ab5528d8]

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Hola @Angel_Munoz

Desinstalaste Reimage??


Realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga, instala y/o actualiza a las siguientes herramientas:

3.- Ejecutas respetando el orden los pasos con todos los programas cerrados incluido los navegadores

CCleaner

Usando su opción Limpiador de acuerdo su Manual:

  • Para borrar Cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.
  • Cuando lo instales destilda las casillas para no permitir la instalación de Ccleaner Browser/Avast Browser o similar…
  • NO necesitamos este reporte

AdwCleaner

Lo ejecutas.

  • Pulsa en el botón Escanear y espera a que se realice el proceso. Luego pulsa sobre el botón Limpiar.
  • Espera a que se complete. Si te pidiera reiniciar el sistema Aceptas.
  • Guarda el reporte que le aparecerá para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también puede encontrarse en “C:\AdwCleaner\AdwCleaner.txt”

ZHPCleaner

  • Siguiendo su manual, lo instalas y ejecutas. Cuando termine, elimina todo lo que encuentre.

Malwarebytes Versión 4

  • Lo ejecutas siguiendo los pasos de su Manual.
  • Realizas un Análisis de Amenazas
  • Revisa especialmente como salvar el reporte.

4.- Nota Importante:

En tu próxima respuesta debes pegar los reportes de AdwCleaner , ZHPCleaner y Malwarebytes.

Guía: ¿Como Pegar reportes en el Foro?

Nos comentas.

Salu2

una pregunta, debo de hacer esto iniciando windows normalmente o se podra hacer desde modo seguro?

Hola @Angel_Munoz, solo entro para comentar tu consulta y que avances con los pasos indicados por la compañera.

Si puedes, intenta hacer TODOS los pasos desde el modo normal de windows.

En caso de que NO pudieras trabajar con el equipo desde modo normal, realiza los pasos desde el modo seguro con conexión a red.

Saludos. :wave:

1 me gusta

pego los reportes de ZhpCleaner y Adwcleaner, y ya conseguí el 1er reporte de Mbam, también lo pego. Igualmente realizo otro análisis.

~ ZHPCleaner v2019.12.14.163 by Nicolas Coolman (2019/12/14)
~ Run by MUÑOZ SILVA (Administrator)  (18/12/2019 12:55:12)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Reparar
~ Report : C:\Users\MUÑOZ SILVA\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\MUÑOZ SILVA\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : 
~ UAC : Activate
~ Boot Mode : Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601)


---\\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Navegadores de Internet (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Hosts carpeta (1)
~ El archivo hosts es legítimo (33)


---\\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Explorador ( Archivos, Carpetas ) (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Registro ( Claves, Valores, Datos) (19)
BORRADOS clave*: HKLM\SOFTWARE\808fc302-3d01-59ce-8094-e0443a55877e []  =>Adware.CrossRider
BORRADOS clave*: HKLM\SOFTWARE\Wow6432Node\ByteFence [AdditionalScan 288]  =>SUP.Optional.ByteFence
BORRADOS clave**: HKLM\SOFTWARE\ByteFence [AdditionalScan 400]  =>SUP.Optional.ByteFence
BORRADOS clave*: HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool]  =>Toolbar.Ask
BORRADOS valor: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\App [wscript.exe C:\ProgramData\AirHashing\Hide.vbs C:\]  =>.SUP.HideBaid
BORRADOS valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{A5CF6277-6EA8-4777-B713-B2941B792780} [C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe]  =>.SUP.DllFilesFixer
BORRADOS valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{35034C9B-D0B5-4DBC-A03A-EDBC339102F1} [C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe]  =>.SUP.DllFilesFixer
BORRADOS valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{3E159B6A-9463-4987-8563-EEB863525E07} [C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe]  =>.SUP.DllFilesFixer
BORRADOS valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{EEB1247D-72F8-4D3E-98F9-D26E77E880DD} [C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe]  =>.SUP.DllFilesFixer
BORRADOS valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{E5FE6710-3565-4A09-BAC5-2A0543E90A7A} [C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe]  =>.SUP.DllFilesFixer
BORRADOS valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{3F5AFA2C-AAD8-44DE-B8AF-6D3AE8B2FD0B} [C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe]  =>.SUP.DllFilesFixer
BORRADOS valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{BC366B23-6BF4-4305-8573-DE26301E045E} [C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe]  =>.SUP.DllFilesFixer
BORRADOS valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{7BDA21F2-ECDD-4EA0-8966-3ADA17AFEF31} [C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe]  =>.SUP.DllFilesFixer
BORRADOS valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{E988189F-AC47-4AB1-842D-92B573A10630} [C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe]  =>.SUP.DllFilesFixer
BORRADOS valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{6FB4EBDF-C1A6-498A-AA4E-D01FF78F9499} [C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe]  =>.SUP.DllFilesFixer
BORRADOS valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{860E0783-C59C-496C-97C6-70D06568780E} [C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe]  =>.SUP.DllFilesFixer
BORRADOS valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{891F9192-AF75-4BCD-9D45-302611A73148} [C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe]  =>.SUP.DllFilesFixer
BORRADOS valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{107AEAE6-44C2-4FAD-9389-BD3E7FCA5C2B} [C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe]  =>.SUP.DllFilesFixer
BORRADOS valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{1C8D71C0-7CF5-4465-ACC7-4D35B1A829C3} [C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe]  =>.SUP.DllFilesFixer


---\\  Resumen de elementos en su estación de trabajo (5)
https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/  =>Adware.CrossRider
https://nicolascoolman.eu/2017/03/13/superfluous-bytefence/  =>SUP.Optional.ByteFence
https://nicolascoolman.eu/2017/02/28/toolbar-ask/  =>Toolbar.Ask
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.HideBaid
https://nicolascoolman.eu/2017/09/17/sup-dllfilesfixer/  =>.SUP.DllFilesFixer


---\\ Limpieza adicional. (3)
~ Clave de registro Tracing borrados (3)
~ Quitar los antiguos informes de ZHPCleaner. (0)


---\\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ Google Chrome OK
~ Internet Explorer OK
~ Opera OK


---\\ STATISTIQUES
~ Items escaneado : 1847
~ Items encontrado : 0
~ artículos cancelados : 0
~ Items opciones : 6/13
~ Ahorro de espacio (bytes) : 0


~ End of clean in 00h00mn15s
# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build:    12-17-2019
# Database: 2019-12-17.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    12-18-2019
# Duration: 00:00:03
# OS:       Windows 7 Ultimate
# Cleaned:  25
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\ByteFence
Deleted       C:\Users\MUÑOZ SILVA\AppData\Roaming\AudioConverter
Deleted       C:\Users\MUÑOZ SILVA\AppData\Roaming\WinThruster

***** [ Files ] *****

Deleted       C:\Users\MUÑOZ SILVA\Downloads\ReimageRepair.exe
Deleted       C:\Users\MUÑOZ SILVA\Downloads\SpyHunter-Installer.exe
Deleted       C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted       HKCU\Software\PRODUCTSETUP
Deleted       HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted       HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted       HKCU\Software\Reimage
Deleted       HKCU\Software\csastats
Deleted       HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Deleted       HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted       HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted       HKLM\Software\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted       HKLM\Software\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted       HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Deleted       HKLM\Software\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted       HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted       HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted       HKLM\Software\Classes\REI_AxControl.ReiEngine
Deleted       HKLM\Software\Classes\REI_AxControl.ReiEngine.1
Deleted       HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted       HKLM\Software\Reimage

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 15/12/19
Hora del análisis: 18:30
Archivo de registro: eb3eec5c-1f68-11ea-8892-00196634b675.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.718
Versión del paquete de actualización: 1.0.15062
Licencia: Gratis

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x86
Sistema de archivos: NTFS
Usuario: MU\u00c3\u0091OZSILVA-PC\MU\u00c3\u0091OZ SILVA

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 179442
Amenazas detectadas: 36
Amenazas en cuarentena: 28
Tiempo transcurrido: 13 min, 19 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 4
PUP.Optional.SecuredSearch, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\PDPCPCEOFKOPEGFFCDNFFEENBFDLDOCK, En cuarentena, 231, 586075, , , , 
PUP.Optional.SecuredSearch, HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pdpcpceofkopegffcdnffeenbfdldock, En cuarentena, 231, 586075, 1.0.15062, , ame, 
PUP.Optional.DriverIdentifier, HKLM\SOFTWARE\CLASSES\driveruploader, En cuarentena, 1090, 368278, 1.0.15062, , ame, 
PUP.Optional.InstallCore, HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\SOFTWARE\CSASTATS\ic, En cuarentena, 470, 586068, 1.0.15062, , ame, 

Valor del registro: 1
PUP.Optional.SecuredSearch, HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|PDPCPCEOFKOPEGFFCDNFFEENBFDLDOCK, En cuarentena, 231, 586075, , , , 

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 10
PUP.Optional.DriverIdentifier, C:\PROGRAM FILES\DRIVER IDENTIFIER, En cuarentena, 1090, 368276, 1.0.15062, , ame, 
PUP.Optional.DriverIdentifier, C:\USERS\MUÑOZ SILVA\APPDATA\ROAMING\DRIVERIDENTIFIER, En cuarentena, 1090, 368279, 1.0.15062, , ame, 
PUP.Optional.DefaultSearch.ShrtCln, C:\USERS\MUÑOZ SILVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Error durante la eliminación, 309, 455072, , , , 
PUP.Optional.ASK, C:\USERS\MUÑOZ SILVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Error durante la eliminación, 2, 454825, , , , 
PUP.Optional.Iminent, C:\USERS\MUÑOZ SILVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Error durante la eliminación, 88, 455248, , , , 
Adware.SearchEngineHijack, C:\USERS\MUÑOZ SILVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Error durante la eliminación, 389, 462944, , , , 
PUP.Optional.SearchNu, C:\USERS\MUÑOZ SILVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Error durante la eliminación, 457, 492400, , , , 
PUP.Optional.ASK, C:\USERS\MUÑOZ SILVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Error durante la eliminación, 2, 454825, , , , 
PUP.Optional.Iminent, C:\USERS\MUÑOZ SILVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Error durante la eliminación, 88, 455248, , , , 
PUP.Optional.SecuredSearch, C:\USERS\MUÑOZ SILVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Error durante la eliminación, 231, 551753, , , , 

Archivo: 21
PUP.Optional.SecuredSearch, C:\USERS\MUÑOZ SILVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 231, 586075, , , , 
PUP.Optional.DriverIdentifier, C:\Program Files\Driver Identifier\php.ini, En cuarentena, 1090, 368276, , , , 
PUP.Optional.DriverIdentifier, C:\Users\MUÑOZ SILVA\AppData\Roaming\driveridentifier\log.txt, En cuarentena, 1090, 368279, , , , 
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\MUÑOZ SILVA\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, En cuarentena, 309, 455072, , , , 
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\MUÑOZ SILVA\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000424.ldb, En cuarentena, 309, 455072, , , , 
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\MUÑOZ SILVA\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000427.ldb, En cuarentena, 309, 455072, , , , 
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\MUÑOZ SILVA\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000428.log, En cuarentena, 309, 455072, , , , 
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\MUÑOZ SILVA\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000429.ldb, En cuarentena, 309, 455072, , , , 
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\MUÑOZ SILVA\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, En cuarentena, 309, 455072, , , , 
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\MUÑOZ SILVA\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, En cuarentena, 309, 455072, , , , 
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\MUÑOZ SILVA\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, En cuarentena, 309, 455072, , , , 
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\MUÑOZ SILVA\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, En cuarentena, 309, 455072, , , , 
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\MUÑOZ SILVA\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, En cuarentena, 309, 455072, , , , 
PUP.Optional.DefaultSearch.ShrtCln, C:\USERS\MUÑOZ SILVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 309, 455072, 1.0.15062, , ame, 
PUP.Optional.ASK, C:\USERS\MUÑOZ SILVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 2, 454825, 1.0.15062, , ame, 
PUP.Optional.Iminent, C:\USERS\MUÑOZ SILVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 88, 455248, 1.0.15062, , ame, 
Adware.SearchEngineHijack, C:\USERS\MUÑOZ SILVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 389, 462944, 1.0.15062, , ame, 
PUP.Optional.SearchNu, C:\USERS\MUÑOZ SILVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 457, 492400, 1.0.15062, , ame, 
PUP.Optional.ASK, C:\USERS\MUÑOZ SILVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 2, 454825, 1.0.15062, , ame, 
PUP.Optional.Iminent, C:\USERS\MUÑOZ SILVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 88, 455248, 1.0.15062, , ame, 
PUP.Optional.SecuredSearch, C:\USERS\MUÑOZ SILVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 231, 551753, 1.0.15062, , ame, 

Sector físico: 0
(No hay elementos maliciosos detectados)

2DO REPORTE DE MBAM

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 18/12/19
Hora del análisis: 13:09
Archivo de registro: 99b6defe-2197-11ea-b70e-00196634b675.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.718
Versión del paquete de actualización: 1.0.15062
Licencia: Gratis

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x86
Sistema de archivos: NTFS
Usuario: MU\u00c3\u0091OZSILVA-PC\MU\u00c3\u0091OZ SILVA

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 178572
Amenazas detectadas: 1
Amenazas en cuarentena: 1
Tiempo transcurrido: 10 min, 20 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 1
PUP.Optional.Reimage, HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\Fixer - Windows Problem Relief., En cuarentena, 367, 709541, 1.0.15062, , ame, 

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)

tengo otro problema. La pc en modo normal esta demasiado lenta. No se si estas imágenes con los servicios de Windows pudieran ser de ayuda. Si alguno esta fuera de lugar o algo así

Dejo otra más abajo del msconfig con los porgramas de inicio de windows. Si puede decirme cuales son innecesarios y que pudieran realentizar el inicio y uso del SO por favor.

Nota: He eliminado Reimage y SpyHunter

Nota 2: El Ares solo lo tengo como reproductor de música. Está bloqueado para su uso de envío y recepción de datos

image

Hola @Angel_Munoz

Una consulta tienes Google Chrome sincronizado en todos los dispositivos?

Tienes Avast y AVG Internet Security instalado juntos y activos en ese equipo?


1.- Desinstala Avast y AVG ejecutando su herramienta especifica de desinstalación.

Estarás sin antivirus, NO LO REINSTALES AUN

2.- Desinstala con Revo Uninstaller en su Modo Avanzado:

  • AVG TuneUp

Manual de Revo Uninstaller.

Luego de reiniciar realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

3.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

Como es lo de chrome? no entiendo la pregunta. Si se refiera la sincronización con el usuario, creo que no. Tras haberlo desinstalado para reinstalarlo se debe haber desconfigurado la sincornización.

Aca los reportes:


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-12-2019
Ran by MUÑOZ SILVA (administrator) on MUÑOZSILVA-PC (20-12-2019 14:15:49)
Running from C:\Users\MUÑOZ SILVA\Downloads
Loaded Profiles: MUÑOZ SILVA (Available Profiles: MUÑOZ SILVA)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Windows\tsnppro.exe
(AresGalaxy) [File not signed] C:\Program Files\Ares\Ares.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Windows Hardware Compatibility Publisher -> Vimicro) C:\Windows\vm305_sti.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [tsnppro] => C:\Windows\tsnppro.exe [86016 2005-10-25] () [File not signed]
HKLM\...\Run: [snppro] => C:\Windows\vsnppro.exe [339968 2005-01-14] (Microsoft Windows Hardware Compatibility Publisher -> Sonix)
HKLM\...\Run: [BigDog305] => C:\Windows\VM305_STI.EXE [61440 2007-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro)
HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\...\Run: [ares] => C:\Program Files\Ares\Ares.exe [3544064 2019-09-30] (AresGalaxy) [File not signed]
HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-12-18] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\...\MountPoints2: {0ca7f5ca-c44a-11e9-9012-00196634b675} - G:\Setup.exe
HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\...\MountPoints2: {96855c2e-274b-11dc-913a-806e6f6e6963} - E:\autorun.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-19] (Google LLC -> Google LLC)
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00EA4ADD-D48F-45E1-A5E4-224EAA6A307E} - System32\Tasks\{A85AFEBD-294B-462D-A377-B736A2E36E80} => C:\Windows\system32\pcalua.exe -a "E:\emuladores game\Emulador de PX1 XP\emurayden-v21.exe" -d "E:\emuladores game\Emulador de PX1 XP"
Task: {0AD579EC-6788-499A-A8E4-A1DC559A411C} - System32\Tasks\{0A7D9093-2A7F-4BC9-B31C-F00E3528BF8C} => C:\Users\MUÑOZ SILVA\Desktop\2CaptchaBot.exe
Task: {10D34A5F-4181-4778-8B1D-0939321CCF7E} - System32\Tasks\{E8DED79E-9F54-4FBA-A4CF-3685FD4AC5EE} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\mgs2.exe"
Task: {18873AC4-35CA-41E8-A6E9-727C2C93956C} - System32\Tasks\{A78E79F3-C281-4617-A4A7-FBDA3868A54D} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Task Killer\uninstall.exe"
Task: {21F4E211-DEB7-40A4-95D9-DF20D5EBFD21} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648 2019-02-08] () [File not signed]
Task: {288F55BA-C489-4789-A6A2-158918986710} - System32\Tasks\Opera scheduled Autoupdate 1546014934 => C:\Users\MUÑOZ SILVA\AppData\Local\Programs\Opera\launcher.exe [1348632 2019-09-03] (Opera Software AS -> Opera Software)
Task: {343747BA-4E73-4208-8964-8AFDD7CE6C4F} - System32\Tasks\{3BB4BB80-A8FF-4CA4-BD85-3BC44FDA494E} => C:\Windows\system32\pcalua.exe -a C:\ProgramData\KLC\SMAC\UNWISE.EXE -c C:\ProgramData\KLC\SMAC\INSTALL.LOG
Task: {39836990-E9A8-4EE7-9F9B-712D51D4BED4} - System32\Tasks\AVG TuneUp Update => C:\Program Files\AVG\AVG TuneUp\TUNEUpdate.exe
Task: {428FC924-51C7-49D1-918E-11B6BB41FEA7} - System32\Tasks\{49D43A32-0737-41F3-B3FF-CAB539BADD44} => C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\mgs2_sse.exe
Task: {44A548DB-CFD8-4AEE-B6B8-0B4041D677C4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-12-18] (Piriform Software Ltd -> Piriform Ltd)
Task: {498283A3-25DE-4C4C-90DE-8B2C2F4279E9} - System32\Tasks\{8045DFF0-44BF-4B68-BA8B-3E514442CBEA} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\mgs2_sse.exe"
Task: {5008456B-25DB-4399-B9FF-3351D4AC4B7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [154920 2019-09-26] (Google Inc -> Google LLC)
Task: {51ACCE69-820B-4DC4-9D6A-B100136B20F1} - System32\Tasks\{1D3A38DC-4C3A-4503-952E-D12C9F877A7B} => C:\Windows\system32\pcalua.exe -a "C:\Users\MUÑOZ SILVA\Desktop\nox_setup_v6.2.6.3_full_intl.exe" -d "C:\Users\MUÑOZ SILVA\Desktop"
Task: {56E4D399-4EFD-4307-86A0-F4C037805B52} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [154920 2019-09-26] (Google Inc -> Google LLC)
Task: {5F27C32C-A567-4697-B982-980A51B15C99} - System32\Tasks\{45244AC2-DA9D-4DCB-AE60-DA8E5AB5E24C} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\MGS2SConfig.exe"
Task: {70B09B80-26E7-47DF-A076-2FC91251306C} - System32\Tasks\{FFD0409B-AEF9-4FB9-8DF2-94DD63FDC262} => C:\Windows\system32\pcalua.exe -a E:\Driver\Setup.exe -d E:\Driver
Task: {7CDAE2CB-C784-49B7-B65D-118F05454557} - System32\Tasks\{2177D4B2-327C-4831-ADC9-F1FFFC9FA732} => C:\Windows\system32\pcalua.exe -a E:\Viewer\Setup.exe -d E:\Viewer
Task: {81033009-4A22-4377-AA19-7D2DB584DA1A} - System32\Tasks\{21AEFBE4-A552-4B2B-9471-1529DC7240B8} => C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\mgs2.exe
Task: {838FEC28-9109-49A7-928D-0E0C9184AB4E} - System32\Tasks\{A05FB40E-C38E-414E-9AC0-63D7D7C5D8AC} => C:\Windows\system32\pcalua.exe -a E:\MGS2SSetup.exe -d E:\
Task: {839DEDE5-F2DD-426C-AFDF-B00621BBBDD4} - System32\Tasks\{A72FB3E3-40ED-4C58-946C-060284B79167} => C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\mgs2_sse.exe
Task: {ACACD0F1-2C71-4EFF-86F1-D5D23A4C217D} - System32\Tasks\{08ECB120-BB20-40E9-AF1F-544EC35759A2} => C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\mgs2_sse.exe
Task: {AD870D36-F751-4369-A123-DA9EAF3A7C2C} - System32\Tasks\{0872955B-2E3A-479F-92D9-DF9E68B593E4} => C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\mgs2.exe
Task: {B0D23105-5033-4947-8C16-71915371C3E1} - System32\Tasks\{988275F2-4994-42D9-AB0C-972534EA72A7} => C:\Windows\system32\pcalua.exe -a E:\Viewer\Setup.exe -d E:\Viewer
Task: {BC53B186-DB04-4B62-B403-AE03A118B020} - System32\Tasks\{3E368019-8C88-40A3-B000-D2189BC8E74C} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\SETUP\SETUP.EXE"
Task: {CB83982B-E5BF-41FA-AD96-8068E3D16594} - System32\Tasks\{F9977A51-8512-4955-B212-A2758A8F500E} => C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\mgs2_sse.exe
Task: {DB87816F-9EB3-4A7A-953C-C48E1F32B5C9} - System32\Tasks\{97490CA8-C995-4CF8-B11F-ACEE0C016FF7} => C:\Windows\system32\pcalua.exe -a "D:\Program Files\Microvirt\MEmu\uninstall\uninstall.exe" -c -u
Task: {F1E849FA-1265-4121-9765-3D84CB85BB5B} - System32\Tasks\{02083E3F-599F-4056-9735-630A118A5401} => C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\mgs2_sse.exe
Task: {FB9BB77E-8136-4B08-8C6A-E19C811B8972} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2642276731-2804568143-1254195563-1000 => C:\ProgramData\MEGAsync\MEGAupdater.exe [615160 2019-09-16] (Mega Limited -> Mega Limited)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\MUÑOZ SILVA\Downloads\adwcleaner_8.0.1.exe
Task: C:\Windows\Tasks\Avast Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: C:\Windows\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 37.120.145.234 8.8.8.8
Tcpip\..\Interfaces\{0119DFDB-7083-494B-BAE7-FBF0981ED1AD}: [DhcpNameServer] 37.120.145.234 8.8.8.8

