Virus qxsearch.com

#1

Hola, tengo el ordenador de un familiar infectado y no he conseguido limpiárselo. Cada vez que busca algo en el navegador Firefox le aparece el mensaje de reinicio de conexión y salta el Avast diciendo que ha bloqueado ese tal qxsearch.com. He ejecutado Malwarebytes y le encontró algunas cosas, las borré pero sigue el problema. ¿Podéis ayudar?

Un saludo.

0 me gusta

#2

Buenas @Duende bienvenido al Foro.

Para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Completo. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del manual :arrow_forward:Historial :arrow_backward: encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer, pulsamos Yes

  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos Javier.

0 me gusta

#3

Parece que el problema se solucionó y ya puede buscar normal.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 4/4/19
Hora del análisis: 17:29
Archivo de registro: 7e2e88c3-56ee-11e9-9bc1-0022154124b0.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.538
Versión del paquete de actualización: 1.0.10004
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: INES-PC\INES

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 276178
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 5 min, 30 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-04-03.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-04-2019
# Duration: 00:00:03
# OS:       Windows 7 Professional
# Cleaned:  4
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Users\INES\AppData\Roaming\Tencent
Deleted       C:\Users\Public\Documents\iWin

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Conduit
Deleted       HKCU\Software\Yahoo\Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1443 octets] - [04/04/2019 17:48:10]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Professional x64 
Ran by INES (Administrator) on 04/04/2019 at 18:02:44,20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



File System: 26 

Successfully deleted: C:\ProgramData\alawarentertainment (Folder) 
Successfully deleted: C:\Users\INES\AppData\Roaming\alawarentertainment (Folder) 
Successfully deleted: C:\Users\INES\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\INES\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NV234NS (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\INES\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\INES\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8TML4IF3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\INES\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E0TJZHMA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\INES\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\INES\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JHDBKDE6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\INES\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\INES\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O49EI4Z6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\INES\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2P950XY (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\INES\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QOSN61YM (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\INES\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YSAYNDTO (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NV234NS (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8TML4IF3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E0TJZHMA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JHDBKDE6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O49EI4Z6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2P950XY (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QOSN61YM (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YSAYNDTO (Temporary Internet Files Folder) 



Registry: 0 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04/04/2019 at 18:13:22,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
0 me gusta

#4
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by INES (administrator) on INES-PC (04-04-2019 18:23:46)
Running from C:\Users\INES\Desktop
Loaded Profiles: INES (Available Profiles: INES)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1841496 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1903224 2017-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) [File not signed]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [CorelDRAW Graphics Suite 11b] => C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\ES\Programs\Registration.exe [733184 2003-11-28] (Corel Corporation) [File not signed]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-289902958-906773711-2650684897-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-289902958-906773711-2650684897-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Drivers32: [vidc.i420] => lvcod64.dll
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3554304 2013-03-17] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [258560 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [127488 2013-12-20] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
0 me gusta