Internet Explorer:
==================
HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.emurayden.com
HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-ve/?ocid=iehp
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)

Chrome: 
=======
CHR Session Restore: Default -> is enabled.
CHR Notifications: Default -> hxxps://web.telegram.org; hxxps://www.familias.com
CHR Profile: C:\Users\MUÑOZ SILVA\AppData\Local\Google\Chrome\User Data\Default [2019-12-20]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\MUÑOZ SILVA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-16]
CHR Extension: (Chrome Media Router) - C:\Users\MUÑOZ SILVA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-18]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]

Opera: 
=======
OPR Extension: (ZenMate VPN - Best Cyber Security & Unblock) - C:\Users\MUÑOZ SILVA\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnhbkkedmelfmalgjpkngiaoifpdfcnl [2019-06-15]
OPR Extension: (VPN.S HTTP Proxy) - C:\Users\MUÑOZ SILVA\AppData\Roaming\Opera Software\Opera Stable\Extensions\decfmjjdfcldhoonmgjadlilkdblonge [2019-06-15]
OPR Extension: (Google Translate) - C:\Users\MUÑOZ SILVA\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2019-06-16]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 MBAMInstallerService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe [4029504 2019-12-16] (Malwarebytes Inc -> Malwarebytes)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [5570712 2019-11-14] (Malwarebytes Inc -> Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 aswbIDSAgent; "C:\Program Files\AVAST Software\Avast\aswidsagent.exe" [X]
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35512 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [174712 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [224008 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [169408 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [59368 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [211088 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41200 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [145048 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [95168 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [73312 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [691528 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [394856 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswStm; C:\Windows\System32\drivers\aswStm.sys [176760 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [277408 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 atikmdag; C:\Windows\system32\drivers\atikmdag.sys [4194816 2009-07-13] (Microsoft Windows -> ATI Technologies Inc.)
R3 DroidCam; C:\Windows\System32\DRIVERS\droidcam.sys [30008 2015-05-24] (DEV47 APPS -> Dev47Apps)
R3 DroidCamVideo; C:\Windows\System32\DRIVERS\droidcamvideo.sys [225720 2015-05-24] (DEV47 APPS -> Dev47Apps)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2014-12-20] (Elaborate Bytes AG -> Elaborate Bytes AG)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [21960 2018-10-22] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
R0 EPMVolFlt; C:\Windows\System32\drivers\EPMVolFlt.sys [17992 2018-10-18] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider) [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10208 2018-10-24] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt86win7.sys [139776 2009-07-13] (Microsoft Windows -> Realtek Corporation )
S3 SNPPRO; C:\Windows\System32\DRIVERS\snppro.sys [8664448 2005-06-10] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2018-11-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [112640 2010-09-29] (Microsoft Corporation) [File not signed]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S3 vvftav; C:\Windows\System32\drivers\vvftav.sys [474368 2007-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [128704 2016-08-16] (NGO -> MBB)
R3 wovad_micarray; C:\Windows\System32\drivers\womic.sys [29552 2017-11-25] (Beijing Wolicheng Technology Co., Ltd. -> Windows (R) Win 7 DDK provider)
S3 ZSMC0305; C:\Windows\System32\Drivers\usbVM305.sys [1466624 2007-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
U3 aswbdisk; no ImagePath
U1 avgbdisk; no ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-20 14:15 - 2019-12-20 14:16 - 000017255 _____ C:\Users\MUÑOZ SILVA\Downloads\FRST.txt
2019-12-20 14:15 - 2019-12-20 14:16 - 000000000 ____D C:\FRST
2019-12-20 00:30 - 2019-12-20 00:30 - 000001165 _____ C:\Users\MUÑOZ SILVA\Desktop\Indicaciones Forospyware 2.txt
2019-12-20 00:29 - 2019-12-20 00:29 - 001992192 _____ (Farbar) C:\Users\MUÑOZ SILVA\Downloads\FRST.exe
2019-12-19 01:20 - 2019-12-19 01:38 - 000000275 _____ C:\Users\MUÑOZ SILVA\Desktop\descargar.txt
2019-12-18 15:15 - 2019-12-18 15:15 - 000008794 _____ C:\Users\MUÑOZ SILVA\Desktop\cc_20191218_151516.reg
2019-12-18 15:14 - 2019-12-18 15:15 - 000136278 _____ C:\Users\MUÑOZ SILVA\Desktop\cc_20191218_151452.reg
2019-12-18 15:10 - 2019-12-19 01:33 - 000002830 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2019-12-18 14:33 - 2019-12-18 14:33 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Roaming\AVAST Software
2019-12-18 14:29 - 2019-12-19 01:34 - 000003104 _____ C:\Windows\system32\Tasks\{A78E79F3-C281-4617-A4A7-FBDA3868A54D}
2019-12-18 14:27 - 2019-12-19 01:34 - 000003162 _____ C:\Windows\system32\Tasks\{3BB4BB80-A8FF-4CA4-BD85-3BC44FDA494E}
2019-12-18 12:39 - 2019-12-18 13:51 - 000000798 _____ C:\Users\MUÑOZ SILVA\Desktop\ZHPCleaner.lnk
2019-12-18 12:39 - 2019-12-18 13:51 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Roaming\ZHP
2019-12-18 12:39 - 2019-12-18 12:39 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Local\ZHP
2019-12-18 12:36 - 2019-12-18 12:36 - 000000300 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
2019-12-18 12:31 - 2019-12-18 14:44 - 000194290 _____ C:\Windows\ntbtlog.txt
2019-12-18 12:15 - 2019-12-18 12:15 - 000691528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-12-18 12:15 - 2019-12-18 12:15 - 000394856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-12-18 12:15 - 2019-12-18 12:15 - 000000342 ____H C:\Windows\Tasks\Avast Emergency Update.job
2019-12-18 12:15 - 2019-12-18 12:15 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-12-18 12:15 - 2019-12-18 12:14 - 000305032 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-12-18 12:15 - 2019-12-18 12:14 - 000277408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000224008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000211088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000176760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000174712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000169408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000145048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000095168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000073312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000059368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000041200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000035512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-12-18 12:14 - 2019-12-18 12:36 - 000000000 ____D C:\AdwCleaner
2019-12-18 12:14 - 2019-12-18 12:15 - 000001641 _____ C:\Users\MUÑOZ SILVA\Desktop\Indicaciones Forospyware.txt
2019-12-18 11:54 - 2019-12-18 11:55 - 008237744 _____ (Malwarebytes) C:\Users\MUÑOZ SILVA\Downloads\adwcleaner_8.0.1.exe
2019-12-18 11:51 - 2019-12-18 12:15 - 000000000 ____D C:\ProgramData\AVAST Software
2019-12-18 11:50 - 2019-12-18 11:51 - 003326336 _____ (Nicolas Coolman) C:\Users\MUÑOZ SILVA\Downloads\ZHPCleaner.exe
2019-12-18 11:49 - 2019-12-18 12:37 - 000000000 ____D C:\Program Files\CCleaner
2019-12-18 11:49 - 2019-12-18 11:55 - 000000973 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-18 11:49 - 2019-12-18 11:55 - 000000973 _____ C:\ProgramData\Desktop\CCleaner.lnk
2019-12-18 11:49 - 2019-12-18 11:55 - 000000300 ____H C:\Windows\Tasks\CCleaner Update.job
2019-12-18 11:49 - 2019-12-18 11:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-12-18 11:37 - 2019-12-18 11:42 - 025441808 _____ (Piriform Software Ltd) C:\Users\MUÑOZ SILVA\Downloads\ccsetup562.exe
2019-12-18 00:19 - 2019-12-18 00:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-12-18 00:19 - 2019-12-18 00:19 - 000000000 ____D C:\Program Files\VS Revo Group
2019-12-16 20:17 - 2019-12-16 20:17 - 000000000 ___SD C:\Users\MUÑOZ SILVA\AppData\LocalLow\Temp
2019-12-16 18:16 - 2019-12-16 18:16 - 000003890 _____ C:\Windows\system32\Tasks\AVG TuneUp Update
2019-12-16 07:12 - 2019-12-16 07:12 - 061538788 _____ C:\Users\MUÑOZ SILVA\Downloads\AVG TuneUp 32&64 bits (2019) 19.1 Build 1098 Final,.rar
2019-12-16 05:25 - 2019-12-16 05:30 - 006171768 _____ (Avira Operations GmbH & Co. KG) C:\Users\MUÑOZ SILVA\Downloads\avira_es_froe3_5df74ec4d3148__pavwws.exe
2019-12-16 04:20 - 2019-12-16 04:20 - 101023024 _____ (EnigmaSoft Limited) C:\ProgramData\EsgInstallerResumeAction_7e211bafacdb964f2938233e4756906d.exe
2019-12-16 04:20 - 2019-12-16 04:20 - 000222648 _____ (Malwarebytes) C:\Windows\system32\Drivers\6553275D.sys
2019-12-16 04:20 - 2019-12-16 04:20 - 000009152 _____ C:\EsgInstallerResumeAction_7e211bafacdb964f2938233e4756906d
2019-12-16 04:14 - 2019-12-16 12:01 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2019-12-16 04:02 - 2019-12-16 04:09 - 014178840 _____ (Malwarebytes Corp.) C:\Users\MUÑOZ SILVA\Downloads\mbar-1.10.3.1001.exe
2019-12-16 02:00 - 2019-12-16 02:04 - 000000000 ____D C:\Users\MUÑOZ SILVA\Downloads\Release
2019-12-16 02:00 - 2019-12-16 02:00 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Local\Deployment
2019-12-16 01:59 - 2019-12-16 02:00 - 000818634 _____ C:\Users\MUÑOZ SILVA\Downloads\Release.zip
2019-12-15 22:14 - 2019-12-15 22:41 - 000057400 _____ C:\Users\MUÑOZ SILVA\Downloads\WhatsApp Image 2019-09-09 at 8.38.45 PM.jpeg
2019-12-15 22:14 - 2019-12-15 22:40 - 000059045 _____ C:\Users\MUÑOZ SILVA\Downloads\WhatsApp Image 2019-09-09 at 8.38.43 PM.jpeg
2019-12-15 22:14 - 2019-12-15 22:38 - 000059974 _____ C:\Users\MUÑOZ SILVA\Downloads\WhatsApp Image 2019-09-09 at 8.38.44 PM.jpeg
2019-12-15 22:14 - 2019-12-15 22:35 - 000042168 _____ C:\Users\MUÑOZ SILVA\Downloads\WhatsApp Image 2019-09-09 at 8.38.45 PM (2).jpeg
2019-12-15 22:14 - 2019-12-15 22:20 - 000059710 _____ C:\Users\MUÑOZ SILVA\Downloads\WhatsApp Image 2019-09-09 at 8.38.46 PM.jpeg
2019-12-15 20:42 - 2019-12-15 20:42 - 000000000 ____D C:\Program Files\ESET
2019-12-15 20:31 - 2019-12-15 20:42 - 002870984 _____ (ESET) C:\Users\MUÑOZ SILVA\Downloads\esetsmartinstaller_esn.exe
2019-12-15 20:24 - 2019-12-15 20:24 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Local\ESET
2019-12-15 19:13 - 2019-12-15 19:24 - 000000000 ___HD C:\Users\MUÑOZ SILVA\AppData\Roaming\xqcsllhcl
2019-12-15 18:35 - 2019-12-15 18:54 - 000000464 __RSH C:\Users\MUÑOZ SILVA\ntuser.pol
2019-12-14 22:49 - 2019-12-19 17:28 - 000002172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-14 22:49 - 2019-12-19 17:28 - 000002131 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-14 22:49 - 2019-12-19 17:28 - 000002131 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-12-14 22:14 - 2019-12-14 22:14 - 000000000 __SHD C:\found.002
2019-12-12 12:24 - 2019-12-12 12:24 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Local\cache
2019-12-12 12:10 - 2019-12-13 21:26 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2019-12-12 12:10 - 2019-12-12 12:10 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Roaming\SUPERAntiSpyware.com
2019-12-12 12:10 - 2019-12-12 12:10 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2019-12-02 21:31 - 2019-12-02 21:31 - 000000165 ____H C:\Users\MUÑOZ SILVA\Desktop\~$VENTAS LUNES  2 DE DICIEMBRE.xlsx
2019-12-01 08:39 - 2019-12-01 08:39 - 000000000 __SHD C:\found.001

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-20 13:48 - 2007-06-30 20:08 - 000000000 ____D C:\Users\MUÑOZ SILVA
2019-12-20 13:43 - 2009-07-14 04:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-20 00:31 - 2009-07-14 04:34 - 000009904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-12-20 00:31 - 2009-07-14 04:34 - 000009904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-12-19 21:05 - 2010-11-26 21:57 - 001685346 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-19 21:05 - 2009-07-14 08:48 - 000750894 _____ C:\Windows\system32\perfh00A.dat
2019-12-19 21:05 - 2009-07-14 08:48 - 000159930 _____ C:\Windows\system32\perfc00A.dat
2019-12-19 21:05 - 2009-07-14 02:37 - 000000000 ____D C:\Windows\inf
2019-12-19 20:22 - 2007-06-30 20:16 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Roaming\AVG
2019-12-19 20:22 - 2007-06-30 20:11 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Local\Avg
2019-12-19 20:21 - 2007-06-30 20:11 - 000000000 ____D C:\ProgramData\Avg
2019-12-19 20:21 - 2007-06-30 20:11 - 000000000 ____D C:\Program Files\AVG
2019-12-19 01:34 - 2019-05-11 06:22 - 000003216 _____ C:\Windows\system32\Tasks\{A85AFEBD-294B-462D-A377-B736A2E36E80}
2019-12-19 01:34 - 2019-03-28 21:31 - 000003080 _____ C:\Windows\system32\Tasks\{988275F2-4994-42D9-AB0C-972534EA72A7}
2019-12-19 01:34 - 2019-03-28 18:36 - 000003080 _____ C:\Windows\system32\Tasks\{FFD0409B-AEF9-4FB9-8DF2-94DD63FDC262}
2019-12-19 01:34 - 2019-02-12 04:28 - 000003142 _____ C:\Windows\system32\Tasks\{97490CA8-C995-4CF8-B11F-ACEE0C016FF7}
2019-12-19 01:34 - 2018-12-31 19:15 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2019-12-19 01:34 - 2018-12-21 06:36 - 000003156 _____ C:\Windows\system32\Tasks\{3E368019-8C88-40A3-B000-D2189BC8E74C}
2019-12-19 01:34 - 2018-12-05 17:45 - 000003026 _____ C:\Windows\system32\Tasks\{49D43A32-0737-41F3-B3FF-CAB539BADD44}
2019-12-19 01:34 - 2018-12-05 17:44 - 000003164 _____ C:\Windows\system32\Tasks\{45244AC2-DA9D-4DCB-AE60-DA8E5AB5E24C}
2019-12-19 01:34 - 2018-12-05 17:44 - 000003026 _____ C:\Windows\system32\Tasks\{A72FB3E3-40ED-4C58-946C-060284B79167}
2019-12-19 01:34 - 2018-12-05 17:42 - 000003218 _____ C:\Windows\system32\Tasks\{E8DED79E-9F54-4FBA-A4CF-3685FD4AC5EE}
2019-12-19 01:34 - 2018-12-05 17:42 - 000003018 _____ C:\Windows\system32\Tasks\{21AEFBE4-A552-4B2B-9471-1529DC7240B8}
2019-12-19 01:34 - 2018-12-05 17:38 - 000003026 _____ C:\Windows\system32\Tasks\{F9977A51-8512-4955-B212-A2758A8F500E}
2019-12-19 01:34 - 2018-12-05 17:37 - 000003226 _____ C:\Windows\system32\Tasks\{8045DFF0-44BF-4B68-BA8B-3E514442CBEA}
2019-12-19 01:34 - 2018-12-05 16:48 - 000003064 _____ C:\Windows\system32\Tasks\{A05FB40E-C38E-414E-9AC0-63D7D7C5D8AC}
2019-12-19 01:33 - 2019-09-26 18:29 - 000003460 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-19 01:33 - 2019-09-26 18:29 - 000003332 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-19 01:33 - 2019-08-13 04:13 - 000004140 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1546014934
2019-12-19 01:33 - 2019-06-15 19:46 - 000002976 _____ C:\Windows\system32\Tasks\{0A7D9093-2A7F-4BC9-B31C-F00E3528BF8C}
2019-12-19 01:33 - 2019-05-06 06:10 - 000003064 _____ C:\Windows\system32\Tasks\klcp_update
2019-12-19 01:33 - 2019-03-28 21:31 - 000003080 _____ C:\Windows\system32\Tasks\{2177D4B2-327C-4831-ADC9-F1FFFC9FA732}
2019-12-19 01:33 - 2019-02-12 14:44 - 000003210 _____ C:\Windows\system32\Tasks\{1D3A38DC-4C3A-4503-952E-D12C9F877A7B}
2019-12-19 01:33 - 2018-12-05 17:45 - 000003026 _____ C:\Windows\system32\Tasks\{08ECB120-BB20-40E9-AF1F-544EC35759A2}
2019-12-19 01:33 - 2018-12-05 17:43 - 000003018 _____ C:\Windows\system32\Tasks\{0872955B-2E3A-479F-92D9-DF9E68B593E4}
2019-12-19 01:33 - 2018-12-05 17:38 - 000003026 _____ C:\Windows\system32\Tasks\{02083E3F-599F-4056-9735-630A118A5401}
2019-12-18 14:25 - 2007-07-27 02:58 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Local\Adobe
2019-12-18 14:13 - 2019-02-09 23:27 - 000007605 _____ C:\Users\MUÑOZ SILVA\AppData\Local\Resmon.ResmonCfg
2019-12-18 14:09 - 2019-02-02 14:45 - 000000000 ____D C:\Windows\pss
2019-12-18 12:13 - 2019-02-01 08:13 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Roaming\MPC-HC
2019-12-18 12:11 - 2019-01-03 19:44 - 000000000 ____D C:\Windows\Minidump
2019-12-18 12:11 - 2010-11-26 21:37 - 000000000 ____D C:\Windows\Panther
2019-12-16 04:20 - 2019-11-14 20:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-12-16 03:57 - 2009-07-14 04:52 - 000000000 ____D C:\Program Files\Microsoft Games
2019-12-16 02:00 - 2019-08-28 19:48 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Local\Apps\2.0
2019-12-15 18:30 - 2009-07-14 02:37 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-12-14 22:48 - 2018-12-25 01:39 - 000000000 ____D C:\Program Files\Google
2019-12-14 22:24 - 2019-04-17 05:15 - 000000000 ____D C:\Windows\system32\appmgmt
2019-12-14 20:58 - 2019-01-11 22:20 - 000000000 ____D C:\Users\MUÑOZ SILVA\Documents\Logos
2019-12-14 20:51 - 2019-01-03 05:55 - 000000000 ____D C:\Users\MUÑOZ SILVA\Documents\MEGAsync Downloads
2019-12-13 21:26 - 2019-09-22 23:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2019-12-13 21:26 - 2019-09-22 23:01 - 000000000 ____D C:\Program Files\Elaborate Bytes
2019-12-13 21:26 - 2019-09-12 14:03 - 000000000 ____D C:\ProgramData\KLC
2019-12-13 21:26 - 2019-08-30 21:59 - 000000000 ____D C:\Program Files\Jagex
2019-12-13 21:26 - 2019-07-15 00:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2019-12-13 21:26 - 2019-05-11 06:23 - 000000000 ____D C:\Program Files\Emurayden PSX Emulator v2.1
2019-12-13 21:26 - 2019-04-05 01:44 - 000000000 ____D C:\Program Files\FBS MetaTrader 5
2019-12-13 21:25 - 2009-07-14 02:37 - 000000000 ____D C:\Windows\registration
2019-12-13 21:21 - 2007-06-30 20:20 - 000000000 __RHD C:\MSOCache
2019-12-11 23:29 - 2019-04-05 01:34 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Roaming\MetaQuotes
2019-12-02 18:18 - 2019-01-15 04:49 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Roaming\Videoder
2019-12-02 13:26 - 2019-07-22 04:27 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Local\BraveSoftware