#5
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by INES (04-04-2019 18:25:01)
Running from C:\Users\INES\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-06-24 15:17:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-289902958-906773711-2650684897-500 - Administrator - Disabled)
INES (S-1-5-21-289902958-906773711-2650684897-1000 - Administrator - Enabled) => C:\Users\INES
Invitado (S-1-5-21-289902958-906773711-2650684897-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
Actualización de NVIDIA 25.6.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 25.6.0.0 - NVIDIA Corporation) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
AIO_Scan (HKLM-x32\...\{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.3.2369 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 72.0.1174.121 - Los creadores de Avast Secure Browser)
Banished versión 1.0.4 03.11.2014 (HKLM-x32\...\Banished_is1) (Version: 1.0.4 03.11.2014 - theprodukkt)
Brownies 1.00 (HKLM-x32\...\Brownies 1.00) (Version: 1.00 - Los Juegos del Mago Nico)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C5200 (HKLM-x32\...\{907611B4-1B1B-4810-88CD-965FA49F35F6}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
C5200_Help (HKLM-x32\...\{cef78f86-19a8-4bbd-91fa-e9b6b2d37348}) (Version: 100.0.206.000 - Hewlett-Packard) Hidden
Caravan 1.00 (HKLM-x32\...\Caravan 1.00) (Version: 1.00 - Los Juegos del Mago Nico)
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
CEP (Color Enable Package) v.9.2 (beta) (HKLM-x32\...\CEP - Colour Enable Packages_is1) (Version: 9.2 (beta) - Numenor, for ModTheSims2)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Cool & Quiet (HKLM-x32\...\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}) (Version:  - )
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
CorelDRAW Graphics Suite 12 (HKLM-x32\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.458 - Corel Corporation)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dead in Bermuda (HKLM-x32\...\{FA6BAE37-E751-46A2-A26D-C6090ECCEBD3}) (Version: 1.1.0.0 - Plug In Digital)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
Diseñador de casas Plus de Los Sims 2 (HKLM-x32\...\{B1899CD8-9584-4DC5-00AE-48F47CF81183}) (Version:  - )
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Elven Legend 2 - The Bewitched Tree 1.00 (HKLM-x32\...\Elven Legend 2 - The Bewitched Tree 1.00) (Version: 1.00 - Los Juegos del Mago Nico)
Fax (HKLM-x32\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Foundation versión 1.0.7 (HKLM-x32\...\{E4365223-B5B6-4E14-8DF6-6D723DE6162C}_is1) (Version: 1.0.7 - MasterEGA, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.86 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Guardians of Dragon 1.00 (HKLM-x32\...\Guardians of Dragon 1.00) (Version:  - )
Guild 2 Venice Patch 3.5 (HKLM-x32\...\{A35EBDE9-DBBA-4A85-A8D8-A6DB1B76DD68}) (Version: 1.0.0 - JoWood)
HP ENVY 5540 series Basic Device Software (HKLM\...\{44CE34C3-7B6A-44CA-BD7F-73E053BBAEC8}) (Version: 36.0.72.54013 - Hewlett-Packard Co.)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart All-In-One Driver Software 13.0 Rel. 2 (HKLM\...\{988329F4-A1A1-4D51-803C-EF2725A97627}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PaperLabel (HKLM-x32\...\{D9D8F2CF-FE2D-4644-9762-01F916FE90A9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (HKLM-x32\...\{20EFC9AA-BBC1-4DFD-81FF-99654F71CBF8}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (HKLM-x32\...\{B28635AB-1DF3-4F07-BFEA-975D911B549B}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
King's Bounty - Warriors of the North Ice and Fire DLC (HKLM-x32\...\S2luZ3NCb3VudHlXYXJyaW9yc29mdGhlTm9ydGg=_is1) (Version: 1 - )
King's Bounty: Warriors of the North (HKLM-x32\...\King's Bounty: Warriors of the North_is1) (Version:  - )
K-Lite Mega Codec Pack 10.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.2.0 - )
La traducción de Memoria Versión Steam (HKLM-x32\...\La traducción de Memoria Versión Steam) (Version:  - )
La traducción de Vídeos de Memoria Versión Steam (HKLM-x32\...\La traducción de Vídeos de Memoria Versión Steam) (Version:  - )
Legends of Eisenwald versión 1.101 u12 (HKLM-x32\...\{97B1A925-4C5F-44CF-B0E7-344E10990503}_is1) (Version: 1.101 u12 - Aterdux Entertainment)
Life is Feudal Forest Village MULTi9 - ElAmigos versión 1.0.6208 (HKLM-x32\...\{326EB428-D32D-4877-8787-A2EA8032A306}_is1) (Version: 1.0.6208 - Bitbox Ltd.)
Los Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version:  - )
Los Sims 2 Abren Negocios (HKLM-x32\...\{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}) (Version:  - )
Los Sims 2 Decora tu Familia - Accesorios (HKLM-x32\...\{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}) (Version:  - )
Los Sims 2 Universitarios (HKLM-x32\...\{01521746-02A6-4A72-00BD-A285DF6B80C6}) (Version:  - )
Los Sims 2: Noctámbulos (HKLM-x32\...\{F7529650-B9DB-481B-0089-A2AC3C2821C1}) (Version:  - )
Los Sims™ 2 ¡De Fiesta! Accesorios (HKLM-x32\...\{EAA38532-7AD0-4f78-918A-4F4F02096ECE}) (Version:  - )
Los Sims™ 2 Bon Voyage (HKLM-x32\...\{F248ADFA-64E0-4b03-8A83-059078BED6A0}) (Version:  - Electronic Arts)
Los Sims™ 2 Cocina y Baño Diseño de Interiores Accesorios (HKLM-x32\...\{6522C636-B04C-4333-9BEB-9E0C0B6350D6}) (Version:  - Electronic Arts)
Los Sims™ 2 Comparten Piso (HKLM-x32\...\{B6F5B704-06D3-4687-90F3-6195304AD755}) (Version:  - Electronic Arts)
Los Sims™ 2 H&M® Moda Accesorios (HKLM-x32\...\{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}) (Version:  - )
Los Sims™ 2 IKEA® Accesorios para el hogar (HKLM-x32\...\{6E17F9751-F056-4335-B718-8AF1B1092AFB}) (Version:  - Electronic Arts)
Los Sims™ 2 Jóvenes Urbanos Accesorios (HKLM-x32\...\{5C648FDB-0138-4619-B66E-230EF53E8E2C}) (Version:  - Electronic Arts)
Los Sims™ 2 Mansiones y Jardines Accesorios (HKLM-x32\...\{1A2A15C2-6780-49c1-B296-503230E9DE00}) (Version:  - Electronic Arts)
Los Sims™ 2 Mascotas (HKLM-x32\...\{4817189D-1785-4627-A33C-39FD90919300}) (Version:  - )
Los Sims™ 2 Todo Glamour Accesorios (HKLM-x32\...\{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}) (Version:  - )
Los Sims™ 2 y Las Cuatro Estaciones (HKLM-x32\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version:  - )
Los Sims™ 2 Y Sus Hobbies (HKLM-x32\...\{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}) (Version:  - Electronic Arts)
Los Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.14.49.1020 - Electronic Arts Inc.)
Lost Island - Eternal Storm 1.00 (HKLM-x32\...\Lost Island - Eternal Storm 1.00) (Version: 1.00 - Los Juegos del Mago Nico)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - ESN (HKLM-x32\...\{6D972506-DC01-39BC-A5DD-06DA86E00031}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - ESN (HKLM-x32\...\{4A28444E-0532-3264-B07D-5AFE590E30BE}) (Version: 9.0.30729 - Microsoft Corporation)
Mozilla Firefox 66.0.2 (x64 es-ES) (HKLM\...\Mozilla Firefox 66.0.2 (x64 es-ES)) (Version: 66.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.2.7024 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
NVIDIA Controlador de 3D Vision 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Origin (HKLM-x32\...\Origin) (Version: 10.4.12.59996 - Electronic Arts, Inc.)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
Panel de control de NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
PS_AIO_02_ProductContext (HKLM-x32\...\{B4B2096B-B13E-408E-8985-BD07463D5487}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software (HKLM-x32\...\{94F8D42D-BB31-4858-9705-7D756D8D9655}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software_Min (HKLM-x32\...\{685B0843-6C8D-4E42-B60D-2B86B45526E0}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Revisión para Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{6D972506-DC01-39BC-A5DD-06DA86E00031}.KB947789) (Version: 1 - Microsoft Corporation)
Rise of Venice Rise of Venice - Beyond the Sea (HKLM-x32\...\UmlzZW9mVmVuaWNl_is1) (Version: 1 - )
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shadow Tactics - Blades of the Shogun 1.2.1 (HKLM-x32\...\{BB762706-65FA-44C1-B2BB-EF29CA88D7CE}_is1) (Version: 1.2.1 - Daedalic Entertainment GmbH)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab Detection (HKLM-x32\...\{48D3FCD6-0E84-4BF1-ACF2-C2B8B3CCB7F6}) (Version: 6.1.5.0 - Husdawg, LLC)
The Guild 2 Venice (HKLM-x32\...\{91077588-AC04-4886-B20B-C8CF1A122F27}) (Version: 3.00.0000 - JoWood)
The Night of the Rabbit (HKLM-x32\...\GOGPACKNIGHTOFTHERABBIT_is1) (Version: 2.0.0.3 - GOG.com)
THE SETTLERS - Construye tu Imperio (HKLM-x32\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)
The Settlers 7 - Los Caminos del Reino (HKLM-x32\...\{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}) (Version: 1.12.1396 - Ubisoft)
The TimeBuilders - Pyramid Rising 2 Full (HKLM-x32\...\The TimeBuilders - Pyramid Rising 2 Full) (Version:  - )
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wasteland 2 (HKLM-x32\...\1207665783_is1) (Version: 2.0.0.8 - GOG.com)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04C2C278-8A30-4E07-9018-9B9844255B56} - System32\Tasks\{F9D02078-6979-4199-ABE7-A88D246D0385} => C:\Windows\system32\pcalua.exe -a "C:\JUEGOS 2014-2015\0 JUGADOS\TOWNSMEN\Setup.exe" -d "C:\JUEGOS 2014-2015\0 JUGADOS\TOWNSMEN"
Task: {05820E3E-57AC-47C4-AB16-D0DBB387225B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {08127C03-9E8A-4D60-8240-982E91B1732E} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {10324D20-858E-4C2A-819C-7993B9E24E3C} - System32\Tasks\{29022CC9-810E-43D5-9192-D9E5CEF49CE5} => C:\Windows\system32\pcalua.exe -a G:\Setup.exe -d G:\
Task: {1E2A419C-80E5-4780-8C1A-C69628D7C2F4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {253E756F-0242-4485-8036-2BA9754E3E7B} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {2D321061-BD55-4943-8AD2-6E6C0DE52175} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {373DE9B4-7EF5-42F8-91DE-18B8AA93239F} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3B00A870-FFFA-4027-9ECA-D86C46CDF66D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4C8D813F-86A0-480C-B472-EB937DDA82BE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {550C2CF5-FF08-4175-A2EA-D0FE6C236978} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {564FFA81-E65D-406C-BD9F-1CBAB78612B1} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {5F8F8D03-7299-4669-AD47-1170866C8511} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {754353B5-DD1B-4CA2-A9B4-B4FF0E6FF4E5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {7A166E98-300D-4D6F-B9D8-533776AA2BAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {7B90A296-74F3-4FBB-8CDC-3F468F02E9B3} - System32\Tasks\{C356217E-FF00-4249-8471-1BF92E27414A} => F:\Archivos de programa\Corel\CorelDRAW Graphics Suite X5\Setup\Setup.exe
Task: {7BBD7EEE-77DF-465A-BA61-FD90104AF1E9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7C6D7D86-90AC-43D3-9D24-6F7A06791874} - System32\Tasks\Microsoft System Certificates => C:\Users\INES\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\updater.exe
Task: {958E933F-90D7-4DC0-8849-406701292E5E} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe () [File not signed]
Task: {A6104BA1-4FDA-4DFB-BFA7-98C3EFAD715C} - System32\Tasks\{1719566C-8C5C-48DD-8B45-EDDA0D95D6F6} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\EA GAMES\Los Sims 2 Mansiones y Jardines Accesorios\CSBin\PackageInstaller.exe" -d "C:\Users\INES\Documents\EA Games\Los Sims 2\Downloads" -c "C:\Users\INES\Documents\EA Games\Los Sims 2\Downloads\stones02.Sims2Pack"