==================== Files in the root of some directories ========

2019-12-16 04:20 - 2019-12-16 04:20 - 101023024 _____ (EnigmaSoft Limited) C:\ProgramData\EsgInstallerResumeAction_7e211bafacdb964f2938233e4756906d.exe
2019-09-28 22:59 - 2019-11-05 22:15 - 000005632 _____ () C:\Users\MUÑOZ SILVA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-02-09 23:27 - 2019-12-18 14:13 - 000007605 _____ () C:\Users\MUÑOZ SILVA\AppData\Local\Resmon.ResmonCfg
2019-01-25 10:31 - 2019-01-25 10:31 - 000000000 _____ () C:\Users\MUÑOZ SILVA\AppData\Local\{010B7A5A-A5FF-415E-B048-DFE0112E9934}
2019-01-25 10:31 - 2019-01-25 10:31 - 000000000 _____ () C:\Users\MUÑOZ SILVA\AppData\Local\{28D0BD17-4062-4F6E-8887-C4E4D26AEA88}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-12-19 17:43
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-12-2019
Ran by MUÑOZ SILVA (20-12-2019 14:17:11)
Running from C:\Users\MUÑOZ SILVA\Downloads
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2007-06-30 20:07:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2642276731-2804568143-1254195563-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-2642276731-2804568143-1254195563-1002 - Limited - Enabled)
Invitado (S-1-5-21-2642276731-2804568143-1254195563-501 - Limited - Disabled)
MUÑOZ SILVA (S-1-5-21-2642276731-2804568143-1254195563-1000 - Administrator - Enabled) => C:\Users\MUÑOZ SILVA

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DP Chip Lite v19.01 (HKLM\...\3DP Chip Lite) (Version: v19.01 - 3DP)
Ares (HKLM\...\Ares) (Version: 2.5.3-Build#3079 - AresGalaxy)
BestPractice (remove only) (HKLM\...\BestPractice) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
Creative ALchemy Universal (HKLM\...\ALchemy) (Version:  - )
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
EaseUS Partition Master 13.0 Trial Edition (HKLM\...\EaseUS Partition Master Trial Edition_is1) (Version:  - EaseUS)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Feedback Tool (HKLM\...\{90024193-9F13-4877-89D5-A1CDF0CBBF28}) (Version: 1.1.0 - Microsoft Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
i-NOVIA WEB PRO (HKLM\...\{C340D8F9-33C0-43B8-8809-9BA08EFCC3BC}) (Version: 4.31.1.1 - )
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM\...\{e46e0766-a9ed-4cf2-94c7-a684b0aa214f}) (Version: 19.8.34.6 - Intel)
K-Lite Codec Pack 14.7.5 Full (HKLM\...\KLiteCodecPack_is1) (Version: 14.7.5 - KLCP)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
MEGAsync (HKLM\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0C0A-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{246dcb72-b18c-4ab9-9de9-8a996296b01d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
MPC-HC 1.7.13 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.13 - MPC-HC Team)
OldSchool RuneScape Launcher 1.2.7 (HKLM\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd)
Opera Stable 62.0.3331.99 (HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\...\Opera 62.0.3331.99) (Version: 62.0.3331.99 - Opera Software)
Opera Stable 63.0.3368.71 (HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\...\Opera 63.0.3368.71) (Version: 63.0.3368.71 - Opera Software)
Project64 1.6 (HKLM\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
RuneScape Launcher 2.2.4 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.4 - Jagex Ltd)
SMAC 2.7 (HKLM\...\SMAC 2.7) (Version:  - )
Task Killer (remove only) (HKLM\...\Task Killer) (Version:  - )
Universal Adb Driver (HKLM\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
USB PC Camera VC305 (HKLM\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0305}) (Version:  - )
Videoder 1.0.9 (HKLM\...\808fc302-3d01-59ce-8094-e0443a55877e) (Version: 1.0.9 - GlennioTech)
Vimicro USB PC Camera(VC0305) (HKLM\...\{8AD824A5-1CCC-4BB7-82C9-E6FB25CC0479}) (Version: 2007.04.19 - Vimicro)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VSDC Free Audio Converter versión 1.6.5.353 (HKLM\...\VSDC Free Audio Converter_is1) (Version: 1.6.5.353 - Flash-Integro LLC)
Win7codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 2.6.9 - Shark007)
WinHTTrack Website Copier 3.49-2 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 5.31 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WO Mic Client (HKLM\...\WOMic) (Version:  - )

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [4221328 2011-06-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-09-16] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-09-16] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-09-16] (Mega Limited -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-14] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-14] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\system32\xvidvfw.dll [134144 2010-06-23] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [95232 2010-10-30] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\system32\ac3filter.acm [497664 2009-08-11] () [File not signed]
HKLM\...\Drivers32: [msacm.avis] => C:\Windows\system32\ff_acm.acm [43520 2010-10-30] () [File not signed]
HKLM\...\Drivers32: [vidc.MPG4] => C:\Windows\system32\mpg4c32.dll [413760 2000-07-27] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.MP42] => C:\Windows\system32\mpg4c32.dll [413760 2000-07-27] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.MP43] => C:\Windows\system32\mpg4c32.dll [413760 2000-07-27] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.msaudio1] => C:\Windows\system32\msaud32.acm [282896 2000-07-26] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.IV41] => C:\Windows\system32\IR41_32.AX [839680 2009-07-14] (Microsoft Windows -> Intel Corporation)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2015-05-08 05:08 - 2015-05-08 05:08 - 000151552 _____ () [File not signed] C:\Program Files\DroidCam\lib\DroidCam.dll
2015-05-08 05:08 - 2015-05-08 05:08 - 000081920 _____ () [File not signed] C:\Program Files\DroidCam\lib\DroidCamFilter.ax
2015-05-08 05:14 - 2015-05-08 05:14 - 000086016 _____ () [File not signed] C:\Program Files\DroidCam\lib\DroidCamFilter240p.ax

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:04 - 2019-11-14 19:07 - 000001247 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1	localhost
127.0.0.1	https://www.bananatic.com/es/juegos/bleach-online-28
127.0.0.1	www.bananatic.com/es/juegos/bleach-online-28
127.0.0.1	bananatic.com/es/juegos/bleach-online-28
127.0.0.1	http://www.bananatic.com/es/juegos/bleach-online-28 
127.0.0.1 activation.easeus.com 
127.0.0.1 track.easeus.com 
127.0.0.1 66.39.112.91 
127.0.0.1 216.92.151.227 
127.0.0.1 216.92.61.7 
127.0.0.1 www.easeus.com 

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 37.120.145.234 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVG TuneUp.lnk => C:\Windows\pss\AVG TuneUp.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^MUÑOZ SILVA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hide.me VPN.lnk => C:\Windows\pss\hide.me VPN.lnk.Startup
MSCONFIG\startupfolder: C:^Users^MUÑOZ SILVA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupfolder: C:^Users^MUÑOZ SILVA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WO Mic Client.lnk => C:\Windows\pss\WO Mic Client.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: Emurayden PSX Emulator => c:\Archivos de Programa\Emurayden PSX Emulator v2.1\Emurayden PSX AutoLauncher.exe
MSCONFIG\startupreg: Spotify => C:\Users\MUÑOZ SILVA\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files\Unlocker\UnlockerAssistant.exe"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9B1F0EA1-A837-4E4F-9DF6-9BF60FE5CFF2}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B654160B-25AA-4DA1-9282-2B506911E8A1}] => (Allow) C:\Program Files\WOMic\womicclient.exe () [File not signed]
FirewallRules: [{A7537E52-5E36-49C8-8292-37283EF29187}] => (Allow) C:\Program Files\FlashIntegro\AudioConverter\AudioConverter.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{63DA2803-89D5-4A68-A65E-8134A7E64F8E}] => (Allow) C:\Program Files\FlashIntegro\AudioConverter\AudioConverter.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{D4BD8E90-E370-4548-BFE5-D64E8DA6FD08}] => (Allow) C:\Program Files\FlashIntegro\AudioConverter\Updater.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{275E8F39-9287-4536-B7D9-0E8E48049617}] => (Allow) C:\Program Files\FlashIntegro\AudioConverter\Updater.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{C0403D05-57D9-4D8F-AB9C-5E70784F9683}] => (Allow) C:\Program Files\WOMic\womicclient.exe () [File not signed]
FirewallRules: [{D6C69D76-48AF-44EA-A98E-F7EFA097FF5C}] => (Allow) C:\Program Files\DroidCam\DroidCamApp.exe (DEV47 APPS -> )
FirewallRules: [{5C65E3D4-45E8-4DF2-9CBB-E82A10EF2CC9}] => (Allow) C:\Program Files\DroidCam\DroidCamApp.exe (DEV47 APPS -> )
FirewallRules: [TCP Query User{17466D18-302B-48BE-B88F-DE8B2111F792}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe (AresGalaxy) [File not signed]
FirewallRules: [UDP Query User{94FC214B-7C02-416F-AB2A-4A490EB244E0}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe (AresGalaxy) [File not signed]
FirewallRules: [TCP Query User{D257B82F-3D51-4E5E-8BFE-6C8F84CC54D9}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe (AresGalaxy) [File not signed]
FirewallRules: [UDP Query User{9AB12B22-64EA-4E92-9FEA-2C98D87C8931}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe (AresGalaxy) [File not signed]
FirewallRules: [{3E3F5AAC-4983-47AE-835F-6BECCC1C61AA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: TAP-Win32 Adapter V9
Description: TAP-Win32 Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: TAP-Win32 Adapter V9 #2
Description: TAP-Win32 Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/20/2019 02:02:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "c:\program files\3dp chip lite\DPInst64.exe".
No se encontró el ensamblado dependiente Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (12/19/2019 05:43:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "c:\program files\3dp chip lite\DPInst64.exe".
No se encontró el ensamblado dependiente Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (12/18/2019 04:40:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Ares.exe, versión: 2.5.3.3079, marca de tiempo: 0x2a425e19
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.17514, marca de tiempo: 0x4ce7b96e
Código de excepción: 0xc0000374
Desplazamiento de errores: 0x000c37b7
Id. del proceso con errores: 0x594
Hora de inicio de la aplicación con errores: 0x01d5b5b4189279c7
Ruta de acceso de la aplicación con errores: C:\Program Files\Ares\Ares.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Id. del informe: 08c1d57d-21b5-11ea-ae4b-00196634b675

Error: (12/18/2019 03:57:37 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "c:\program files\3dp chip lite\DPInst64.exe".
No se encontró el ensamblado dependiente Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (12/18/2019 02:50:45 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (12/18/2019 02:44:28 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.

Error: (12/18/2019 02:44:28 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x8007043C

Error: (12/18/2019 02:40:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: RevoUnin.exe, versión: 2.1.1.0, marca de tiempo: 0x5df73316
Nombre del módulo con errores: ashShell.dll_unloaded, versión: 0.0.0.0, marca de tiempo: 0x5d81f9be
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x677244d0
Id. del proceso con errores: 0xecc
Hora de inicio de la aplicación con errores: 0x01d5b5ad274ea385
Ruta de acceso de la aplicación con errores: C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe
Ruta de acceso del módulo con errores: ashShell.dll
Id. del informe: 55c88d02-21a4-11ea-b8cc-00196634b675


System errors:
=============
Error: (12/20/2019 01:43:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Avast Antivirus no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (12/20/2019 01:43:29 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a56\??\C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT

Error: (12/20/2019 01:43:23 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT AUTHORITY)
Description: Se deshabilitaron algunas características de administración de energía en estado de rendimiento del procesador debido a un problema conocido de firmware. Consulte al fabricante del equipo si hay firmware actualizado.

Error: (12/19/2019 08:22:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Avast Antivirus no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (12/19/2019 08:22:08 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a56\??\C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT

Error: (12/19/2019 08:21:40 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT AUTHORITY)
Description: Se deshabilitaron algunas características de administración de energía en estado de rendimiento del procesador debido a un problema conocido de firmware. Consulte al fabricante del equipo si hay firmware actualizado.

Error: (12/19/2019 05:07:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Avast Antivirus no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (12/19/2019 05:07:11 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a56\??\C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT


==================== Memory info =========================== 

BIOS: American Megatrends Inc. P1.20 06/28/2007
Motherboard:                        ConRoe1333-D667 
Processor: Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz
Percentage of memory in use: 90%
Total physical RAM: 2039.3 MB
Available physical RAM: 183.55 MB
Total Virtual: 4078.61 MB
Available Virtual: 2047.76 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.52 GB) (Free:49.86 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:74.53 GB) (Free:8.07 GB) NTFS
Drive e: (Audio CD) (CDROM) (Total:0 GB) (Free:0 GB) CDFS
Drive g: () (Removable) (Total:7.19 GB) (Free:1.13 GB) FAT32


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 74.5 GB) (Disk ID: B4F2B4F2)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 74.5 GB) (Disk ID: FD64380A)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Size: 7.2 GB) (Disk ID: 656D2F6F)
No partition Table on disk 2.

==================== End of Addition.txt =======================

Hola @Angel_Munoz

Por lo general los usuarios suelen tener una cuenta que sincroniza el navegador del equipo con el navegador del teléfono y/o tablet, u otros equipos/dispositivos.

Entonces cuando hay una infección del navegador la misma se sincroniza en ambos equipos.

Una consulta desinstalaste Avast como te indique? Ya que se ven muchos restos. :thinking:


1.- Ejecutaste FRST desde un lugar incorrecto:

  • Running from C:\Users\MUÑOZ SILVA\Downloads

Corta el ejecutable y pegalo en tu escritorio <<< Esto es Muy Importante.

Sigue estos pasos:

2.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

Luego vaya a::

3.- Inicio >>> Ejecutar >>> Escribe notepad.exe o abra un nuevo archivo Notepad y copie y pegue lo siguiente:

Start
CloseProcesses:
HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\...\MountPoints2: {0ca7f5ca-c44a-11e9-9012-00196634b675} - G:\Setup.exe
HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\...\MountPoints2: {96855c2e-274b-11dc-913a-806e6f6e6963} - E:\autorun.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {00EA4ADD-D48F-45E1-A5E4-224EAA6A307E} - System32\Tasks\{A85AFEBD-294B-462D-A377-B736A2E36E80} => C:\Windows\system32\pcalua.exe -a "E:\emuladores game\Emulador de PX1 XP\emurayden-v21.exe" -d "E:\emuladores game\Emulador de PX1 XP"
Task: {10D34A5F-4181-4778-8B1D-0939321CCF7E} - System32\Tasks\{E8DED79E-9F54-4FBA-A4CF-3685FD4AC5EE} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\mgs2.exe"
Task: {18873AC4-35CA-41E8-A6E9-727C2C93956C} - System32\Tasks\{A78E79F3-C281-4617-A4A7-FBDA3868A54D} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Task Killer\uninstall.exe"
Task: {343747BA-4E73-4208-8964-8AFDD7CE6C4F} - System32\Tasks\{3BB4BB80-A8FF-4CA4-BD85-3BC44FDA494E} => C:\Windows\system32\pcalua.exe -a C:\ProgramData\KLC\SMAC\UNWISE.EXE -c C:\ProgramData\KLC\SMAC\INSTALL.LOG
Task: {39836990-E9A8-4EE7-9F9B-712D51D4BED4} - System32\Tasks\AVG TuneUp Update => C:\Program Files\AVG\AVG TuneUp\TUNEUpdate.exe
C:\Program Files\AVG
Task: {498283A3-25DE-4C4C-90DE-8B2C2F4279E9} - System32\Tasks\{8045DFF0-44BF-4B68-BA8B-3E514442CBEA} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\mgs2_sse.exe"
Task: {51ACCE69-820B-4DC4-9D6A-B100136B20F1} - System32\Tasks\{1D3A38DC-4C3A-4503-952E-D12C9F877A7B} => C:\Windows\system32\pcalua.exe -a "C:\Users\MUÑOZ SILVA\Desktop\nox_setup_v6.2.6.3_full_intl.exe" -d "C:\Users\MUÑOZ SILVA\Desktop"
Task: {5F27C32C-A567-4697-B982-980A51B15C99} - System32\Tasks\{45244AC2-DA9D-4DCB-AE60-DA8E5AB5E24C} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\MGS2SConfig.exe"
Task: {70B09B80-26E7-47DF-A076-2FC91251306C} - System32\Tasks\{FFD0409B-AEF9-4FB9-8DF2-94DD63FDC262} => C:\Windows\system32\pcalua.exe -a E:\Driver\Setup.exe -d E:\Driver
Task: {7CDAE2CB-C784-49B7-B65D-118F05454557} - System32\Tasks\{2177D4B2-327C-4831-ADC9-F1FFFC9FA732} => C:\Windows\system32\pcalua.exe -a E:\Viewer\Setup.exe -d E:\Viewer
Task: {838FEC28-9109-49A7-928D-0E0C9184AB4E} - System32\Tasks\{A05FB40E-C38E-414E-9AC0-63D7D7C5D8AC} => C:\Windows\system32\pcalua.exe -a E:\MGS2SSetup.exe -d E:\
Task: {B0D23105-5033-4947-8C16-71915371C3E1} - System32\Tasks\{988275F2-4994-42D9-AB0C-972534EA72A7} => C:\Windows\system32\pcalua.exe -a E:\Viewer\Setup.exe -d E:\Viewer
Task: {BC53B186-DB04-4B62-B403-AE03A118B020} - System32\Tasks\{3E368019-8C88-40A3-B000-D2189BC8E74C} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\SETUP\SETUP.EXE"
Task: {DB87816F-9EB3-4A7A-953C-C48E1F32B5C9} - System32\Tasks\{97490CA8-C995-4CF8-B11F-ACEE0C016FF7} => C:\Windows\system32\pcalua.exe -a "D:\Program Files\Microvirt\MEmu\uninstall\uninstall.exe" -c -u
Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\MUÑOZ SILVA\Downloads\adwcleaner_8.0.1.exe
Task: C:\Windows\Tasks\Avast Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\Program Files\AVAST Software
HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.emurayden.com
HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-ve/?ocid=iehp
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
S3 aswbIDSAgent; "C:\Program Files\AVAST Software\Avast\aswidsagent.exe" [X]
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35512 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [174712 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [224008 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [169408 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [59368 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [211088 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41200 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [145048 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [95168 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [73312 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [691528 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [394856 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswStm; C:\Windows\System32\drivers\aswStm.sys [176760 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [277408 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
U3 aswbdisk; no ImagePath
U1 avgbdisk; no ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2019-12-18 14:33 - 2019-12-18 14:33 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Roaming\AVAST Software
2019-12-18 14:29 - 2019-12-19 01:34 - 000003104 _____ C:\Windows\system32\Tasks\{A78E79F3-C281-4617-A4A7-FBDA3868A54D}
2019-12-18 14:27 - 2019-12-19 01:34 - 000003162 _____ C:\Windows\system32\Tasks\{3BB4BB80-A8FF-4CA4-BD85-3BC44FDA494E}
2019-12-18 12:36 - 2019-12-18 12:36 - 000000300 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
2019-12-18 12:15 - 2019-12-18 12:15 - 000691528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-12-18 12:15 - 2019-12-18 12:15 - 000394856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-12-18 12:15 - 2019-12-18 12:15 - 000000342 ____H C:\Windows\Tasks\Avast Emergency Update.job
2019-12-18 12:15 - 2019-12-18 12:15 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-12-18 12:15 - 2019-12-18 12:14 - 000305032 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-12-18 12:15 - 2019-12-18 12:14 - 000277408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000224008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000211088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000176760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000174712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000169408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000145048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000095168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000073312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000059368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000041200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000035512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-12-18 11:51 - 2019-12-18 12:15 - 000000000 ____D C:\ProgramData\AVAST Software
2019-12-16 18:16 - 2019-12-16 18:16 - 000003890 _____ C:\Windows\system32\Tasks\AVG TuneUp Update
2019-12-16 07:12 - 2019-12-16 07:12 - 061538788 _____ C:\Users\MUÑOZ SILVA\Downloads\AVG TuneUp 32&64 bits (2019) 19.1 Build 1098 Final,.rar
2019-12-16 05:25 - 2019-12-16 05:30 - 006171768 _____ (Avira Operations GmbH & Co. KG) C:\Users\MUÑOZ SILVA\Downloads\avira_es_froe3_5df74ec4d3148__pavwws.exe
2019-12-16 04:20 - 2019-12-16 04:20 - 101023024 _____ (EnigmaSoft Limited) C:\ProgramData\EsgInstallerResumeAction_7e211bafacdb964f2938233e4756906d.exe
2019-12-16 04:20 - 2019-12-16 04:20 - 000009152 _____ C:\EsgInstallerResumeAction_7e211bafacdb964f2938233e4756906d
2019-12-15 20:42 - 2019-12-15 20:42 - 000000000 ____D C:\Program Files\ESET
2019-12-15 20:31 - 2019-12-15 20:42 - 002870984 _____ (ESET) C:\Users\MUÑOZ SILVA\Downloads\esetsmartinstaller_esn.exe
2019-12-15 20:24 - 2019-12-15 20:24 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Local\ESET
2019-12-15 19:13 - 2019-12-15 19:24 - 000000000 ___HD C:\Users\MUÑOZ SILVA\AppData\Roaming\xqcsllhcl
2019-12-12 12:10 - 2019-12-13 21:26 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2019-12-12 12:10 - 2019-12-12 12:10 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Roaming\SUPERAntiSpyware.com
2019-12-12 12:10 - 2019-12-12 12:10 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2019-12-19 20:22 - 2007-06-30 20:16 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Roaming\AVG
2019-12-19 20:22 - 2007-06-30 20:11 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Local\Avg
2019-12-19 20:21 - 2007-06-30 20:11 - 000000000 ____D C:\ProgramData\Avg
2019-12-19 20:21 - 2007-06-30 20:11 - 000000000 ____D C:\Program Files\AVG
2019-12-19 01:34 - 2019-05-11 06:22 - 000003216 _____ C:\Windows\system32\Tasks\{A85AFEBD-294B-462D-A377-B736A2E36E80}
2019-12-19 01:34 - 2019-03-28 21:31 - 000003080 _____ C:\Windows\system32\Tasks\{988275F2-4994-42D9-AB0C-972534EA72A7}
2019-12-19 01:34 - 2019-03-28 18:36 - 000003080 _____ C:\Windows\system32\Tasks\{FFD0409B-AEF9-4FB9-8DF2-94DD63FDC262}
2019-12-19 01:34 - 2019-02-12 04:28 - 000003142 _____ C:\Windows\system32\Tasks\{97490CA8-C995-4CF8-B11F-ACEE0C016FF7}
2019-12-19 01:34 - 2018-12-31 19:15 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2019-12-19 01:34 - 2018-12-21 06:36 - 000003156 _____ C:\Windows\system32\Tasks\{3E368019-8C88-40A3-B000-D2189BC8E74C}
2019-12-19 01:34 - 2018-12-05 17:45 - 000003026 _____ C:\Windows\system32\Tasks\{49D43A32-0737-41F3-B3FF-CAB539BADD44}
2019-12-19 01:34 - 2018-12-05 17:44 - 000003164 _____ C:\Windows\system32\Tasks\{45244AC2-DA9D-4DCB-AE60-DA8E5AB5E24C}
2019-12-19 01:34 - 2018-12-05 17:44 - 000003026 _____ C:\Windows\system32\Tasks\{A72FB3E3-40ED-4C58-946C-060284B79167}
2019-12-19 01:34 - 2018-12-05 17:42 - 000003218 _____ C:\Windows\system32\Tasks\{E8DED79E-9F54-4FBA-A4CF-3685FD4AC5EE}
2019-12-19 01:34 - 2018-12-05 17:42 - 000003018 _____ C:\Windows\system32\Tasks\{21AEFBE4-A552-4B2B-9471-1529DC7240B8}
2019-12-19 01:34 - 2018-12-05 17:38 - 000003026 _____ C:\Windows\system32\Tasks\{F9977A51-8512-4955-B212-A2758A8F500E}
2019-12-19 01:34 - 2018-12-05 17:37 - 000003226 _____ C:\Windows\system32\Tasks\{8045DFF0-44BF-4B68-BA8B-3E514442CBEA}
2019-12-19 01:34 - 2018-12-05 16:48 - 000003064 _____ C:\Windows\system32\Tasks\{A05FB40E-C38E-414E-9AC0-63D7D7C5D8AC}
2019-12-19 01:33 - 2019-03-28 21:31 - 000003080 _____ C:\Windows\system32\Tasks\{2177D4B2-327C-4831-ADC9-F1FFFC9FA732}
2019-12-19 01:33 - 2019-02-12 14:44 - 000003210 _____ C:\Windows\system32\Tasks\{1D3A38DC-4C3A-4503-952E-D12C9F877A7B}
2019-12-19 01:33 - 2018-12-05 17:45 - 000003026 _____ C:\Windows\system32\Tasks\{08ECB120-BB20-40E9-AF1F-544EC35759A2}
2019-12-14 22:24 - 2019-04-17 05:15 - 000000000 ____D C:\Windows\system32\appmgmt
2019-12-13 21:26 - 2019-09-12 14:03 - 000000000 ____D C:\ProgramData\KLC
2019-12-13 21:26 - 2019-08-30 21:59 - 000000000 ____D C:\Program Files\Jagex
2019-12-02 13:26 - 2019-07-22 04:27 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Local\BraveSoftware
2019-12-16 04:20 - 2019-12-16 04:20 - 101023024 _____ (EnigmaSoft Limited) C:\ProgramData\EsgInstallerResumeAction_7e211bafacdb964f2938233e4756906d.exe
2019-01-25 10:31 - 2019-01-25 10:31 - 000000000 _____ () C:\Users\MUÑOZ SILVA\AppData\Local\{010B7A5A-A5FF-415E-B048-DFE0112E9934}
2019-01-25 10:31 - 2019-01-25 10:31 - 000000000 _____ () C:\Users\MUÑOZ SILVA\AppData\Local\{28D0BD17-4062-4F6E-8887-C4E4D26AEA88}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVG TuneUp.lnk => C:\Windows\pss\AVG TuneUp.lnk.CommonStartup

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guarda bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe/Frst64.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajará.

4.- Inicie su ordenador en >>> Modo Seguro

  • Ejecute Frst.exe o Frst64.exe. según el caso.
  • Presione el botón Fix y aguarde a que termine.
  • La Herramienta guardará el reporte en su escritorio (Fixlog.txt).
  • Reinicia y lo pega en su próxima respuesta.

Nos comentas…

Salu2

1 me gusta

No, no tengo configurado el Chrome de ese modo. Con respecto al Avast, tampoco lo desinstalé de la manera en que me dijo, pues, para mí que se instaló con el CCleaner, no lo hice yo manualmente. Mi antivirus ha sido el AVG. La razón ha sido porque intentaba desinstalarlo y me aparecía u mensaje ahí todo extraño cada vez que intentaba desinstalarlo. Tuve que hacerlo manualmente. Lo reinstalé y volví a desinstalar esta vez sí desde Programas y características, y no hubo ningún problema esta vez. Aún así creo que han quedado archivos residuales.

Dejo los Logs del Scan de FRST, esta vez ejecutado desde escritorio.

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-12-2019
Ran by MUÑOZ SILVA (administrator) on MUÑOZSILVA-PC (21-12-2019 22:54:10)
Running from C:\Users\MUÑOZ SILVA\Desktop
Loaded Profiles: MUÑOZ SILVA (Available Profiles: MUÑOZ SILVA)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)


==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [tsnppro] => C:\Windows\tsnppro.exe [86016 2005-10-25] () [File not signed]
HKLM\...\Run: [snppro] => C:\Windows\vsnppro.exe [339968 2005-01-14] (Microsoft Windows Hardware Compatibility Publisher -> Sonix)
HKLM\...\Run: [BigDog305] => C:\Windows\VM305_STI.EXE [61440 2007-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro)
HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\...\Run: [ares] => C:\Program Files\Ares\Ares.exe [3544064 2019-09-30] (AresGalaxy) [File not signed]
HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-12-18] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\...\MountPoints2: {0ca7f5ca-c44a-11e9-9012-00196634b675} - G:\Setup.exe
HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\...\MountPoints2: {96855c2e-274b-11dc-913a-806e6f6e6963} - E:\autorun.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-19] (Google LLC -> Google LLC)
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00EA4ADD-D48F-45E1-A5E4-224EAA6A307E} - System32\Tasks\{A85AFEBD-294B-462D-A377-B736A2E36E80} => C:\Windows\system32\pcalua.exe -a "E:\emuladores game\Emulador de PX1 XP\emurayden-v21.exe" -d "E:\emuladores game\Emulador de PX1 XP"
Task: {0AD579EC-6788-499A-A8E4-A1DC559A411C} - System32\Tasks\{0A7D9093-2A7F-4BC9-B31C-F00E3528BF8C} => C:\Users\MUÑOZ SILVA\Desktop\2CaptchaBot.exe
Task: {10D34A5F-4181-4778-8B1D-0939321CCF7E} - System32\Tasks\{E8DED79E-9F54-4FBA-A4CF-3685FD4AC5EE} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\mgs2.exe"
Task: {18873AC4-35CA-41E8-A6E9-727C2C93956C} - System32\Tasks\{A78E79F3-C281-4617-A4A7-FBDA3868A54D} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Task Killer\uninstall.exe"
Task: {21F4E211-DEB7-40A4-95D9-DF20D5EBFD21} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648 2019-02-08] () [File not signed]
Task: {288F55BA-C489-4789-A6A2-158918986710} - System32\Tasks\Opera scheduled Autoupdate 1546014934 => C:\Users\MUÑOZ SILVA\AppData\Local\Programs\Opera\launcher.exe [1348632 2019-09-03] (Opera Software AS -> Opera Software)
Task: {343747BA-4E73-4208-8964-8AFDD7CE6C4F} - System32\Tasks\{3BB4BB80-A8FF-4CA4-BD85-3BC44FDA494E} => C:\Windows\system32\pcalua.exe -a C:\ProgramData\KLC\SMAC\UNWISE.EXE -c C:\ProgramData\KLC\SMAC\INSTALL.LOG
Task: {39836990-E9A8-4EE7-9F9B-712D51D4BED4} - System32\Tasks\AVG TuneUp Update => C:\Program Files\AVG\AVG TuneUp\TUNEUpdate.exe
Task: {428FC924-51C7-49D1-918E-11B6BB41FEA7} - System32\Tasks\{49D43A32-0737-41F3-B3FF-CAB539BADD44} => C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\mgs2_sse.exe
Task: {44A548DB-CFD8-4AEE-B6B8-0B4041D677C4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-12-18] (Piriform Software Ltd -> Piriform Ltd)
Task: {498283A3-25DE-4C4C-90DE-8B2C2F4279E9} - System32\Tasks\{8045DFF0-44BF-4B68-BA8B-3E514442CBEA} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\mgs2_sse.exe"
Task: {5008456B-25DB-4399-B9FF-3351D4AC4B7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [154920 2019-09-26] (Google Inc -> Google LLC)
Task: {51ACCE69-820B-4DC4-9D6A-B100136B20F1} - System32\Tasks\{1D3A38DC-4C3A-4503-952E-D12C9F877A7B} => C:\Windows\system32\pcalua.exe -a "C:\Users\MUÑOZ SILVA\Desktop\nox_setup_v6.2.6.3_full_intl.exe" -d "C:\Users\MUÑOZ SILVA\Desktop"
Task: {56E4D399-4EFD-4307-86A0-F4C037805B52} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [154920 2019-09-26] (Google Inc -> Google LLC)
Task: {5F27C32C-A567-4697-B982-980A51B15C99} - System32\Tasks\{45244AC2-DA9D-4DCB-AE60-DA8E5AB5E24C} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\MGS2SConfig.exe"
Task: {70B09B80-26E7-47DF-A076-2FC91251306C} - System32\Tasks\{FFD0409B-AEF9-4FB9-8DF2-94DD63FDC262} => C:\Windows\system32\pcalua.exe -a E:\Driver\Setup.exe -d E:\Driver
Task: {7CDAE2CB-C784-49B7-B65D-118F05454557} - System32\Tasks\{2177D4B2-327C-4831-ADC9-F1FFFC9FA732} => C:\Windows\system32\pcalua.exe -a E:\Viewer\Setup.exe -d E:\Viewer
Task: {81033009-4A22-4377-AA19-7D2DB584DA1A} - System32\Tasks\{21AEFBE4-A552-4B2B-9471-1529DC7240B8} => C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\mgs2.exe
Task: {838FEC28-9109-49A7-928D-0E0C9184AB4E} - System32\Tasks\{A05FB40E-C38E-414E-9AC0-63D7D7C5D8AC} => C:\Windows\system32\pcalua.exe -a E:\MGS2SSetup.exe -d E:\
Task: {839DEDE5-F2DD-426C-AFDF-B00621BBBDD4} - System32\Tasks\{A72FB3E3-40ED-4C58-946C-060284B79167} => C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\mgs2_sse.exe
Task: {ACACD0F1-2C71-4EFF-86F1-D5D23A4C217D} - System32\Tasks\{08ECB120-BB20-40E9-AF1F-544EC35759A2} => C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\mgs2_sse.exe
Task: {AD870D36-F751-4369-A123-DA9EAF3A7C2C} - System32\Tasks\{0872955B-2E3A-479F-92D9-DF9E68B593E4} => C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\mgs2.exe
Task: {B0D23105-5033-4947-8C16-71915371C3E1} - System32\Tasks\{988275F2-4994-42D9-AB0C-972534EA72A7} => C:\Windows\system32\pcalua.exe -a E:\Viewer\Setup.exe -d E:\Viewer
Task: {BC53B186-DB04-4B62-B403-AE03A118B020} - System32\Tasks\{3E368019-8C88-40A3-B000-D2189BC8E74C} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\SETUP\SETUP.EXE"
Task: {CB83982B-E5BF-41FA-AD96-8068E3D16594} - System32\Tasks\{F9977A51-8512-4955-B212-A2758A8F500E} => C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\mgs2_sse.exe
Task: {DB87816F-9EB3-4A7A-953C-C48E1F32B5C9} - System32\Tasks\{97490CA8-C995-4CF8-B11F-ACEE0C016FF7} => C:\Windows\system32\pcalua.exe -a "D:\Program Files\Microvirt\MEmu\uninstall\uninstall.exe" -c -u
Task: {F1E849FA-1265-4121-9765-3D84CB85BB5B} - System32\Tasks\{02083E3F-599F-4056-9735-630A118A5401} => C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\mgs2_sse.exe
Task: {FB9BB77E-8136-4B08-8C6A-E19C811B8972} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2642276731-2804568143-1254195563-1000 => C:\ProgramData\MEGAsync\MEGAupdater.exe [615160 2019-09-16] (Mega Limited -> Mega Limited)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\MUÑOZ SILVA\Downloads\adwcleaner_8.0.1.exe
Task: C:\Windows\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 37.120.145.234 8.8.8.8
Tcpip\..\Interfaces\{0119DFDB-7083-494B-BAE7-FBF0981ED1AD}: [DhcpNameServer] 37.120.145.234 8.8.8.8

Internet Explorer:
==================
HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.emurayden.com
HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-ve/?ocid=iehp
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)

Chrome: 
=======
CHR Session Restore: Default -> is enabled.
CHR Notifications: Default -> hxxps://web.telegram.org; hxxps://www.familias.com
CHR Profile: C:\Users\MUÑOZ SILVA\AppData\Local\Google\Chrome\User Data\Default [2019-12-21]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\MUÑOZ SILVA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-16]
CHR Extension: (Chrome Media Router) - C:\Users\MUÑOZ SILVA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-18]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]

Opera: 
=======
OPR Extension: (ZenMate VPN - Best Cyber Security & Unblock) - C:\Users\MUÑOZ SILVA\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnhbkkedmelfmalgjpkngiaoifpdfcnl [2019-06-15]
OPR Extension: (VPN.S HTTP Proxy) - C:\Users\MUÑOZ SILVA\AppData\Roaming\Opera Software\Opera Stable\Extensions\decfmjjdfcldhoonmgjadlilkdblonge [2019-06-15]
OPR Extension: (Google Translate) - C:\Users\MUÑOZ SILVA\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2019-06-16]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 MBAMInstallerService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe [4029504 2019-12-16] (Malwarebytes Inc -> Malwarebytes)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [5570712 2019-11-14] (Malwarebytes Inc -> Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 atikmdag; C:\Windows\system32\drivers\atikmdag.sys [4194816 2009-07-13] (Microsoft Windows -> ATI Technologies Inc.)
S3 DroidCam; C:\Windows\System32\DRIVERS\droidcam.sys [30008 2015-05-24] (DEV47 APPS -> Dev47Apps)
S3 DroidCamVideo; C:\Windows\System32\DRIVERS\droidcamvideo.sys [225720 2015-05-24] (DEV47 APPS -> Dev47Apps)
S1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2014-12-20] (Elaborate Bytes AG -> Elaborate Bytes AG)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [21960 2018-10-22] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
R0 EPMVolFlt; C:\Windows\System32\drivers\EPMVolFlt.sys [17992 2018-10-18] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider) [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10208 2018-10-24] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt86win7.sys [139776 2009-07-13] (Microsoft Windows -> Realtek Corporation )
S3 SNPPRO; C:\Windows\System32\DRIVERS\snppro.sys [8664448 2005-06-10] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2018-11-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [112640 2010-09-29] (Microsoft Corporation) [File not signed]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S3 vvftav; C:\Windows\System32\drivers\vvftav.sys [474368 2007-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [128704 2016-08-16] (NGO -> MBB)
S3 wovad_micarray; C:\Windows\System32\drivers\womic.sys [29552 2017-11-25] (Beijing Wolicheng Technology Co., Ltd. -> Windows (R) Win 7 DDK provider)
S3 ZSMC0305; C:\Windows\System32\Drivers\usbVM305.sys [1466624 2007-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
U1 aswbdisk; no ImagePath
U1 avgbdisk; no ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-21 22:54 - 2019-12-21 22:55 - 000014712 _____ C:\Users\MUÑOZ SILVA\Desktop\FRST.txt
2019-12-21 22:48 - 2019-12-21 22:48 - 000013427 _____ C:\Users\MUÑOZ SILVA\Desktop\fixlist.txt
2019-12-21 22:44 - 2019-12-21 22:44 - 000000270 _____ C:\DelFix.txt
2019-12-21 22:44 - 2019-12-21 22:44 - 000000000 ____D C:\Windows\ERUNT
2019-12-21 22:42 - 2019-12-21 22:47 - 000014970 _____ C:\Users\MUÑOZ SILVA\Desktop\Indicaciones Forospyware 3.txt
2019-12-21 22:40 - 2019-12-21 22:40 - 000797760 _____ C:\Users\MUÑOZ SILVA\Desktop\delfix.exe
2019-12-21 18:40 - 2019-12-21 18:41 - 000233080 _____ (AVAST Software) C:\Users\MUÑOZ SILVA\Downloads\avast_free_antivirus_setup_online.exe
2019-12-21 02:49 - 2019-12-21 02:49 - 000000000 ____D C:\Users\MUÑOZ SILVA\padventures
2019-12-21 02:26 - 2019-12-21 02:44 - 000000000 ____D C:\Users\MUÑOZ SILVA\padclient
2019-12-21 01:55 - 2019-12-21 02:41 - 000000000 ____D C:\Users\MUÑOZ SILVA\Downloads\PA Modern 10.8.7
2019-12-20 14:15 - 2019-12-21 22:54 - 000000000 ____D C:\FRST
2019-12-20 00:30 - 2019-12-20 00:30 - 000001165 _____ C:\Users\MUÑOZ SILVA\Desktop\Indicaciones Forospyware 2.txt
2019-12-20 00:29 - 2019-12-20 00:29 - 001992192 _____ (Farbar) C:\Users\MUÑOZ SILVA\Desktop\FRST.exe
2019-12-19 01:20 - 2019-12-19 01:38 - 000000275 _____ C:\Users\MUÑOZ SILVA\Desktop\descargar.txt
2019-12-18 15:15 - 2019-12-18 15:15 - 000008794 _____ C:\Users\MUÑOZ SILVA\Desktop\cc_20191218_151516.reg
2019-12-18 15:14 - 2019-12-18 15:15 - 000136278 _____ C:\Users\MUÑOZ SILVA\Desktop\cc_20191218_151452.reg
2019-12-18 15:10 - 2019-12-19 01:33 - 000002830 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2019-12-18 14:29 - 2019-12-19 01:34 - 000003104 _____ C:\Windows\system32\Tasks\{A78E79F3-C281-4617-A4A7-FBDA3868A54D}
2019-12-18 14:27 - 2019-12-19 01:34 - 000003162 _____ C:\Windows\system32\Tasks\{3BB4BB80-A8FF-4CA4-BD85-3BC44FDA494E}
2019-12-18 12:39 - 2019-12-18 13:51 - 000000798 _____ C:\Users\MUÑOZ SILVA\Desktop\ZHPCleaner.lnk
2019-12-18 12:39 - 2019-12-18 13:51 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Roaming\ZHP
2019-12-18 12:39 - 2019-12-18 12:39 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Local\ZHP
2019-12-18 12:36 - 2019-12-18 12:36 - 000000300 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
2019-12-18 12:31 - 2019-12-21 22:50 - 000285854 _____ C:\Windows\ntbtlog.txt
2019-12-18 12:14 - 2019-12-18 12:36 - 000000000 ____D C:\AdwCleaner
2019-12-18 12:14 - 2019-12-18 12:15 - 000001641 _____ C:\Users\MUÑOZ SILVA\Desktop\Indicaciones Forospyware.txt
2019-12-18 11:54 - 2019-12-18 11:55 - 008237744 _____ (Malwarebytes) C:\Users\MUÑOZ SILVA\Downloads\adwcleaner_8.0.1.exe
2019-12-18 11:51 - 2019-12-21 22:32 - 000000000 ____D C:\ProgramData\AVAST Software
2019-12-18 11:50 - 2019-12-18 11:51 - 003326336 _____ (Nicolas Coolman) C:\Users\MUÑOZ SILVA\Downloads\ZHPCleaner.exe
2019-12-18 11:49 - 2019-12-18 12:37 - 000000000 ____D C:\Program Files\CCleaner
2019-12-18 11:49 - 2019-12-18 11:55 - 000000973 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-18 11:49 - 2019-12-18 11:55 - 000000300 ____H C:\Windows\Tasks\CCleaner Update.job
2019-12-18 11:49 - 2019-12-18 11:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-12-18 00:19 - 2019-12-18 00:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-12-18 00:19 - 2019-12-18 00:19 - 000000000 ____D C:\Program Files\VS Revo Group
2019-12-16 20:17 - 2019-12-16 20:17 - 000000000 ___SD C:\Users\MUÑOZ SILVA\AppData\LocalLow\Temp
2019-12-16 18:16 - 2019-12-16 18:16 - 000003890 _____ C:\Windows\system32\Tasks\AVG TuneUp Update
2019-12-16 05:25 - 2019-12-16 05:30 - 006171768 _____ (Avira Operations GmbH & Co. KG) C:\Users\MUÑOZ SILVA\Downloads\avira_es_froe3_5df74ec4d3148__pavwws.exe
2019-12-16 04:20 - 2019-12-16 04:20 - 101023024 _____ (EnigmaSoft Limited) C:\ProgramData\EsgInstallerResumeAction_7e211bafacdb964f2938233e4756906d.exe
2019-12-16 04:20 - 2019-12-16 04:20 - 000222648 _____ (Malwarebytes) C:\Windows\system32\Drivers\6553275D.sys
2019-12-16 04:20 - 2019-12-16 04:20 - 000009152 _____ C:\EsgInstallerResumeAction_7e211bafacdb964f2938233e4756906d
2019-12-16 04:14 - 2019-12-16 12:01 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2019-12-16 04:02 - 2019-12-16 04:09 - 014178840 _____ (Malwarebytes Corp.) C:\Users\MUÑOZ SILVA\Downloads\mbar-1.10.3.1001.exe
2019-12-16 02:00 - 2019-12-16 02:00 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Local\Deployment
2019-12-15 22:14 - 2019-12-15 22:41 - 000057400 _____ C:\Users\MUÑOZ SILVA\Downloads\WhatsApp Image 2019-09-09 at 8.38.45 PM.jpeg
2019-12-15 22:14 - 2019-12-15 22:40 - 000059045 _____ C:\Users\MUÑOZ SILVA\Downloads\WhatsApp Image 2019-09-09 at 8.38.43 PM.jpeg
2019-12-15 22:14 - 2019-12-15 22:38 - 000059974 _____ C:\Users\MUÑOZ SILVA\Downloads\WhatsApp Image 2019-09-09 at 8.38.44 PM.jpeg
2019-12-15 22:14 - 2019-12-15 22:35 - 000042168 _____ C:\Users\MUÑOZ SILVA\Downloads\WhatsApp Image 2019-09-09 at 8.38.45 PM (2).jpeg
2019-12-15 22:14 - 2019-12-15 22:20 - 000059710 _____ C:\Users\MUÑOZ SILVA\Downloads\WhatsApp Image 2019-09-09 at 8.38.46 PM.jpeg
2019-12-15 20:24 - 2019-12-15 20:24 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Local\ESET
2019-12-15 19:13 - 2019-12-15 19:24 - 000000000 ___HD C:\Users\MUÑOZ SILVA\AppData\Roaming\xqcsllhcl
2019-12-15 18:35 - 2019-12-15 18:54 - 000000464 __RSH C:\Users\MUÑOZ SILVA\ntuser.pol
2019-12-14 22:49 - 2019-12-19 17:28 - 000002172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-14 22:49 - 2019-12-19 17:28 - 000002131 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-14 22:14 - 2019-12-14 22:14 - 000000000 __SHD C:\found.002
2019-12-12 12:24 - 2019-12-12 12:24 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Local\cache
2019-12-12 12:10 - 2019-12-13 21:26 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2019-12-12 12:10 - 2019-12-12 12:10 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Roaming\SUPERAntiSpyware.com
2019-12-12 12:10 - 2019-12-12 12:10 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2019-12-02 21:31 - 2019-12-02 21:31 - 000000165 ____H C:\Users\MUÑOZ SILVA\Desktop\~$VENTAS LUNES  2 DE DICIEMBRE.xlsx
2019-12-01 08:39 - 2019-12-01 08:39 - 000000000 __SHD C:\found.001

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-21 22:49 - 2009-07-14 04:34 - 000009904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-12-21 22:49 - 2009-07-14 04:34 - 000009904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-12-21 22:21 - 2007-06-30 20:08 - 000000000 ____D C:\Users\MUÑOZ SILVA
2019-12-21 22:16 - 2009-07-14 04:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-20 20:24 - 2010-11-26 21:57 - 001685346 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-20 20:24 - 2009-07-14 08:48 - 000750894 _____ C:\Windows\system32\perfh00A.dat
2019-12-20 20:24 - 2009-07-14 08:48 - 000159930 _____ C:\Windows\system32\perfc00A.dat
2019-12-20 20:24 - 2009-07-14 02:37 - 000000000 ____D C:\Windows\inf
2019-12-20 20:22 - 2019-01-03 05:55 - 000000000 ____D C:\Users\MUÑOZ SILVA\Documents\MEGAsync Downloads
2019-12-20 19:17 - 2009-07-14 02:37 - 000000000 ____D C:\Windows\registration
2019-12-19 20:22 - 2007-06-30 20:16 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Roaming\AVG
2019-12-19 20:22 - 2007-06-30 20:11 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Local\Avg
2019-12-19 20:21 - 2007-06-30 20:11 - 000000000 ____D C:\ProgramData\Avg
2019-12-19 20:21 - 2007-06-30 20:11 - 000000000 ____D C:\Program Files\AVG
2019-12-19 01:34 - 2019-05-11 06:22 - 000003216 _____ C:\Windows\system32\Tasks\{A85AFEBD-294B-462D-A377-B736A2E36E80}
2019-12-19 01:34 - 2019-03-28 21:31 - 000003080 _____ C:\Windows\system32\Tasks\{988275F2-4994-42D9-AB0C-972534EA72A7}
2019-12-19 01:34 - 2019-03-28 18:36 - 000003080 _____ C:\Windows\system32\Tasks\{FFD0409B-AEF9-4FB9-8DF2-94DD63FDC262}
2019-12-19 01:34 - 2019-02-12 04:28 - 000003142 _____ C:\Windows\system32\Tasks\{97490CA8-C995-4CF8-B11F-ACEE0C016FF7}
2019-12-19 01:34 - 2018-12-21 06:36 - 000003156 _____ C:\Windows\system32\Tasks\{3E368019-8C88-40A3-B000-D2189BC8E74C}
2019-12-19 01:34 - 2018-12-05 17:45 - 000003026 _____ C:\Windows\system32\Tasks\{49D43A32-0737-41F3-B3FF-CAB539BADD44}
2019-12-19 01:34 - 2018-12-05 17:44 - 000003164 _____ C:\Windows\system32\Tasks\{45244AC2-DA9D-4DCB-AE60-DA8E5AB5E24C}
2019-12-19 01:34 - 2018-12-05 17:44 - 000003026 _____ C:\Windows\system32\Tasks\{A72FB3E3-40ED-4C58-946C-060284B79167}
2019-12-19 01:34 - 2018-12-05 17:42 - 000003218 _____ C:\Windows\system32\Tasks\{E8DED79E-9F54-4FBA-A4CF-3685FD4AC5EE}
2019-12-19 01:34 - 2018-12-05 17:42 - 000003018 _____ C:\Windows\system32\Tasks\{21AEFBE4-A552-4B2B-9471-1529DC7240B8}
2019-12-19 01:34 - 2018-12-05 17:38 - 000003026 _____ C:\Windows\system32\Tasks\{F9977A51-8512-4955-B212-A2758A8F500E}
2019-12-19 01:34 - 2018-12-05 17:37 - 000003226 _____ C:\Windows\system32\Tasks\{8045DFF0-44BF-4B68-BA8B-3E514442CBEA}
2019-12-19 01:34 - 2018-12-05 16:48 - 000003064 _____ C:\Windows\system32\Tasks\{A05FB40E-C38E-414E-9AC0-63D7D7C5D8AC}
2019-12-19 01:33 - 2019-09-26 18:29 - 000003460 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-19 01:33 - 2019-09-26 18:29 - 000003332 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-19 01:33 - 2019-08-13 04:13 - 000004140 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1546014934
2019-12-19 01:33 - 2019-06-15 19:46 - 000002976 _____ C:\Windows\system32\Tasks\{0A7D9093-2A7F-4BC9-B31C-F00E3528BF8C}
2019-12-19 01:33 - 2019-05-06 06:10 - 000003064 _____ C:\Windows\system32\Tasks\klcp_update
2019-12-19 01:33 - 2019-03-28 21:31 - 000003080 _____ C:\Windows\system32\Tasks\{2177D4B2-327C-4831-ADC9-F1FFFC9FA732}
2019-12-19 01:33 - 2019-02-12 14:44 - 000003210 _____ C:\Windows\system32\Tasks\{1D3A38DC-4C3A-4503-952E-D12C9F877A7B}
2019-12-19 01:33 - 2018-12-05 17:45 - 000003026 _____ C:\Windows\system32\Tasks\{08ECB120-BB20-40E9-AF1F-544EC35759A2}
2019-12-19 01:33 - 2018-12-05 17:43 - 000003018 _____ C:\Windows\system32\Tasks\{0872955B-2E3A-479F-92D9-DF9E68B593E4}
2019-12-19 01:33 - 2018-12-05 17:38 - 000003026 _____ C:\Windows\system32\Tasks\{02083E3F-599F-4056-9735-630A118A5401}
2019-12-18 14:25 - 2007-07-27 02:58 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Local\Adobe
2019-12-18 14:13 - 2019-02-09 23:27 - 000007605 _____ C:\Users\MUÑOZ SILVA\AppData\Local\Resmon.ResmonCfg
2019-12-18 14:09 - 2019-02-02 14:45 - 000000000 ____D C:\Windows\pss
2019-12-18 12:13 - 2019-02-01 08:13 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Roaming\MPC-HC
2019-12-18 12:11 - 2019-01-03 19:44 - 000000000 ____D C:\Windows\Minidump
2019-12-18 12:11 - 2010-11-26 21:37 - 000000000 ____D C:\Windows\Panther
2019-12-16 04:20 - 2019-11-14 20:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-12-16 03:57 - 2009-07-14 04:52 - 000000000 ____D C:\Program Files\Microsoft Games
2019-12-16 02:00 - 2019-08-28 19:48 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Local\Apps\2.0
2019-12-15 18:30 - 2009-07-14 02:37 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-12-14 22:48 - 2018-12-25 01:39 - 000000000 ____D C:\Program Files\Google
2019-12-14 22:24 - 2019-04-17 05:15 - 000000000 ____D C:\Windows\system32\appmgmt
2019-12-14 20:58 - 2019-01-11 22:20 - 000000000 ____D C:\Users\MUÑOZ SILVA\Documents\Logos
2019-12-13 21:26 - 2019-09-22 23:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2019-12-13 21:26 - 2019-09-22 23:01 - 000000000 ____D C:\Program Files\Elaborate Bytes
2019-12-13 21:26 - 2019-09-12 14:03 - 000000000 ____D C:\ProgramData\KLC
2019-12-13 21:26 - 2019-08-30 21:59 - 000000000 ____D C:\Program Files\Jagex
2019-12-13 21:26 - 2019-07-15 00:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2019-12-13 21:26 - 2019-05-11 06:23 - 000000000 ____D C:\Program Files\Emurayden PSX Emulator v2.1
2019-12-13 21:26 - 2019-04-05 01:44 - 000000000 ____D C:\Program Files\FBS MetaTrader 5
2019-12-13 21:21 - 2007-06-30 20:20 - 000000000 __RHD C:\MSOCache
2019-12-11 23:29 - 2019-04-05 01:34 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Roaming\MetaQuotes
2019-12-02 18:18 - 2019-01-15 04:49 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Roaming\Videoder
2019-12-02 13:26 - 2019-07-22 04:27 - 000000000 ____D C:\Users\MUÑOZ SILVA\AppData\Local\BraveSoftware

==================== Files in the root of some directories ========

2019-12-16 04:20 - 2019-12-16 04:20 - 101023024 _____ (EnigmaSoft Limited) C:\ProgramData\EsgInstallerResumeAction_7e211bafacdb964f2938233e4756906d.exe
2019-09-28 22:59 - 2019-11-05 22:15 - 000005632 _____ () C:\Users\MUÑOZ SILVA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-02-09 23:27 - 2019-12-18 14:13 - 000007605 _____ () C:\Users\MUÑOZ SILVA\AppData\Local\Resmon.ResmonCfg
2019-01-25 10:31 - 2019-01-25 10:31 - 000000000 _____ () C:\Users\MUÑOZ SILVA\AppData\Local\{010B7A5A-A5FF-415E-B048-DFE0112E9934}
2019-01-25 10:31 - 2019-01-25 10:31 - 000000000 _____ () C:\Users\MUÑOZ SILVA\AppData\Local\{28D0BD17-4062-4F6E-8887-C4E4D26AEA88}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-12-19 17:43
==================== End of FRST.txt ========================

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-12-2019
Ran by MUÑOZ SILVA (21-12-2019 22:55:32)
Running from C:\Users\MUÑOZ SILVA\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2007-06-30 20:07:14)
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2642276731-2804568143-1254195563-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-2642276731-2804568143-1254195563-1002 - Limited - Enabled)
Invitado (S-1-5-21-2642276731-2804568143-1254195563-501 - Limited - Disabled)
MUÑOZ SILVA (S-1-5-21-2642276731-2804568143-1254195563-1000 - Administrator - Enabled) => C:\Users\MUÑOZ SILVA

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DP Chip Lite v19.01 (HKLM\...\3DP Chip Lite) (Version: v19.01 - 3DP)
Ares (HKLM\...\Ares) (Version: 2.5.3-Build#3079 - AresGalaxy)
BestPractice (remove only) (HKLM\...\BestPractice) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
Creative ALchemy Universal (HKLM\...\ALchemy) (Version:  - )
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
EaseUS Partition Master 13.0 Trial Edition (HKLM\...\EaseUS Partition Master Trial Edition_is1) (Version:  - EaseUS)
Feedback Tool (HKLM\...\{90024193-9F13-4877-89D5-A1CDF0CBBF28}) (Version: 1.1.0 - Microsoft Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
i-NOVIA WEB PRO (HKLM\...\{C340D8F9-33C0-43B8-8809-9BA08EFCC3BC}) (Version: 4.31.1.1 - )
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM\...\{e46e0766-a9ed-4cf2-94c7-a684b0aa214f}) (Version: 19.8.34.6 - Intel)
K-Lite Codec Pack 14.7.5 Full (HKLM\...\KLiteCodecPack_is1) (Version: 14.7.5 - KLCP)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
MEGAsync (HKLM\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0C0A-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{246dcb72-b18c-4ab9-9de9-8a996296b01d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
MPC-HC 1.7.13 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.13 - MPC-HC Team)
OldSchool RuneScape Launcher 1.2.7 (HKLM\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd)
Opera Stable 62.0.3331.99 (HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\...\Opera 62.0.3331.99) (Version: 62.0.3331.99 - Opera Software)
Opera Stable 63.0.3368.71 (HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\...\Opera 63.0.3368.71) (Version: 63.0.3368.71 - Opera Software)
Project64 1.6 (HKLM\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
RuneScape Launcher 2.2.4 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.4 - Jagex Ltd)
SMAC 2.7 (HKLM\...\SMAC 2.7) (Version:  - )
Task Killer (remove only) (HKLM\...\Task Killer) (Version:  - )
Universal Adb Driver (HKLM\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
USB PC Camera VC305 (HKLM\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0305}) (Version:  - )
Videoder 1.0.9 (HKLM\...\808fc302-3d01-59ce-8094-e0443a55877e) (Version: 1.0.9 - GlennioTech)
Vimicro USB PC Camera(VC0305) (HKLM\...\{8AD824A5-1CCC-4BB7-82C9-E6FB25CC0479}) (Version: 2007.04.19 - Vimicro)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VSDC Free Audio Converter versión 1.6.5.353 (HKLM\...\VSDC Free Audio Converter_is1) (Version: 1.6.5.353 - Flash-Integro LLC)
Win7codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 2.6.9 - Shark007)
WinHTTrack Website Copier 3.49-2 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 5.31 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WO Mic Client (HKLM\...\WOMic) (Version:  - )