Task: {AB9A6FD0-14D9-4FD5-BB72-D7BE4663504D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B2486029-F116-4996-AC01-CFC29E4CDDDB} - System32\Tasks\{9FE53E59-BE1E-4F1F-BFB9-6183782D948C} => C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
Task: {BC7E527A-7BEA-47B3-9436-DC6FD450A145} - System32\Tasks\{7281CFC8-D204-4CBF-B9DD-FBCD2D77E478} => C:\Windows\system32\pcalua.exe -a "C:\Users\INES\Downloads\Traducción The Guild 2 - Venice.exe" -d C:\Users\INES\Downloads
Task: {BC89A9FD-D4EF-44D5-97C2-22822FE11A88} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BCFBA3B1-9820-4A86-8F36-1FB0E28D4184} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C8ED5F5D-48E6-48EB-8974-3D7DFD31E453} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CD9AF427-E3B9-4053-ACEE-DB31688E38CA} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {D3284B0D-7909-4238-A16F-B078D1F0048B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {D5FA7DFF-84CF-42C8-9A87-77A31F17FC29} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2008-12-03 20:05 - 2008-12-03 20:05 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2018-08-28 02:50 - 2018-03-24 01:05 - 000343728 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2009-09-20 12:24 - 2009-09-20 12:24 - 000133120 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll
2009-09-20 12:24 - 2009-09-20 12:24 - 000213504 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll
2009-09-20 12:24 - 2009-09-20 12:24 - 000249344 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll
2009-09-20 11:40 - 2009-09-20 11:40 - 000629248 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpocxi08.dll
2009-09-20 11:40 - 2009-09-20 11:40 - 000293376 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll
2019-04-03 22:46 - 2019-04-04 17:54 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-04-03 22:46 - 2019-04-04 17:54 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-04-03 22:46 - 2019-04-04 17:54 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-04-03 22:46 - 2019-04-04 17:54 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-04-03 22:46 - 2019-04-04 17:54 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-04-03 22:46 - 2019-04-04 17:54 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-04-03 22:46 - 2019-04-04 17:54 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-04-03 22:46 - 2019-04-04 17:54 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-04-03 22:46 - 2019-04-04 17:54 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-04-04 17:54 - 2019-04-04 17:54 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-04 17:54 - 2019-04-04 17:54 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-04-03 22:46 - 2019-04-04 17:54 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-04-04 17:54 - 2019-04-04 17:54 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-04 17:54 - 2019-04-04 17:54 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-04 17:54 - 2019-04-04 17:54 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-04 17:54 - 2019-04-04 17:54 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-04 17:54 - 2019-04-04 17:54 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-04 17:54 - 2019-04-04 17:54 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-04 17:54 - 2019-04-04 17:54 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:AA559E17 [122]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-289902958-906773711-2650684897-1000\Software\Classes\.exe:  =>  <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-04-04 17:22 - 000000141 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-289902958-906773711-2650684897-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\INES\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{1318C387-4D0D-4058-9942-F8EF04813C51}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{CE0DB6A1-41B2-4F29-8D71-BD5EB7C9960F}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{0553CA82-E880-475B-A6BC-A4B31EAADBB6}C:\users\ines\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\ines\appdata\local\jdownloader v2.0\jdownloader2.exe (AppWork GmbH -> AppWork GmbH)
FirewallRules: [UDP Query User{DF2F6399-529E-4E06-BC0F-3A05D00240FC}C:\users\ines\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\ines\appdata\local\jdownloader v2.0\jdownloader2.exe (AppWork GmbH -> AppWork GmbH)
FirewallRules: [TCP Query User{ED917045-BA09-493B-9241-5FE4ED9023D5}F:\archivos de programa\ubisoft\related designs\anno 1404\tools\addonweb.exe] => (Allow) F:\archivos de programa\ubisoft\related designs\anno 1404\tools\addonweb.exe () [File not signed]
FirewallRules: [UDP Query User{CA4B64AF-0720-4998-95C9-758430D19E78}F:\archivos de programa\ubisoft\related designs\anno 1404\tools\addonweb.exe] => (Allow) F:\archivos de programa\ubisoft\related designs\anno 1404\tools\addonweb.exe () [File not signed]
FirewallRules: [TCP Query User{90E5CF23-BC90-4C02-B891-7A4C3551210A}C:\program files (x86)\rise of venice\riseofvenice.exe] => (Allow) C:\program files (x86)\rise of venice\riseofvenice.exe (Gaming Minds Studios GmbH) [File not signed]
FirewallRules: [UDP Query User{42B4EA09-DCAA-4C74-A81F-2B2673D40980}C:\program files (x86)\rise of venice\riseofvenice.exe] => (Allow) C:\program files (x86)\rise of venice\riseofvenice.exe (Gaming Minds Studios GmbH) [File not signed]