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [4221328 2011-06-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-09-16] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-09-16] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-14] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-14] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\system32\xvidvfw.dll [134144 2010-06-23] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [95232 2010-10-30] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\system32\ac3filter.acm [497664 2009-08-11] () [File not signed]
HKLM\...\Drivers32: [msacm.avis] => C:\Windows\system32\ff_acm.acm [43520 2010-10-30] () [File not signed]
HKLM\...\Drivers32: [vidc.MPG4] => C:\Windows\system32\mpg4c32.dll [413760 2000-07-27] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.MP42] => C:\Windows\system32\mpg4c32.dll [413760 2000-07-27] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.MP43] => C:\Windows\system32\mpg4c32.dll [413760 2000-07-27] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.msaudio1] => C:\Windows\system32\msaud32.acm [282896 2000-07-26] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.IV41] => C:\Windows\system32\IR41_32.AX [839680 2009-07-14] (Microsoft Windows -> Intel Corporation)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:04 - 2019-11-14 19:07 - 000001247 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1	localhost
127.0.0.1	https://www.bananatic.com/es/juegos/bleach-online-28
127.0.0.1	www.bananatic.com/es/juegos/bleach-online-28
127.0.0.1	bananatic.com/es/juegos/bleach-online-28
127.0.0.1	http://www.bananatic.com/es/juegos/bleach-online-28 
127.0.0.1 activation.easeus.com 
127.0.0.1 track.easeus.com 
127.0.0.1 66.39.112.91 
127.0.0.1 216.92.151.227 
127.0.0.1 216.92.61.7 
127.0.0.1 www.easeus.com 

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 37.120.145.234 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVG TuneUp.lnk => C:\Windows\pss\AVG TuneUp.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^MUÑOZ SILVA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hide.me VPN.lnk => C:\Windows\pss\hide.me VPN.lnk.Startup
MSCONFIG\startupfolder: C:^Users^MUÑOZ SILVA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupfolder: C:^Users^MUÑOZ SILVA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WO Mic Client.lnk => C:\Windows\pss\WO Mic Client.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: Emurayden PSX Emulator => c:\Archivos de Programa\Emurayden PSX Emulator v2.1\Emurayden PSX AutoLauncher.exe
MSCONFIG\startupreg: Spotify => C:\Users\MUÑOZ SILVA\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files\Unlocker\UnlockerAssistant.exe"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9B1F0EA1-A837-4E4F-9DF6-9BF60FE5CFF2}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B654160B-25AA-4DA1-9282-2B506911E8A1}] => (Allow) C:\Program Files\WOMic\womicclient.exe () [File not signed]
FirewallRules: [{A7537E52-5E36-49C8-8292-37283EF29187}] => (Allow) C:\Program Files\FlashIntegro\AudioConverter\AudioConverter.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{63DA2803-89D5-4A68-A65E-8134A7E64F8E}] => (Allow) C:\Program Files\FlashIntegro\AudioConverter\AudioConverter.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{D4BD8E90-E370-4548-BFE5-D64E8DA6FD08}] => (Allow) C:\Program Files\FlashIntegro\AudioConverter\Updater.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{275E8F39-9287-4536-B7D9-0E8E48049617}] => (Allow) C:\Program Files\FlashIntegro\AudioConverter\Updater.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{C0403D05-57D9-4D8F-AB9C-5E70784F9683}] => (Allow) C:\Program Files\WOMic\womicclient.exe () [File not signed]
FirewallRules: [{D6C69D76-48AF-44EA-A98E-F7EFA097FF5C}] => (Allow) C:\Program Files\DroidCam\DroidCamApp.exe (DEV47 APPS -> )
FirewallRules: [{5C65E3D4-45E8-4DF2-9CBB-E82A10EF2CC9}] => (Allow) C:\Program Files\DroidCam\DroidCamApp.exe (DEV47 APPS -> )
FirewallRules: [TCP Query User{17466D18-302B-48BE-B88F-DE8B2111F792}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe (AresGalaxy) [File not signed]
FirewallRules: [UDP Query User{94FC214B-7C02-416F-AB2A-4A490EB244E0}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe (AresGalaxy) [File not signed]
FirewallRules: [TCP Query User{D257B82F-3D51-4E5E-8BFE-6C8F84CC54D9}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe (AresGalaxy) [File not signed]
FirewallRules: [UDP Query User{9AB12B22-64EA-4E92-9FEA-2C98D87C8931}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe (AresGalaxy) [File not signed]
FirewallRules: [{3E3F5AAC-4983-47AE-835F-6BECCC1C61AA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

20-12-2019 15:40:57 Punto de control programado

==================== Faulty Device Manager Devices ============

Name: TAP-Win32 Adapter V9
Description: TAP-Win32 Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: TAP-Win32 Adapter V9 #2
Description: TAP-Win32 Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/21/2019 10:51:36 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.

Error: (12/21/2019 10:51:36 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x8007043C

Error: (12/21/2019 01:41:35 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "c:\program files\3dp chip lite\DPInst64.exe".
No se encontró el ensamblado dependiente Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (12/20/2019 02:02:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "c:\program files\3dp chip lite\DPInst64.exe".
No se encontró el ensamblado dependiente Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (12/19/2019 05:43:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "c:\program files\3dp chip lite\DPInst64.exe".
No se encontró el ensamblado dependiente Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (12/18/2019 04:40:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Ares.exe, versión: 2.5.3.3079, marca de tiempo: 0x2a425e19
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.17514, marca de tiempo: 0x4ce7b96e
Código de excepción: 0xc0000374
Desplazamiento de errores: 0x000c37b7
Id. del proceso con errores: 0x594
Hora de inicio de la aplicación con errores: 0x01d5b5b4189279c7
Ruta de acceso de la aplicación con errores: C:\Program Files\Ares\Ares.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Id. del informe: 08c1d57d-21b5-11ea-ae4b-00196634b675

Error: (12/18/2019 03:57:37 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "c:\program files\3dp chip lite\DPInst64.exe".
No se encontró el ensamblado dependiente Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (12/18/2019 02:50:45 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.


System errors:
=============
Error: (12/21/2019 10:54:36 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "1084" al intentar iniciar el servicio VSS con argumentos "" para ejecutar el servidor:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (12/21/2019 10:53:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (12/21/2019 10:53:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (12/21/2019 10:53:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (12/21/2019 10:51:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Proveedor de Grupo Hogar depende del servicio Host de proveedor de detección de función, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (12/21/2019 10:51:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (12/21/2019 10:51:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (12/21/2019 10:51:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. P1.20 06/28/2007
Motherboard:                        ConRoe1333-D667 
Processor: Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz
Percentage of memory in use: 67%
Total physical RAM: 2039.3 MB
Available physical RAM: 661.88 MB
Total Virtual: 4078.61 MB
Available Virtual: 2730.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.52 GB) (Free:47.9 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:74.53 GB) (Free:8.07 GB) NTFS


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 74.5 GB) (Disk ID: B4F2B4F2)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 74.5 GB) (Disk ID: FD64380A)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Log del fix ejecutado en Modo Seguro

Fixlog.txt

Fix result of Farbar Recovery Scan Tool (x86) Version: 14-12-2019
Ran by MUÑOZ SILVA (21-12-2019 23:01:36) Run:1
Running from C:\Users\MUÑOZ SILVA\Desktop
Loaded Profiles: MUÑOZ SILVA (Available Profiles: MUÑOZ SILVA)
Boot Mode: Safe Mode (with Networking)

==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\...\MountPoints2: {0ca7f5ca-c44a-11e9-9012-00196634b675} - G:\Setup.exe
HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\...\MountPoints2: {96855c2e-274b-11dc-913a-806e6f6e6963} - E:\autorun.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {00EA4ADD-D48F-45E1-A5E4-224EAA6A307E} - System32\Tasks\{A85AFEBD-294B-462D-A377-B736A2E36E80} => C:\Windows\system32\pcalua.exe -a "E:\emuladores game\Emulador de PX1 XP\emurayden-v21.exe" -d "E:\emuladores game\Emulador de PX1 XP"
Task: {10D34A5F-4181-4778-8B1D-0939321CCF7E} - System32\Tasks\{E8DED79E-9F54-4FBA-A4CF-3685FD4AC5EE} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\mgs2.exe"
Task: {18873AC4-35CA-41E8-A6E9-727C2C93956C} - System32\Tasks\{A78E79F3-C281-4617-A4A7-FBDA3868A54D} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Task Killer\uninstall.exe"
Task: {343747BA-4E73-4208-8964-8AFDD7CE6C4F} - System32\Tasks\{3BB4BB80-A8FF-4CA4-BD85-3BC44FDA494E} => C:\Windows\system32\pcalua.exe -a C:\ProgramData\KLC\SMAC\UNWISE.EXE -c C:\ProgramData\KLC\SMAC\INSTALL.LOG
Task: {39836990-E9A8-4EE7-9F9B-712D51D4BED4} - System32\Tasks\AVG TuneUp Update => C:\Program Files\AVG\AVG TuneUp\TUNEUpdate.exe
C:\Program Files\AVG
Task: {498283A3-25DE-4C4C-90DE-8B2C2F4279E9} - System32\Tasks\{8045DFF0-44BF-4B68-BA8B-3E514442CBEA} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\mgs2_sse.exe"
Task: {51ACCE69-820B-4DC4-9D6A-B100136B20F1} - System32\Tasks\{1D3A38DC-4C3A-4503-952E-D12C9F877A7B} => C:\Windows\system32\pcalua.exe -a "C:\Users\MU�OZ SILVA\Desktop\nox_setup_v6.2.6.3_full_intl.exe" -d "C:\Users\MU�OZ SILVA\Desktop"
Task: {5F27C32C-A567-4697-B982-980A51B15C99} - System32\Tasks\{45244AC2-DA9D-4DCB-AE60-DA8E5AB5E24C} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\bin\MGS2SConfig.exe"
Task: {70B09B80-26E7-47DF-A076-2FC91251306C} - System32\Tasks\{FFD0409B-AEF9-4FB9-8DF2-94DD63FDC262} => C:\Windows\system32\pcalua.exe -a E:\Driver\Setup.exe -d E:\Driver
Task: {7CDAE2CB-C784-49B7-B65D-118F05454557} - System32\Tasks\{2177D4B2-327C-4831-ADC9-F1FFFC9FA732} => C:\Windows\system32\pcalua.exe -a E:\Viewer\Setup.exe -d E:\Viewer
Task: {838FEC28-9109-49A7-928D-0E0C9184AB4E} - System32\Tasks\{A05FB40E-C38E-414E-9AC0-63D7D7C5D8AC} => C:\Windows\system32\pcalua.exe -a E:\MGS2SSetup.exe -d E:\
Task: {B0D23105-5033-4947-8C16-71915371C3E1} - System32\Tasks\{988275F2-4994-42D9-AB0C-972534EA72A7} => C:\Windows\system32\pcalua.exe -a E:\Viewer\Setup.exe -d E:\Viewer
Task: {BC53B186-DB04-4B62-B403-AE03A118B020} - System32\Tasks\{3E368019-8C88-40A3-B000-D2189BC8E74C} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\KONAMI\Metal Gear Solid 2 Substance\SETUP\SETUP.EXE"
Task: {DB87816F-9EB3-4A7A-953C-C48E1F32B5C9} - System32\Tasks\{97490CA8-C995-4CF8-B11F-ACEE0C016FF7} => C:\Windows\system32\pcalua.exe -a "D:\Program Files\Microvirt\MEmu\uninstall\uninstall.exe" -c -u
Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\MU�OZ SILVA\Downloads\adwcleaner_8.0.1.exe
Task: C:\Windows\Tasks\Avast Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\Program Files\AVAST Software
HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.emurayden.com
HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-ve/?ocid=iehp
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
S3 aswbIDSAgent; "C:\Program Files\AVAST Software\Avast\aswidsagent.exe" [X]
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35512 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [174712 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [224008 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [169408 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [59368 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [211088 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41200 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [145048 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [95168 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [73312 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [691528 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [394856 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswStm; C:\Windows\System32\drivers\aswStm.sys [176760 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [277408 2019-12-18] (AVAST Software s.r.o. -> AVAST Software)
U3 aswbdisk; no ImagePath
U1 avgbdisk; no ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2019-12-18 14:33 - 2019-12-18 14:33 - 000000000 ____D C:\Users\MU�OZ SILVA\AppData\Roaming\AVAST Software
2019-12-18 14:29 - 2019-12-19 01:34 - 000003104 _____ C:\Windows\system32\Tasks\{A78E79F3-C281-4617-A4A7-FBDA3868A54D}
2019-12-18 14:27 - 2019-12-19 01:34 - 000003162 _____ C:\Windows\system32\Tasks\{3BB4BB80-A8FF-4CA4-BD85-3BC44FDA494E}
2019-12-18 12:36 - 2019-12-18 12:36 - 000000300 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
2019-12-18 12:15 - 2019-12-18 12:15 - 000691528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-12-18 12:15 - 2019-12-18 12:15 - 000394856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-12-18 12:15 - 2019-12-18 12:15 - 000000342 ____H C:\Windows\Tasks\Avast Emergency Update.job
2019-12-18 12:15 - 2019-12-18 12:15 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-12-18 12:15 - 2019-12-18 12:14 - 000305032 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-12-18 12:15 - 2019-12-18 12:14 - 000277408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000224008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000211088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000176760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000174712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000169408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000145048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000095168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000073312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000059368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000041200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-12-18 12:15 - 2019-12-18 12:14 - 000035512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-12-18 11:51 - 2019-12-18 12:15 - 000000000 ____D C:\ProgramData\AVAST Software
2019-12-16 18:16 - 2019-12-16 18:16 - 000003890 _____ C:\Windows\system32\Tasks\AVG TuneUp Update
2019-12-16 07:12 - 2019-12-16 07:12 - 061538788 _____ C:\Users\MU�OZ SILVA\Downloads\AVG TuneUp 32&64 bits (2019) 19.1 Build 1098 Final,.rar
2019-12-16 05:25 - 2019-12-16 05:30 - 006171768 _____ (Avira Operations GmbH & Co. KG) C:\Users\MU�OZ SILVA\Downloads\avira_es_froe3_5df74ec4d3148__pavwws.exe
2019-12-16 04:20 - 2019-12-16 04:20 - 101023024 _____ (EnigmaSoft Limited) C:\ProgramData\EsgInstallerResumeAction_7e211bafacdb964f2938233e4756906d.exe
2019-12-16 04:20 - 2019-12-16 04:20 - 000009152 _____ C:\EsgInstallerResumeAction_7e211bafacdb964f2938233e4756906d
2019-12-15 20:42 - 2019-12-15 20:42 - 000000000 ____D C:\Program Files\ESET
2019-12-15 20:31 - 2019-12-15 20:42 - 002870984 _____ (ESET) C:\Users\MU�OZ SILVA\Downloads\esetsmartinstaller_esn.exe
2019-12-15 20:24 - 2019-12-15 20:24 - 000000000 ____D C:\Users\MU�OZ SILVA\AppData\Local\ESET
2019-12-15 19:13 - 2019-12-15 19:24 - 000000000 ___HD C:\Users\MU�OZ SILVA\AppData\Roaming\xqcsllhcl
2019-12-12 12:10 - 2019-12-13 21:26 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2019-12-12 12:10 - 2019-12-12 12:10 - 000000000 ____D C:\Users\MU�OZ SILVA\AppData\Roaming\SUPERAntiSpyware.com
2019-12-12 12:10 - 2019-12-12 12:10 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2019-12-19 20:22 - 2007-06-30 20:16 - 000000000 ____D C:\Users\MU�OZ SILVA\AppData\Roaming\AVG
2019-12-19 20:22 - 2007-06-30 20:11 - 000000000 ____D C:\Users\MU�OZ SILVA\AppData\Local\Avg
2019-12-19 20:21 - 2007-06-30 20:11 - 000000000 ____D C:\ProgramData\Avg
2019-12-19 20:21 - 2007-06-30 20:11 - 000000000 ____D C:\Program Files\AVG
2019-12-19 01:34 - 2019-05-11 06:22 - 000003216 _____ C:\Windows\system32\Tasks\{A85AFEBD-294B-462D-A377-B736A2E36E80}
2019-12-19 01:34 - 2019-03-28 21:31 - 000003080 _____ C:\Windows\system32\Tasks\{988275F2-4994-42D9-AB0C-972534EA72A7}
2019-12-19 01:34 - 2019-03-28 18:36 - 000003080 _____ C:\Windows\system32\Tasks\{FFD0409B-AEF9-4FB9-8DF2-94DD63FDC262}
2019-12-19 01:34 - 2019-02-12 04:28 - 000003142 _____ C:\Windows\system32\Tasks\{97490CA8-C995-4CF8-B11F-ACEE0C016FF7}
2019-12-19 01:34 - 2018-12-31 19:15 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2019-12-19 01:34 - 2018-12-21 06:36 - 000003156 _____ C:\Windows\system32\Tasks\{3E368019-8C88-40A3-B000-D2189BC8E74C}
2019-12-19 01:34 - 2018-12-05 17:45 - 000003026 _____ C:\Windows\system32\Tasks\{49D43A32-0737-41F3-B3FF-CAB539BADD44}
2019-12-19 01:34 - 2018-12-05 17:44 - 000003164 _____ C:\Windows\system32\Tasks\{45244AC2-DA9D-4DCB-AE60-DA8E5AB5E24C}
2019-12-19 01:34 - 2018-12-05 17:44 - 000003026 _____ C:\Windows\system32\Tasks\{A72FB3E3-40ED-4C58-946C-060284B79167}
2019-12-19 01:34 - 2018-12-05 17:42 - 000003218 _____ C:\Windows\system32\Tasks\{E8DED79E-9F54-4FBA-A4CF-3685FD4AC5EE}
2019-12-19 01:34 - 2018-12-05 17:42 - 000003018 _____ C:\Windows\system32\Tasks\{21AEFBE4-A552-4B2B-9471-1529DC7240B8}
2019-12-19 01:34 - 2018-12-05 17:38 - 000003026 _____ C:\Windows\system32\Tasks\{F9977A51-8512-4955-B212-A2758A8F500E}
2019-12-19 01:34 - 2018-12-05 17:37 - 000003226 _____ C:\Windows\system32\Tasks\{8045DFF0-44BF-4B68-BA8B-3E514442CBEA}
2019-12-19 01:34 - 2018-12-05 16:48 - 000003064 _____ C:\Windows\system32\Tasks\{A05FB40E-C38E-414E-9AC0-63D7D7C5D8AC}
2019-12-19 01:33 - 2019-03-28 21:31 - 000003080 _____ C:\Windows\system32\Tasks\{2177D4B2-327C-4831-ADC9-F1FFFC9FA732}
2019-12-19 01:33 - 2019-02-12 14:44 - 000003210 _____ C:\Windows\system32\Tasks\{1D3A38DC-4C3A-4503-952E-D12C9F877A7B}
2019-12-19 01:33 - 2018-12-05 17:45 - 000003026 _____ C:\Windows\system32\Tasks\{08ECB120-BB20-40E9-AF1F-544EC35759A2}
2019-12-14 22:24 - 2019-04-17 05:15 - 000000000 ____D C:\Windows\system32\appmgmt
2019-12-13 21:26 - 2019-09-12 14:03 - 000000000 ____D C:\ProgramData\KLC
2019-12-13 21:26 - 2019-08-30 21:59 - 000000000 ____D C:\Program Files\Jagex
2019-12-02 13:26 - 2019-07-22 04:27 - 000000000 ____D C:\Users\MU�OZ SILVA\AppData\Local\BraveSoftware
2019-12-16 04:20 - 2019-12-16 04:20 - 101023024 _____ (EnigmaSoft Limited) C:\ProgramData\EsgInstallerResumeAction_7e211bafacdb964f2938233e4756906d.exe
2019-01-25 10:31 - 2019-01-25 10:31 - 000000000 _____ () C:\Users\MU�OZ SILVA\AppData\Local\{010B7A5A-A5FF-415E-B048-DFE0112E9934}
2019-01-25 10:31 - 2019-01-25 10:31 - 000000000 _____ () C:\Users\MU�OZ SILVA\AppData\Local\{28D0BD17-4062-4F6E-8887-C4E4D26AEA88}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVG TuneUp.lnk => C:\Windows\pss\AVG TuneUp.lnk.CommonStartup