FirewallRules: [{863E9CF3-5D6D-4B3B-B735-A60B235124FE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{A4A53C9C-318B-4868-86A6-90009DC2C761}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{A4681BD3-75B4-45F7-8A37-6C601C07FD62}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{B427CEE0-9814-46E2-91FF-121D98DB386E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{8B5FB89E-DA3A-40D7-99C9-2260678705C7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{0C38AEF3-8E7C-4B00-B3CA-B9CB4EA424DB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{83CFE196-82E7-4BB5-959B-3EF2F2C3B83D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{5DF10BA4-AAFE-452D-BD20-F88A93896FA7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{367F2A0B-1CB9-4E8E-8C6C-3A1AC3B3CEDB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{635522EB-E925-415A-A5C9-81400429C77D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{66A36F6F-A888-4D5D-87F7-47B02CA485FF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{78780BE8-3197-48E1-8088-85712B5BC070}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{0723CB10-917E-4167-B1F3-8DA2F348EF35}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe (Hewlett-Packard Development Co. L.P.) [File not signed]
FirewallRules: [{32651305-D390-44EB-BB00-F2A743F87B4B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe (Hewlett-Packard Development Co. L.P.) [File not signed]
FirewallRules: [{6F39BD00-0521-403B-8713-97D50AE78A98}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe (Hewlett-Packard Development Co. L.P.) [File not signed]
FirewallRules: [{6B817522-C5D7-474A-B0AA-934590F1AA5B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{CD8BC6B4-18A2-44E0-AA8E-AD2BBD9AC6FF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{46ED7B16-6DBD-465D-B9F2-6B0F901129A0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe (Hewlett Packard -> Hewlett-Packard Development Co. L.P.)
FirewallRules: [{73D8F246-D34A-4DA4-BACC-47BBE9B0016E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{86C7E2C3-1BC8-422A-912C-2C9CD5C913CC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{3B6966C0-8FAA-40A1-8461-42FED83F6477}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{AE2639E3-CEA3-4A27-BC14-A548AE8E2B79}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe (Hewlett-Packard Company -> Hewlett-Packard Co.)
FirewallRules: [{2B96751E-00BF-4A70-BB99-81C45942DB08}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> Ubisoft)
FirewallRules: [{429924CA-1A7F-4D9E-A6CF-2BD2E0F0D588}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> Ubisoft)
FirewallRules: [{3ED0F1ED-19BD-49CF-9429-DCAD41235B6B}] => (Allow) C:\Program Files (x86)\Ubisoft\The Settlers 7 - Los Caminos del Reino\Data\Base\_Dbg\Bin\Release\Settlers7R.exe (Blue Byte GmbH) [File not signed]
FirewallRules: [{1469CDEA-C114-4175-95C9-3ED0F200CC17}] => (Allow) C:\Program Files (x86)\Ubisoft\The Settlers 7 - Los Caminos del Reino\Data\Base\_Dbg\Bin\Release\Settlers7R.exe (Blue Byte GmbH) [File not signed]
FirewallRules: [TCP Query User{7940335C-EC9C-486A-83F7-7586BC879657}F:\archivos de programa\ubisoft\related designs\anno 1404\tools\anno4web.exe] => (Block) F:\archivos de programa\ubisoft\related designs\anno 1404\tools\anno4web.exe () [File not signed]
FirewallRules: [UDP Query User{B55A498D-59A2-4256-9A52-9EC2CE0B05FE}F:\archivos de programa\ubisoft\related designs\anno 1404\tools\anno4web.exe] => (Block) F:\archivos de programa\ubisoft\related designs\anno 1404\tools\anno4web.exe () [File not signed]
FirewallRules: [TCP Query User{565C23ED-4E70-4D43-BF06-08D21968C372}F:\archivos de programa\ubisoft\related designs\anno 1404\addon.exe] => (Block) F:\archivos de programa\ubisoft\related designs\anno 1404\addon.exe (Related Designs Software -> Related Designs)
FirewallRules: [UDP Query User{0465B883-F47F-442B-9511-053E1043E9E4}F:\archivos de programa\ubisoft\related designs\anno 1404\addon.exe] => (Block) F:\archivos de programa\ubisoft\related designs\anno 1404\addon.exe (Related Designs Software -> Related Designs)
FirewallRules: [TCP Query User{68F44107-8E28-4687-98A6-AF235A9E7EBB}F:\archivos de programa\kalypso media\port royale 3\portroyale3.exe] => (Block) F:\archivos de programa\kalypso media\port royale 3\portroyale3.exe (Kalypso Media -> Gaming Minds Studios GmbH)
FirewallRules: [UDP Query User{CD80730B-1950-472E-B474-F703F9BE7171}F:\archivos de programa\kalypso media\port royale 3\portroyale3.exe] => (Block) F:\archivos de programa\kalypso media\port royale 3\portroyale3.exe (Kalypso Media -> Gaming Minds Studios GmbH)
FirewallRules: [{0684BC07-5830-44CC-B53C-95945B9441CE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8E4AAD15-939B-4AA1-98EB-FCDF95CC3BC6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0FD18F75-6445-4CEA-83D6-70A938812E89}] => (Allow) C:\users\ines\appdata\local\jdownloader v2.0\jdownloader2.exe (AppWork GmbH -> AppWork GmbH)
FirewallRules: [{37589F2B-4E87-4903-802C-E00A182BE635}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9F326AF0-12C7-4842-851E-1D8A3B42DA80}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{54F7B2A9-D136-4823-B06F-F4499878F01B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Legend\EndlessLegend.exe () [File not signed]
FirewallRules: [{578B6C9B-D6E9-4BDE-A6D1-B43C775379D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Legend\EndlessLegend.exe () [File not signed]
FirewallRules: [{86BC67AB-59E6-4931-8FC7-A67C208341EB}] => (Allow) LPort=1256
FirewallRules: [{7414A755-BFBA-4A38-B6A5-CA44E2C8E8F8}] => (Allow) LPort=2598
FirewallRules: [{83E3DC99-4E0B-4D09-9FA4-ACD4EA2D686B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A4244D16-51D3-401D-B78C-95581B37C0A8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0C9CD7C8-92EA-4A1E-9DDB-D4EB34ABD612}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{340866F1-1B05-43F2-93DB-C78E296B8DFB}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{DB204C49-A8D3-4A01-80EF-669B79150C4B}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{E67462BC-8ADD-46CE-9258-042082F736FA}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{333D59A2-2290-43E0-B9FD-065F74CC6AC7}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{D26C3D12-3ADB-467A-8846-EC9F53006FFA}] => (Allow) C:\Program Files (x86)\Ubisoft\THE SETTLERS - Construye tu Imperio\base\bin\Settlers6.exe (Blue Byte GmbH -> Blue Byte GmbH)