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ca7f5ca-c44a-11e9-9012-00196634b675} => removed successfully.
HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{96855c2e-274b-11dc-913a-806e6f6e6963} => removed successfully.
HKLM\Software\Microsoft\Active Setup\Installed Components\{2D46B6DC-2207-486B-B523-A557E6D54B47} => removed successfully.
C:\Windows\system32\GroupPolicy\User => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{00EA4ADD-D48F-45E1-A5E4-224EAA6A307E}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00EA4ADD-D48F-45E1-A5E4-224EAA6A307E}" => removed successfully.
C:\Windows\System32\Tasks\{A85AFEBD-294B-462D-A377-B736A2E36E80} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A85AFEBD-294B-462D-A377-B736A2E36E80}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10D34A5F-4181-4778-8B1D-0939321CCF7E}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10D34A5F-4181-4778-8B1D-0939321CCF7E}" => removed successfully.
C:\Windows\System32\Tasks\{E8DED79E-9F54-4FBA-A4CF-3685FD4AC5EE} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E8DED79E-9F54-4FBA-A4CF-3685FD4AC5EE}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18873AC4-35CA-41E8-A6E9-727C2C93956C}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18873AC4-35CA-41E8-A6E9-727C2C93956C}" => removed successfully.
C:\Windows\System32\Tasks\{A78E79F3-C281-4617-A4A7-FBDA3868A54D} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A78E79F3-C281-4617-A4A7-FBDA3868A54D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{343747BA-4E73-4208-8964-8AFDD7CE6C4F}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{343747BA-4E73-4208-8964-8AFDD7CE6C4F}" => removed successfully.
C:\Windows\System32\Tasks\{3BB4BB80-A8FF-4CA4-BD85-3BC44FDA494E} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3BB4BB80-A8FF-4CA4-BD85-3BC44FDA494E}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{39836990-E9A8-4EE7-9F9B-712D51D4BED4}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39836990-E9A8-4EE7-9F9B-712D51D4BED4}" => removed successfully.
C:\Windows\System32\Tasks\AVG TuneUp Update => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG TuneUp Update" => removed successfully.
C:\Program Files\AVG => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{498283A3-25DE-4C4C-90DE-8B2C2F4279E9}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{498283A3-25DE-4C4C-90DE-8B2C2F4279E9}" => removed successfully.
C:\Windows\System32\Tasks\{8045DFF0-44BF-4B68-BA8B-3E514442CBEA} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8045DFF0-44BF-4B68-BA8B-3E514442CBEA}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51ACCE69-820B-4DC4-9D6A-B100136B20F1}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51ACCE69-820B-4DC4-9D6A-B100136B20F1}" => removed successfully.
C:\Windows\System32\Tasks\{1D3A38DC-4C3A-4503-952E-D12C9F877A7B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1D3A38DC-4C3A-4503-952E-D12C9F877A7B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F27C32C-A567-4697-B982-980A51B15C99}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F27C32C-A567-4697-B982-980A51B15C99}" => removed successfully.
C:\Windows\System32\Tasks\{45244AC2-DA9D-4DCB-AE60-DA8E5AB5E24C} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{45244AC2-DA9D-4DCB-AE60-DA8E5AB5E24C}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{70B09B80-26E7-47DF-A076-2FC91251306C}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70B09B80-26E7-47DF-A076-2FC91251306C}" => removed successfully.
C:\Windows\System32\Tasks\{FFD0409B-AEF9-4FB9-8DF2-94DD63FDC262} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FFD0409B-AEF9-4FB9-8DF2-94DD63FDC262}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CDAE2CB-C784-49B7-B65D-118F05454557}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CDAE2CB-C784-49B7-B65D-118F05454557}" => removed successfully.
C:\Windows\System32\Tasks\{2177D4B2-327C-4831-ADC9-F1FFFC9FA732} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2177D4B2-327C-4831-ADC9-F1FFFC9FA732}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{838FEC28-9109-49A7-928D-0E0C9184AB4E}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{838FEC28-9109-49A7-928D-0E0C9184AB4E}" => removed successfully.
C:\Windows\System32\Tasks\{A05FB40E-C38E-414E-9AC0-63D7D7C5D8AC} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A05FB40E-C38E-414E-9AC0-63D7D7C5D8AC}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0D23105-5033-4947-8C16-71915371C3E1}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0D23105-5033-4947-8C16-71915371C3E1}" => removed successfully.
C:\Windows\System32\Tasks\{988275F2-4994-42D9-AB0C-972534EA72A7} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{988275F2-4994-42D9-AB0C-972534EA72A7}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BC53B186-DB04-4B62-B403-AE03A118B020}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC53B186-DB04-4B62-B403-AE03A118B020}" => removed successfully.
C:\Windows\System32\Tasks\{3E368019-8C88-40A3-B000-D2189BC8E74C} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3E368019-8C88-40A3-B000-D2189BC8E74C}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB87816F-9EB3-4A7A-953C-C48E1F32B5C9}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB87816F-9EB3-4A7A-953C-C48E1F32B5C9}" => removed successfully.
C:\Windows\System32\Tasks\{97490CA8-C995-4CF8-B11F-ACEE0C016FF7} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{97490CA8-C995-4CF8-B11F-ACEE0C016FF7}" => removed successfully.
C:\Windows\Tasks\AdwCleaner_onReboot.job => moved successfully
"C:\Windows\Tasks\Avast Emergency Update.job" => not found
"C:\Program Files\AVAST Software" => not found
HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn => removed successfully.
aswbIDSAgent => service not found.
avast! Antivirus => service not found.
aswArDisk => service not found.
aswArPot => service not found.
aswbidsdriver => service not found.
aswbidsh => service not found.
aswbuniv => service not found.
aswHdsKe => service not found.
aswKbd => service not found.
aswMonFlt => service not found.
aswRdr => service not found.
aswRvrt => service not found.
aswSnx => service not found.
aswSP => service not found.
aswStm => service not found.
aswVmm => service not found.
HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully.
aswbdisk => service removed successfully.
HKLM\System\CurrentControlSet\Services\avgbdisk => removed successfully.
avgbdisk => service removed successfully.
HKLM\System\CurrentControlSet\Services\VGPU => removed successfully.
VGPU => service removed successfully.
"C:\Users\MU�OZ SILVA\AppData\Roaming\AVAST Software" => not found
"C:\Windows\system32\Tasks\{A78E79F3-C281-4617-A4A7-FBDA3868A54D}" => not found
"C:\Windows\system32\Tasks\{3BB4BB80-A8FF-4CA4-BD85-3BC44FDA494E}" => not found
"C:\Windows\Tasks\AdwCleaner_onReboot.job" => not found
"C:\Windows\system32\Drivers\aswSnx.sys" => not found
"C:\Windows\system32\Drivers\aswSP.sys" => not found
"C:\Windows\Tasks\Avast Emergency Update.job" => not found
"C:\Program Files\Common Files\AVAST Software" => not found
"C:\Windows\system32\aswBoot.exe" => not found
"C:\Windows\system32\Drivers\aswVmm.sys" => not found
"C:\Windows\system32\Drivers\aswbidsdriver.sys" => not found
"C:\Windows\system32\Drivers\aswHdsKe.sys" => not found
"C:\Windows\system32\Drivers\aswStm.sys" => not found
"C:\Windows\system32\Drivers\aswArPot.sys" => not found
"C:\Windows\system32\Drivers\aswbidsh.sys" => not found
"C:\Windows\system32\Drivers\aswMonFlt.sys" => not found
"C:\Windows\system32\Drivers\aswRdr2.sys" => not found
"C:\Windows\system32\Drivers\aswRvrt.sys" => not found
"C:\Windows\system32\Drivers\aswbuniv.sys" => not found
"C:\Windows\system32\Drivers\aswKbd.sys" => not found
"C:\Windows\system32\Drivers\aswArDisk.sys" => not found
C:\ProgramData\AVAST Software => moved successfully
"C:\Windows\system32\Tasks\AVG TuneUp Update" => not found
"C:\Users\MU�OZ SILVA\Downloads\AVG TuneUp 32&64 bits (2019) 19.1 Build 1098 Final,.rar" => not found
"C:\Users\MU�OZ SILVA\Downloads\avira_es_froe3_5df74ec4d3148__pavwws.exe" => not found
C:\ProgramData\EsgInstallerResumeAction_7e211bafacdb964f2938233e4756906d.exe => moved successfully
C:\EsgInstallerResumeAction_7e211bafacdb964f2938233e4756906d => moved successfully
"C:\Program Files\ESET" => not found
"C:\Users\MU�OZ SILVA\Downloads\esetsmartinstaller_esn.exe" => not found
"C:\Users\MU�OZ SILVA\AppData\Local\ESET" => not found
"C:\Users\MU�OZ SILVA\AppData\Roaming\xqcsllhcl" => not found
C:\Program Files\SUPERAntiSpyware => moved successfully
"C:\Users\MU�OZ SILVA\AppData\Roaming\SUPERAntiSpyware.com" => not found
C:\ProgramData\SUPERAntiSpyware.com => moved successfully
"C:\Users\MU�OZ SILVA\AppData\Roaming\AVG" => not found
"C:\Users\MU�OZ SILVA\AppData\Local\Avg" => not found
C:\ProgramData\Avg => moved successfully
"C:\Program Files\AVG" => not found
"C:\Windows\system32\Tasks\{A85AFEBD-294B-462D-A377-B736A2E36E80}" => not found
"C:\Windows\system32\Tasks\{988275F2-4994-42D9-AB0C-972534EA72A7}" => not found
"C:\Windows\system32\Tasks\{FFD0409B-AEF9-4FB9-8DF2-94DD63FDC262}" => not found
"C:\Windows\system32\Tasks\{97490CA8-C995-4CF8-B11F-ACEE0C016FF7}" => not found
"C:\Windows\system32\Tasks\AVAST Software" => not found
"C:\Windows\system32\Tasks\{3E368019-8C88-40A3-B000-D2189BC8E74C}" => not found
C:\Windows\system32\Tasks\{49D43A32-0737-41F3-B3FF-CAB539BADD44} => moved successfully
"C:\Windows\system32\Tasks\{45244AC2-DA9D-4DCB-AE60-DA8E5AB5E24C}" => not found
C:\Windows\system32\Tasks\{A72FB3E3-40ED-4C58-946C-060284B79167} => moved successfully
"C:\Windows\system32\Tasks\{E8DED79E-9F54-4FBA-A4CF-3685FD4AC5EE}" => not found
C:\Windows\system32\Tasks\{21AEFBE4-A552-4B2B-9471-1529DC7240B8} => moved successfully
C:\Windows\system32\Tasks\{F9977A51-8512-4955-B212-A2758A8F500E} => moved successfully
"C:\Windows\system32\Tasks\{8045DFF0-44BF-4B68-BA8B-3E514442CBEA}" => not found
"C:\Windows\system32\Tasks\{A05FB40E-C38E-414E-9AC0-63D7D7C5D8AC}" => not found
"C:\Windows\system32\Tasks\{2177D4B2-327C-4831-ADC9-F1FFFC9FA732}" => not found
"C:\Windows\system32\Tasks\{1D3A38DC-4C3A-4503-952E-D12C9F877A7B}" => not found
C:\Windows\system32\Tasks\{08ECB120-BB20-40E9-AF1F-544EC35759A2} => moved successfully
C:\Windows\system32\appmgmt => moved successfully
C:\ProgramData\KLC => moved successfully
C:\Program Files\Jagex => moved successfully
"C:\Users\MU�OZ SILVA\AppData\Local\BraveSoftware" => not found
"C:\ProgramData\EsgInstallerResumeAction_7e211bafacdb964f2938233e4756906d.exe" => not found
"C:\Users\MU�OZ SILVA\AppData\Local\{010B7A5A-A5FF-415E-B048-DFE0112E9934}" => not found
"C:\Users\MU�OZ SILVA\AppData\Local\{28D0BD17-4062-4F6E-8887-C4E4D26AEA88}" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => invalid subkey removed.
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00asw => not found
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVG TuneUp.lnk => removed successfully.
C:\Windows\pss\AVG TuneUp.lnk.CommonStartup => moved successfully

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


Adaptador de Ethernet Conexi¢n de  rea local:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::f468:117:7789:9e1d%11
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.5
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de t£nel isatap.{0119DFDB-7083-494B-BAE7-FBF0981ED1AD}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Conexi¢n de  rea local* 9:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-2642276731-2804568143-1254195563-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34391302 B
Java, Flash, Steam htmlcache => 11238241 B
Windows/system/drivers => 157837142 B
Edge => 0 B
Chrome => 73816236 B
Firefox => 0 B
Opera => 4861913 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 118335 B
LocalService => 250579 B
NetworkService => 321247 B
MUÑOZ SILVA => 152254309 B

RecycleBin => 0 B
EmptyTemp: => 422.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 23:03:41 ====
1 me gusta

Hola @Angel_Munoz

Prueba el equipo 24 hs y nos comentas como sigue el problema.

Salu2

hay un detalle, y unas preguntas que quería realizar.

Me acordé que activé los firewall de windows ¿Eso no impide nada relacionado con los scan verdad? ¿O sí? ¿Tendría que realizarlos de nuevo?

Igualmente con los fix hago el cuestionamiento. Tras haber realizado el scan esta vez como debió haber sido, no hay que realizarlo de nuevo tras el nuevo reporte? Tengo esa duda.

Lo otro que quería mencionar era respecto a si habrá algún programa o manera de escanear si hay archivos de Windows faltantes y restaurarlos o añadirlos en caso de que hayan fueron eliminados. Quizás no sean tan importantes como para que la pc no arranque, pero si pudiera ser que si faltaren archivos y que eso ocasione que la pc ande con un pésimo rendimiento, o algo así…

Hola @Angel_Munoz

El Fix se ejecuto correctamente.

Esta todo en orden por el momento ya te pediré una copia nueva.

Si tuvieras archivos de Windows dañados estarías enterado.

De todas maneras prueba lo siguiente:

1.- Botón de Inicio >>> escribes CMD >>> Botón derecho sobre el >>> Ejecutar como Administrador.

En la consola que se abre escribe tal cual el siguiente comando:

sfc /scannow

Presionas Enter

Tomará un tiempo largo.

2.- A continuación, ingresa los siguientes comandos en la consola del símbolo de sistema, pulsando Enter después de cada uno de ellos:

dism /online /cleanup-image /scanhealth

dism /online /cleanup-image /checkhealth

dism /online /cleanup-image /restorehealth


Al finalizar en la misma consola escribes:

findstr /c:“[SR]” %windir%\Logs\CBS\CBS.log >“%userprofile%\Desktop\sfcdetails.txt”

Nota: La ejecución de estos procesos puede demorar, no olvides reiniciar el equipo para aplicar los cambios cuando termines con todos los comandos.

Nota 2: Los comandos debes copiarlos tal cual respetando los espacios.

Quedará un reporte de nombre sfcdetails.txt en tu escritorio lo pegas en tu próxima respuesta.

Cualquier error tomas una imagen y la subes.

Salu2

Luego del scannow, lo demás dio error. No se generó el archivo sfcdetails.txt

Dejo el archivo CBS.txt del CBS.log, el que menciona la consola

CBS.txt (438,5 KB)