FirewallRules: [{7DA24C49-48AA-4F6F-8517-95FF56B3D512}] => (Allow) C:\Program Files (x86)\Ubisoft\THE SETTLERS - Construye tu Imperio\base\bin\Settlers6.exe (Blue Byte GmbH -> Blue Byte GmbH)
FirewallRules: [{D8D1F40F-00F3-4646-AA65-FC1D397C4932}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{95AEAF52-1118-4DE0-9B27-64923B077AF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{02879AE1-97B3-4928-9651-47E094D94BE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{437AB202-9375-4875-BA93-AF6E1100E049}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9C9D5221-2C39-40BF-A46E-10C2F145B8BD}] => (Allow) C:\Program Files (x86)\Daedalic Entertainment GmbH\Shadow Tactics - Blades of the Shogun\Shadow Tactics.exe () [File not signed]
FirewallRules: [{760B3252-EA9B-4F9C-9AAC-BC21CABB0113}] => (Allow) C:\Program Files (x86)\Daedalic Entertainment GmbH\Shadow Tactics - Blades of the Shogun\Shadow Tactics.exe () [File not signed]
FirewallRules: [{4859753E-5A7B-4D93-AB70-23A4494DD2C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C9218ED2-10E7-4B9B-93BF-B81E8698C342}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe () [File not signed]
FirewallRules: [{4FDDC6CB-4E34-4537-8987-DFCD650072A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe () [File not signed]
FirewallRules: [{D49BFD47-9288-4D2D-8914-5B90B915B5D3}] => (Allow) C:\Program Files (x86)\Origin Games\Dead in Bermuda\Dead In Bermuda.exe (Electronic Arts -> )
FirewallRules: [{EEC9347D-16F7-467A-A06F-05EDB846761E}] => (Allow) C:\Program Files (x86)\Origin Games\Dead in Bermuda\Dead In Bermuda.exe (Electronic Arts -> )
FirewallRules: [TCP Query User{2EE89AFB-720A-40A1-A639-E3BCB0E5C5BD}C:\mago nico\caravan\caravan.exe] => (Allow) C:\mago nico\caravan\caravan.exe () [File not signed]
FirewallRules: [UDP Query User{5FDF4AE6-795F-43AB-AFCE-D7D30BCF6886}C:\mago nico\caravan\caravan.exe] => (Allow) C:\mago nico\caravan\caravan.exe () [File not signed]
FirewallRules: [{1D698D0B-9407-4A4C-A5A6-0E5EF3345ACA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eisenwald Blood of November\Eisenwald_BoN.exe () [File not signed]
FirewallRules: [{D9D2F73C-C111-49E8-993D-532ECDE2E8CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eisenwald Blood of November\Eisenwald_BoN.exe () [File not signed]
FirewallRules: [{0DB78E75-05DA-47F2-A3E0-C8C4198E3327}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Memoria\memoria.exe (Daedalic Entertainment GmbH) [File not signed]
FirewallRules: [{C4DD7103-C88D-4861-ACD1-C907AACBC789}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Memoria\memoria.exe (Daedalic Entertainment GmbH) [File not signed]
FirewallRules: [{4CBBB26F-96ED-4E70-933B-8932AF8E2B64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Memoria\VisionaireConfigurationTool.exe (Daedalic Entertainment) [File not signed]
FirewallRules: [{58180BA1-8E48-4901-B186-608B3696A366}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Memoria\VisionaireConfigurationTool.exe (Daedalic Entertainment) [File not signed]
FirewallRules: [{0F49B151-C311-4A6E-AA7B-F8523A2A1960}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe (Firaxis Games) [File not signed]
FirewallRules: [{56AF9D44-31AF-489E-8C8B-C39575784CF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe (Firaxis Games) [File not signed]
FirewallRules: [{ADD81E66-5B5B-4BEC-959B-DFC91BE1F1D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe (Firaxis Games) [File not signed]
FirewallRules: [{308CD087-C5E5-4FCB-BBD9-879B8681F299}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe (Firaxis Games) [File not signed]
FirewallRules: [{AF15BBCF-3688-45B3-89C3-8A2C32B61351}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0E09C672-BE90-458B-B0BC-B7F88CF7991A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{802A7246-105B-46C8-A8A5-1BDF9E018EF1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{80ED5B3F-7988-4A45-9951-ACFB56850F0B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{EA2FE9B6-F26C-4DC3-AA8F-90653414D7F9}C:\program files (x86)\foundation\foundation.exe] => (Block) C:\program files (x86)\foundation\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [UDP Query User{A00F967A-EFE8-456C-BD2C-648D75CCD74B}C:\program files (x86)\foundation\foundation.exe] => (Block) C:\program files (x86)\foundation\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [{2F7B78B2-BA2D-48C5-BDE8-718857A72DF9}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{BEE4D1FE-A1B6-4050-B0FA-A76D247A8711}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{52E85565-1525-4EBC-A21A-76A02B54A8F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\tbs\win32\The Banner Saga.exe () [File not signed]
FirewallRules: [{975F8506-701B-4F1C-9067-FF573E83D0E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\tbs\win32\The Banner Saga.exe () [File not signed]
FirewallRules: [{F335AFF0-36F1-4F60-88C3-43EB804E33D0}] => (Allow) C:\Program Files\HP\HP ENVY 5540 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{DA270F0D-219B-40DF-A922-301F0A76CE46}] => (Allow) LPort=5357
FirewallRules: [{FB98BBCB-16C7-4711-9742-524F84DC94F9}] => (Allow) C:\Program Files\HP\HP ENVY 5540 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{FB8CC5AB-1039-4264-A902-C0141437EB91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pillars of Eternity II\PillarsOfEternityII.exe (Obsidian Entertainment, Inc. -> )
FirewallRules: [{2CEE0910-1712-4D45-8203-F93C5C27D67E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pillars of Eternity II\PillarsOfEternityII.exe (Obsidian Entertainment, Inc. -> )
FirewallRules: [{36B1CF6E-63C7-48F9-8642-7EC3D801F6C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{06066070-5222-4E9F-A2C7-FB3894C6421B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe () [File not signed]