No me había fijado, sí se generó el archivo sfcdetails.txt

2019-12-22 01:35:04, Info                  CSI    00000009 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:35:04, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
2019-12-22 01:35:12, Info                  CSI    0000000c [SR] Verify complete
2019-12-22 01:35:12, Info                  CSI    0000000d [SR] Verifying 100 (0x00000064) components
2019-12-22 01:35:12, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2019-12-22 01:35:19, Info                  CSI    00000010 [SR] Verify complete
2019-12-22 01:35:19, Info                  CSI    00000011 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:35:19, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2019-12-22 01:35:28, Info                  CSI    00000014 [SR] Verify complete
2019-12-22 01:35:28, Info                  CSI    00000015 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:35:28, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2019-12-22 01:35:34, Info                  CSI    00000018 [SR] Verify complete
2019-12-22 01:35:34, Info                  CSI    00000019 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:35:34, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
2019-12-22 01:35:43, Info                  CSI    0000001c [SR] Verify complete
2019-12-22 01:35:43, Info                  CSI    0000001d [SR] Verifying 100 (0x00000064) components
2019-12-22 01:35:43, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
2019-12-22 01:35:49, Info                  CSI    00000020 [SR] Verify complete
2019-12-22 01:35:49, Info                  CSI    00000021 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:35:49, Info                  CSI    00000022 [SR] Beginning Verify and Repair transaction
2019-12-22 01:35:54, Info                  CSI    00000024 [SR] Verify complete
2019-12-22 01:35:55, Info                  CSI    00000025 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:35:55, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2019-12-22 01:35:57, Info                  CSI    00000028 [SR] Verify complete
2019-12-22 01:35:57, Info                  CSI    00000029 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:35:57, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
2019-12-22 01:36:01, Info                  CSI    0000002c [SR] Verify complete
2019-12-22 01:36:01, Info                  CSI    0000002d [SR] Verifying 100 (0x00000064) components
2019-12-22 01:36:01, Info                  CSI    0000002e [SR] Beginning Verify and Repair transaction
2019-12-22 01:36:10, Info                  CSI    00000030 [SR] Verify complete
2019-12-22 01:36:10, Info                  CSI    00000031 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:36:10, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2019-12-22 01:36:17, Info                  CSI    00000036 [SR] Verify complete
2019-12-22 01:36:18, Info                  CSI    00000037 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:36:18, Info                  CSI    00000038 [SR] Beginning Verify and Repair transaction
2019-12-22 01:36:24, Info                  CSI    0000003c [SR] Verify complete
2019-12-22 01:36:24, Info                  CSI    0000003d [SR] Verifying 100 (0x00000064) components
2019-12-22 01:36:24, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2019-12-22 01:36:31, Info                  CSI    00000040 [SR] Verify complete
2019-12-22 01:36:31, Info                  CSI    00000041 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:36:31, Info                  CSI    00000042 [SR] Beginning Verify and Repair transaction
2019-12-22 01:36:38, Info                  CSI    00000046 [SR] Verify complete
2019-12-22 01:36:39, Info                  CSI    00000047 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:36:39, Info                  CSI    00000048 [SR] Beginning Verify and Repair transaction
2019-12-22 01:36:54, Info                  CSI    00000052 [SR] Verify complete
2019-12-22 01:36:54, Info                  CSI    00000053 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:36:54, Info                  CSI    00000054 [SR] Beginning Verify and Repair transaction
2019-12-22 01:37:05, Info                  CSI    00000056 [SR] Verify complete
2019-12-22 01:37:05, Info                  CSI    00000057 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:37:05, Info                  CSI    00000058 [SR] Beginning Verify and Repair transaction
2019-12-22 01:37:13, Info                  CSI    0000005a [SR] Verify complete
2019-12-22 01:37:14, Info                  CSI    0000005b [SR] Verifying 100 (0x00000064) components
2019-12-22 01:37:14, Info                  CSI    0000005c [SR] Beginning Verify and Repair transaction
2019-12-22 01:37:22, Info                  CSI    0000005e [SR] Verify complete
2019-12-22 01:37:22, Info                  CSI    0000005f [SR] Verifying 100 (0x00000064) components
2019-12-22 01:37:22, Info                  CSI    00000060 [SR] Beginning Verify and Repair transaction
2019-12-22 01:37:30, Info                  CSI    00000062 [SR] Verify complete
2019-12-22 01:37:31, Info                  CSI    00000063 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:37:31, Info                  CSI    00000064 [SR] Beginning Verify and Repair transaction
2019-12-22 01:37:40, Info                  CSI    00000066 [SR] Verify complete
2019-12-22 01:37:40, Info                  CSI    00000067 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:37:40, Info                  CSI    00000068 [SR] Beginning Verify and Repair transaction
2019-12-22 01:38:01, Info                  CSI    0000006c [SR] Verify complete
2019-12-22 01:38:02, Info                  CSI    0000006d [SR] Verifying 100 (0x00000064) components
2019-12-22 01:38:02, Info                  CSI    0000006e [SR] Beginning Verify and Repair transaction
2019-12-22 01:38:15, Info                  CSI    00000070 [SR] Verify complete
2019-12-22 01:38:16, Info                  CSI    00000071 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:38:16, Info                  CSI    00000072 [SR] Beginning Verify and Repair transaction
2019-12-22 01:38:31, Info                  CSI    00000074 [SR] Verify complete
2019-12-22 01:38:31, Info                  CSI    00000075 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:38:31, Info                  CSI    00000076 [SR] Beginning Verify and Repair transaction
2019-12-22 01:38:43, Info                  CSI    00000078 [SR] Verify complete
2019-12-22 01:38:44, Info                  CSI    00000079 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:38:44, Info                  CSI    0000007a [SR] Beginning Verify and Repair transaction
2019-12-22 01:38:56, Info                  CSI    0000007c [SR] Verify complete
2019-12-22 01:38:56, Info                  CSI    0000007d [SR] Verifying 100 (0x00000064) components
2019-12-22 01:38:56, Info                  CSI    0000007e [SR] Beginning Verify and Repair transaction
2019-12-22 01:38:58, Info                  CSI    00000080 [SR] Verify complete
2019-12-22 01:38:59, Info                  CSI    00000081 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:38:59, Info                  CSI    00000082 [SR] Beginning Verify and Repair transaction
2019-12-22 01:39:03, Info                  CSI    00000084 [SR] Verify complete
2019-12-22 01:39:03, Info                  CSI    00000085 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:39:03, Info                  CSI    00000086 [SR] Beginning Verify and Repair transaction
2019-12-22 01:39:21, Info                  CSI    000000a4 [SR] Verify complete
2019-12-22 01:39:21, Info                  CSI    000000a5 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:39:21, Info                  CSI    000000a6 [SR] Beginning Verify and Repair transaction
2019-12-22 01:39:28, Info                  CSI    000000a8 [SR] Verify complete
2019-12-22 01:39:28, Info                  CSI    000000a9 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:39:28, Info                  CSI    000000aa [SR] Beginning Verify and Repair transaction
2019-12-22 01:39:32, Info                  CSI    000000ac [SR] Verify complete
2019-12-22 01:39:32, Info                  CSI    000000ad [SR] Verifying 100 (0x00000064) components
2019-12-22 01:39:32, Info                  CSI    000000ae [SR] Beginning Verify and Repair transaction
2019-12-22 01:39:38, Info                  CSI    000000b0 [SR] Verify complete
2019-12-22 01:39:38, Info                  CSI    000000b1 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:39:38, Info                  CSI    000000b2 [SR] Beginning Verify and Repair transaction
2019-12-22 01:39:45, Info                  CSI    000000b4 [SR] Verify complete
2019-12-22 01:39:45, Info                  CSI    000000b5 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:39:45, Info                  CSI    000000b6 [SR] Beginning Verify and Repair transaction
2019-12-22 01:40:00, Info                  CSI    000000b8 [SR] Verify complete
2019-12-22 01:40:00, Info                  CSI    000000b9 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:40:00, Info                  CSI    000000ba [SR] Beginning Verify and Repair transaction
2019-12-22 01:40:06, Info                  CSI    000000bc [SR] Verify complete
2019-12-22 01:40:06, Info                  CSI    000000bd [SR] Verifying 100 (0x00000064) components
2019-12-22 01:40:06, Info                  CSI    000000be [SR] Beginning Verify and Repair transaction
2019-12-22 01:40:11, Info                  CSI    000000c0 [SR] Verify complete
2019-12-22 01:40:11, Info                  CSI    000000c1 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:40:11, Info                  CSI    000000c2 [SR] Beginning Verify and Repair transaction
2019-12-22 01:40:20, Info                  CSI    000000c4 [SR] Verify complete
2019-12-22 01:40:20, Info                  CSI    000000c5 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:40:20, Info                  CSI    000000c6 [SR] Beginning Verify and Repair transaction
2019-12-22 01:40:27, Info                  CSI    000000c8 [SR] Verify complete
2019-12-22 01:40:27, Info                  CSI    000000c9 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:40:27, Info                  CSI    000000ca [SR] Beginning Verify and Repair transaction
2019-12-22 01:40:34, Info                  CSI    000000cc [SR] Verify complete
2019-12-22 01:40:34, Info                  CSI    000000cd [SR] Verifying 100 (0x00000064) components
2019-12-22 01:40:34, Info                  CSI    000000ce [SR] Beginning Verify and Repair transaction
2019-12-22 01:40:43, Info                  CSI    000000d1 [SR] Verify complete
2019-12-22 01:40:43, Info                  CSI    000000d2 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:40:43, Info                  CSI    000000d3 [SR] Beginning Verify and Repair transaction
2019-12-22 01:40:54, Info                  CSI    000000f8 [SR] Verify complete
2019-12-22 01:40:54, Info                  CSI    000000f9 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:40:54, Info                  CSI    000000fa [SR] Beginning Verify and Repair transaction
2019-12-22 01:41:04, Info                  CSI    000000fc [SR] Verify complete
2019-12-22 01:41:04, Info                  CSI    000000fd [SR] Verifying 100 (0x00000064) components
2019-12-22 01:41:04, Info                  CSI    000000fe [SR] Beginning Verify and Repair transaction
2019-12-22 01:41:25, Info                  CSI    00000100 [SR] Verify complete
2019-12-22 01:41:25, Info                  CSI    00000101 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:41:25, Info                  CSI    00000102 [SR] Beginning Verify and Repair transaction
2019-12-22 01:41:36, Info                  CSI    00000105 [SR] Verify complete
2019-12-22 01:41:36, Info                  CSI    00000106 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:41:36, Info                  CSI    00000107 [SR] Beginning Verify and Repair transaction
2019-12-22 01:41:43, Info                  CSI    00000109 [SR] Cannot repair member file [l:24{12}]"opengl32.dll" of Microsoft-Windows-OpenGL, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2019-12-22 01:41:48, Info                  CSI    0000010b [SR] Cannot repair member file [l:24{12}]"opengl32.dll" of Microsoft-Windows-OpenGL, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2019-12-22 01:41:48, Info                  CSI    0000010c [SR] This component was referenced by [l:198{99}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~x86~~6.1.7601.17514.WindowsFoundationDelivery"
2019-12-22 01:41:49, Info                  CSI    0000010e [SR] Verify complete
2019-12-22 01:41:49, Info                  CSI    0000010f [SR] Verifying 100 (0x00000064) components
2019-12-22 01:41:49, Info                  CSI    00000110 [SR] Beginning Verify and Repair transaction
2019-12-22 01:41:58, Info                  CSI    00000112 [SR] Verify complete
2019-12-22 01:41:58, Info                  CSI    00000113 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:41:58, Info                  CSI    00000114 [SR] Beginning Verify and Repair transaction
2019-12-22 01:42:05, Info                  CSI    00000116 [SR] Verify complete
2019-12-22 01:42:05, Info                  CSI    00000117 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:42:05, Info                  CSI    00000118 [SR] Beginning Verify and Repair transaction
2019-12-22 01:42:12, Info                  CSI    0000011a [SR] Verify complete
2019-12-22 01:42:12, Info                  CSI    0000011b [SR] Verifying 100 (0x00000064) components
2019-12-22 01:42:12, Info                  CSI    0000011c [SR] Beginning Verify and Repair transaction
2019-12-22 01:42:19, Info                  CSI    0000011f [SR] Verify complete
2019-12-22 01:42:19, Info                  CSI    00000120 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:42:19, Info                  CSI    00000121 [SR] Beginning Verify and Repair transaction
2019-12-22 01:42:24, Info                  CSI    00000123 [SR] Verify complete
2019-12-22 01:42:24, Info                  CSI    00000124 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:42:24, Info                  CSI    00000125 [SR] Beginning Verify and Repair transaction
2019-12-22 01:42:36, Info                  CSI    00000127 [SR] Verify complete
2019-12-22 01:42:36, Info                  CSI    00000128 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:42:36, Info                  CSI    00000129 [SR] Beginning Verify and Repair transaction
2019-12-22 01:42:45, Info                  CSI    0000012c [SR] Verify complete
2019-12-22 01:42:45, Info                  CSI    0000012d [SR] Verifying 100 (0x00000064) components
2019-12-22 01:42:45, Info                  CSI    0000012e [SR] Beginning Verify and Repair transaction
2019-12-22 01:42:52, Info                  CSI    00000130 [SR] Verify complete
2019-12-22 01:42:52, Info                  CSI    00000131 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:42:52, Info                  CSI    00000132 [SR] Beginning Verify and Repair transaction
2019-12-22 01:42:59, Info                  CSI    00000134 [SR] Verify complete
2019-12-22 01:42:59, Info                  CSI    00000135 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:42:59, Info                  CSI    00000136 [SR] Beginning Verify and Repair transaction
2019-12-22 01:43:10, Info                  CSI    00000139 [SR] Verify complete
2019-12-22 01:43:10, Info                  CSI    0000013a [SR] Verifying 100 (0x00000064) components
2019-12-22 01:43:10, Info                  CSI    0000013b [SR] Beginning Verify and Repair transaction
2019-12-22 01:43:18, Info                  CSI    0000013d [SR] Verify complete
2019-12-22 01:43:18, Info                  CSI    0000013e [SR] Verifying 100 (0x00000064) components
2019-12-22 01:43:18, Info                  CSI    0000013f [SR] Beginning Verify and Repair transaction
2019-12-22 01:43:24, Info                  CSI    00000141 [SR] Verify complete
2019-12-22 01:43:25, Info                  CSI    00000142 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:43:25, Info                  CSI    00000143 [SR] Beginning Verify and Repair transaction
2019-12-22 01:43:34, Info                  CSI    00000145 [SR] Verify complete
2019-12-22 01:43:34, Info                  CSI    00000146 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:43:34, Info                  CSI    00000147 [SR] Beginning Verify and Repair transaction
2019-12-22 01:43:41, Info                  CSI    0000014a [SR] Verify complete
2019-12-22 01:43:41, Info                  CSI    0000014b [SR] Verifying 100 (0x00000064) components
2019-12-22 01:43:41, Info                  CSI    0000014c [SR] Beginning Verify and Repair transaction
2019-12-22 01:43:50, Info                  CSI    0000014e [SR] Verify complete
2019-12-22 01:43:50, Info                  CSI    0000014f [SR] Verifying 100 (0x00000064) components
2019-12-22 01:43:50, Info                  CSI    00000150 [SR] Beginning Verify and Repair transaction
2019-12-22 01:43:55, Info                  CSI    00000152 [SR] Verify complete
2019-12-22 01:43:55, Info                  CSI    00000153 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:43:55, Info                  CSI    00000154 [SR] Beginning Verify and Repair transaction
2019-12-22 01:44:03, Info                  CSI    00000156 [SR] Verify complete
2019-12-22 01:44:03, Info                  CSI    00000157 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:44:03, Info                  CSI    00000158 [SR] Beginning Verify and Repair transaction
2019-12-22 01:44:11, Info                  CSI    0000015b [SR] Verify complete
2019-12-22 01:44:11, Info                  CSI    0000015c [SR] Verifying 100 (0x00000064) components
2019-12-22 01:44:11, Info                  CSI    0000015d [SR] Beginning Verify and Repair transaction
2019-12-22 01:44:18, Info                  CSI    0000015f [SR] Verify complete
2019-12-22 01:44:18, Info                  CSI    00000160 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:44:18, Info                  CSI    00000161 [SR] Beginning Verify and Repair transaction
2019-12-22 01:44:27, Info                  CSI    00000163 [SR] Verify complete
2019-12-22 01:44:27, Info                  CSI    00000164 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:44:27, Info                  CSI    00000165 [SR] Beginning Verify and Repair transaction
2019-12-22 01:44:36, Info                  CSI    00000167 [SR] Verify complete
2019-12-22 01:44:36, Info                  CSI    00000168 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:44:36, Info                  CSI    00000169 [SR] Beginning Verify and Repair transaction
2019-12-22 01:44:42, Info                  CSI    0000016b [SR] Verify complete
2019-12-22 01:44:42, Info                  CSI    0000016c [SR] Verifying 100 (0x00000064) components
2019-12-22 01:44:42, Info                  CSI    0000016d [SR] Beginning Verify and Repair transaction
2019-12-22 01:44:45, Info                  CSI    0000016f [SR] Verify complete
2019-12-22 01:44:45, Info                  CSI    00000170 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:44:45, Info                  CSI    00000171 [SR] Beginning Verify and Repair transaction
2019-12-22 01:44:50, Info                  CSI    00000173 [SR] Verify complete
2019-12-22 01:44:50, Info                  CSI    00000174 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:44:50, Info                  CSI    00000175 [SR] Beginning Verify and Repair transaction
2019-12-22 01:44:56, Info                  CSI    00000177 [SR] Verify complete
2019-12-22 01:44:56, Info                  CSI    00000178 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:44:56, Info                  CSI    00000179 [SR] Beginning Verify and Repair transaction
2019-12-22 01:45:01, Info                  CSI    0000017b [SR] Verify complete
2019-12-22 01:45:01, Info                  CSI    0000017c [SR] Verifying 100 (0x00000064) components
2019-12-22 01:45:01, Info                  CSI    0000017d [SR] Beginning Verify and Repair transaction
2019-12-22 01:45:06, Info                  CSI    0000017f [SR] Verify complete
2019-12-22 01:45:06, Info                  CSI    00000180 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:45:06, Info                  CSI    00000181 [SR] Beginning Verify and Repair transaction
2019-12-22 01:45:12, Info                  CSI    00000183 [SR] Verify complete
2019-12-22 01:45:13, Info                  CSI    00000184 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:45:13, Info                  CSI    00000185 [SR] Beginning Verify and Repair transaction
2019-12-22 01:45:31, Info                  CSI    00000187 [SR] Verify complete
2019-12-22 01:45:31, Info                  CSI    00000188 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:45:31, Info                  CSI    00000189 [SR] Beginning Verify and Repair transaction
2019-12-22 01:45:54, Info                  CSI    0000018b [SR] Verify complete
2019-12-22 01:45:54, Info                  CSI    0000018c [SR] Verifying 100 (0x00000064) components
2019-12-22 01:45:54, Info                  CSI    0000018d [SR] Beginning Verify and Repair transaction
2019-12-22 01:46:02, Info                  CSI    0000018f [SR] Verify complete
2019-12-22 01:46:02, Info                  CSI    00000190 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:46:02, Info                  CSI    00000191 [SR] Beginning Verify and Repair transaction
2019-12-22 01:46:08, Info                  CSI    00000193 [SR] Verify complete
2019-12-22 01:46:08, Info                  CSI    00000194 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:46:08, Info                  CSI    00000195 [SR] Beginning Verify and Repair transaction
2019-12-22 01:46:12, Info                  CSI    00000197 [SR] Verify complete
2019-12-22 01:46:12, Info                  CSI    00000198 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:46:12, Info                  CSI    00000199 [SR] Beginning Verify and Repair transaction
2019-12-22 01:46:17, Info                  CSI    0000019b [SR] Verify complete
2019-12-22 01:46:17, Info                  CSI    0000019c [SR] Verifying 100 (0x00000064) components
2019-12-22 01:46:17, Info                  CSI    0000019d [SR] Beginning Verify and Repair transaction
2019-12-22 01:46:23, Info                  CSI    0000019f [SR] Verify complete
2019-12-22 01:46:23, Info                  CSI    000001a0 [SR] Verifying 100 (0x00000064) components
2019-12-22 01:46:23, Info                  CSI    000001a1 [SR] Beginning Verify and Repair transaction
2019-12-22 01:46:31, Info                  CSI    000001a3 [SR] Verify complete
2019-12-22 01:46:31, Info                  CSI    000001a4 [SR] Verifying 14 (0x0000000e) components
2019-12-22 01:46:31, Info                  CSI    000001a5 [SR] Beginning Verify and Repair transaction
2019-12-22 01:46:32, Info                  CSI    000001a7 [SR] Verify complete
2019-12-22 01:46:32, Info                  CSI    000001a8 [SR] Repairing 1 components
2019-12-22 01:46:32, Info                  CSI    000001a9 [SR] Beginning Verify and Repair transaction
2019-12-22 01:46:32, Info                  CSI    000001ab [SR] Cannot repair member file [l:24{12}]"opengl32.dll" of Microsoft-Windows-OpenGL, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2019-12-22 01:46:32, Info                  CSI    000001ad [SR] Cannot repair member file [l:24{12}]"opengl32.dll" of Microsoft-Windows-OpenGL, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2019-12-22 01:46:32, Info                  CSI    000001ae [SR] This component was referenced by [l:198{99}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~x86~~6.1.7601.17514.WindowsFoundationDelivery"
2019-12-22 01:46:32, Info                  CSI    000001b0 [SR] Repair complete
2019-12-22 01:46:32, Info                  CSI    000001b1 [SR] Committing transaction
2019-12-22 01:46:32, Info                  CSI    000001b5 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction  have been successfully repaired

Hola @Angel_Munoz

Los pasos han realizado varias reparaciones.


Realiza lo siguiente:

1.- Ejecuta nuevamente desde tu escritorio FRST.exe. >>> Botón Derecho sobre él y seleccionar “Ejecutar como Administrador”

  • En el mensaje de la ventana del Disclaimer , pulsa en Yes
  • En la ventana principal del programa escribes:

opengl32.dll

  • Y presionas en Search Files.

Imagen de Ejemplo:

1

  • Al finalizar se abrirá un archivo llamado Search.txt que quedará grabado en tu escritorio

Lo pegas en tu próxima respuesta.

Salu2.

Search.txt

Farbar Recovery Scan Tool (x86) Versión: 24-12-2019 01
Ejecutado por MUÑOZ SILVA (24-12-2019 15:42:23)
Ejecutado desde C:\Users\MUÑOZ SILVA\Desktop
Modo de Inicio: Normal

================== Buscar Archivos: "opengl32.dll" =============

C:\Windows\winsxs\x86_microsoft-windows-opengl_31bf3856ad364e35_6.1.7600.16385_none_0e9b4c35eabb42b2\opengl32.dll
[2009-07-13 23:28][1996-07-29 16:11] 000733296 _____ (Microsoft Corporation) E1211B8B7B4C804BD12F81FD08F2C911 [Archivo no firmado]

C:\Windows\System32\opengl32.dll
[2019-08-21 03:59][2019-08-21 03:53] 000791552 _____ (Microsoft Corporation) D1BBE227367ED791D5FCF08E132D2956 [El archivo está firmado digitalmente]


====== Final de Buscar ======