==================== Restore Points =========================

24-01-2019 18:26:44 Punto de control programado
01-02-2019 21:30:56 Punto de control programado
09-02-2019 22:46:27 Punto de control programado
17-02-2019 22:34:43 Punto de control programado
22-02-2019 20:20:25 Windows Update
04-03-2019 01:45:33 Punto de control programado
12-03-2019 23:03:56 Punto de control programado
21-03-2019 15:22:01 Punto de control programado
27-03-2019 00:11:52 Installed HP ENVY 5540 series Basic Device Software
27-03-2019 00:13:48 Installed HP ENVY 5540 series Basic Device Software
03-04-2019 21:57:23 Punto de control programado
04-04-2019 18:03:38 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/04/2019 06:01:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/04/2019 05:42:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/04/2019 04:58:46 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (04/04/2019 03:58:46 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (04/04/2019 03:48:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/04/2019 10:01:07 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (04/04/2019 09:58:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/04/2019 02:59:34 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.


System errors:
=============
Error: (04/04/2019 06:06:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (04/04/2019 06:06:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 1000 milisegundos: Reiniciar el servicio.

Error: (04/04/2019 06:06:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio HP Network Devices Support se cerró con el siguiente error: 
No se puede encontrar el módulo especificado.

Error: (04/04/2019 06:05:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio HP Network Devices Support se cerró con el siguiente error: 
No se puede encontrar el módulo especificado.

Error: (04/04/2019 06:05:15 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio HP Network Devices Support se cerró con el siguiente error: 
No se puede encontrar el módulo especificado.

Error: (04/04/2019 06:04:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio HP Network Devices Support se cerró con el siguiente error: 
No se puede encontrar el módulo especificado.

Error: (04/04/2019 06:01:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio HP Network Devices Support se cerró con el siguiente error: 
No se puede encontrar el módulo especificado.

Error: (04/04/2019 06:01:53 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {10DA4F3C-CC99-4190-BE4D-58330754E882} no se registró con DCOM dentro del tiempo de espera requerido.


CodeIntegrity:
===================================

Date: 2016-09-09 19:16:20.408
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-09-09 19:12:46.126
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-09-09 19:12:45.924
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-09-08 22:24:28.440
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-09-08 22:19:57.674
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-09-08 22:19:57.424
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-09-07 17:43:59.469
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-09-07 17:40:34.345
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Quad CPU Q9550 @ 2.83GHz
Percentage of memory in use: 49%
Total physical RAM: 8191.05 MB
Available physical RAM: 4163.25 MB
Total Virtual: 16380.23 MB
Available Virtual: 12493.55 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.92 GB) (Free:506.83 GB) NTFS
Drive f: () (Fixed) (Total:931.51 GB) (Free:240.93 GB) NTFS
Drive h: (Northgard) (CDROM) (Total:0.54 GB) (Free:0 GB) CDFS

\\?\Volume{e78a9208-fbb1-11e3-994b-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 02320231)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
0 me gusta

#6

Hola.

Por favor, revisa el informe que has puesto de FRST y compáralo con el que tengas en tu equipo, faltara por poner al menos la mitad del informe.

Cuando lo hayas verificado lo añades y nos lo comentas para que podamos verificarlo y darte mas indicaciones.

Saludos.

0 me gusta

#7

Aqui dejo el informe :

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by INES (administrator) on INES-PC (04-04-2019 18:23:46)
Running from C:\Users\INES\Desktop
Loaded Profiles: INES (Available Profiles: INES)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1841496 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1903224 2017-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) [File not signed]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [CorelDRAW Graphics Suite 11b] => C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\ES\Programs\Registration.exe [733184 2003-11-28] (Corel Corporation) [File not signed]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-289902958-906773711-2650684897-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-289902958-906773711-2650684897-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Drivers32: [vidc.i420] => lvcod64.dll
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3554304 2013-03-17] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [258560 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [127488 2013-12-20] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.l3codecp] => C:\Windows\system32\l3codecp.acm [182272 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32-x32: [vidc.i420] => lvcodec2.dll
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3649536 2013-03-17] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [243200 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2013-12-20] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.l3codecp] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-18] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-18] (On2.com) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\Installer\chrmstp.exe [2019-03-22] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\72.0.1174.121\Installer\chrmstp.exe [2019-03-08] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-09-19]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) [File not signed]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{306A6DC1-B17B-4FEA-84B2-4E227CF4F749}: [NameServer] 192.168.6.1
HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,192.168.6.1,-1]

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-289902958-906773711-2650684897-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)

FireFox:
========
FF ProfilePath: C:\Users\INES\AppData\Roaming\Mozilla\Firefox\Profiles\jrxuh4pm.default-1485287988378 [2019-04-04]
FF Homepage: Mozilla\Firefox\Profiles\jrxuh4pm.default-1485287988378 -> hxxps://www.google.es
FF Extension: (MyJDownloader Browser Extension) - C:\Users\INES\AppData\Roaming\Mozilla\Firefox\Profiles\jrxuh4pm.default-1485287988378\Extensions\[email protected] [2018-08-01] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\INES\AppData\Roaming\Mozilla\Firefox\Profiles\jrxuh4pm.default-1485287988378\Extensions\[email protected] [2019-02-05]
FF Extension: (uBlock Origin) - C:\Users\INES\AppData\Roaming\Mozilla\Firefox\Profiles\jrxuh4pm.default-1485287988378\Extensions\[email protected] [2019-03-13]
FF Extension: (Avast Online Security) - C:\Users\INES\AppData\Roaming\Mozilla\Firefox\Profiles\jrxuh4pm.default-1485287988378\Extensions\[email protected] [2019-03-15]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-09-19] [Legacy] [not signed]
FF HKU\S-1-5-21-289902958-906773711-2650684897-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-289902958-906773711-2650684897-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\The Settlers 7 - Los Caminos del Reino\Data\Base\_Dbg\Bin\Release\orbit\npuplaypc.dll [2013-02-26] (Ubisoft Massive -> Ubisoft)

Chrome: 
=======
CHR Profile: C:\Users\INES\AppData\Local\Google\Chrome\User Data\Default [2019-04-04]
CHR Extension: (Presentaciones) - C:\Users\INES\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-21]
CHR Extension: (Documentos) - C:\Users\INES\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-21]
CHR Extension: (Google Drive) - C:\Users\INES\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-17]
CHR Extension: (YouTube) - C:\Users\INES\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-17]
CHR Extension: (Hojas de cálculo) - C:\Users\INES\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-21]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\INES\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-19]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\INES\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-21]
CHR Extension: (Gmail) - C:\Users\INES\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\INES\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6570352 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-04] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [360440 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-04] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\72.0.1174.121\elevation_service.exe [1070600 2019-03-06] (AVAST Software s.r.o. -> AVAST Software)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2157456 2017-06-11] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3127192 2017-06-11] (Electronic Arts, Inc. -> Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S2 HPSLPSVC; C:\Users\INES\AppData\Local\Temp\7zS5CA6\hpslpsvc64.dll [X] <==== ATTENTION
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] (ASUSTeK Computer Inc. -> )
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37320 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205608 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [254408 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196304 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320904 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58168 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249152 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42496 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169104 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88152 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034640 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [476256 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [220632 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380160 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2016-07-30] (Tages SA -> )
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-24] (Disc Soft Ltd -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-04-04] (Malwarebytes Corporation -> Malwarebytes)
S0 kkpdwwb; C:\Windows\SysWOW64\drivers\bbmsveh.sys [61440 2014-07-31] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2016-07-30] (Tages SA -> )
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-04-04] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [127136 2019-04-04] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73912 2019-04-04] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-04-04] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [104784 2019-04-04] (Malwarebytes Corporation -> Malwarebytes)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] (ASUSTeK Computer Inc. -> )
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48248 2017-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57976 2017-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 catchme; \??\C:\Combo-Fix\catchme.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-04 18:23 - 2019-04-04 18:24 - 000023087 _____ C:\Users\INES\Desktop\FRST.txt
2019-04-04 18:23 - 2019-04-04 18:23 - 000000000 ____D C:\FRST
2019-04-04 18:13 - 2019-04-04 18:13 - 000004629 _____ C:\Users\INES\Desktop\JRT.txt
2019-04-04 18:05 - 2019-04-04 18:05 - 000073912 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-04-04 18:03 - 2019-04-04 18:03 - 000127136 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-04-04 18:03 - 2019-04-04 18:03 - 000104784 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-04-04 18:01 - 2019-04-04 18:01 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-04-04 17:54 - 2019-04-04 17:54 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-04-04 17:45 - 2019-04-04 17:58 - 000000000 ____D C:\AdwCleaner
2019-04-04 17:29 - 2019-04-04 17:29 - 000001578 _____ C:\Windows\system32\cc_20190404_172910.reg
2019-04-04 17:28 - 2019-04-04 17:28 - 000287294 _____ C:\Windows\system32\cc_20190404_172807.reg
2019-04-04 17:28 - 2019-04-04 17:28 - 000009022 _____ C:\Windows\system32\cc_20190404_172834.reg
2019-04-04 17:21 - 2019-04-04 17:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-04-04 17:20 - 2019-04-04 17:20 - 007025360 _____ (Malwarebytes) C:\Users\INES\Desktop\adwcleaner_7.3.exe
2019-04-04 17:20 - 2019-04-04 17:20 - 002434048 _____ (Farbar) C:\Users\INES\Desktop\FRST64.exe
2019-04-04 17:19 - 2019-04-04 17:19 - 001790024 _____ (Malwarebytes) C:\Users\INES\Desktop\JRT.exe
2019-04-03 22:59 - 2019-04-03 22:59 - 000002562 _____ C:\Users\INES\Desktop\En cuarentena. VIRUS.txt
2019-04-03 22:47 - 2019-04-03 22:47 - 000001827 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-03 22:47 - 2019-04-03 22:47 - 000000000 ____D C:\Users\INES\AppData\Local\mbamtray
2019-04-03 22:47 - 2019-04-03 22:47 - 000000000 ____D C:\Users\INES\AppData\Local\mbam
2019-04-03 22:47 - 2019-04-03 22:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-03 22:46 - 2019-04-04 17:54 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-04-03 22:46 - 2019-04-03 22:46 - 000000000 ____D C:\Program Files\Malwarebytes
2019-04-03 22:10 - 2019-04-03 22:15 - 000000000 ____D C:\Users\INES\Desktop\GHOST OF A TALE
2019-04-02 22:49 - 2019-04-02 22:49 - 001051027 _____ C:\Users\INES\pc-tute.zip
2019-03-27 02:29 - 2019-03-27 02:29 - 000000000 ____D C:\Users\INES\AppData\Roaming\.mono
2019-03-27 01:29 - 2019-03-27 01:29 - 000000222 _____ C:\Users\INES\Desktop\Pillars of Eternity II Deadfire.url
2019-03-27 00:15 - 2019-03-27 00:15 - 000002136 _____ C:\Users\Public\Desktop\HP ENVY 5540 series.lnk
2019-03-27 00:15 - 2019-03-27 00:15 - 000001098 _____ C:\Users\Public\Desktop\Shop for Supplies - HP ENVY 5540 series.lnk
2019-03-27 00:15 - 2015-03-09 15:44 - 000807432 ____N (Hewlett-Packard Development Company, LP) C:\Windows\system32\HPDiscoPMCE11.dll
2019-03-14 21:14 - 2019-03-14 21:14 - 000362888 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-03-10 23:22 - 2019-03-11 00:23 - 000000000 ____D C:\Users\INES\Desktop\WISTERIA LANE

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-04 18:12 - 2009-07-14 06:45 - 000031920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-04 18:12 - 2009-07-14 06:45 - 000031920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-04 18:09 - 2018-10-19 23:04 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-04-04 18:09 - 2018-03-28 21:48 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-04-04 18:06 - 2014-06-24 18:02 - 000003486 _____ C:\Windows\System32\Tasks\AutoKMS
2019-04-04 18:06 - 2014-06-24 17:43 - 000000000 ____D C:\ProgramData\NVIDIA
2019-04-04 18:02 - 2017-10-13 23:05 - 000000000 ____D C:\Users\INES\AppData\Local\AVAST Software
2019-04-04 18:00 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-04 17:38 - 2016-11-18 21:01 - 000000000 ____D C:\Users\INES\AppData\LocalLow\Mozilla
2019-04-04 17:29 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-04-04 17:27 - 2015-04-25 17:07 - 000000000 ____D C:\Program Files (x86)\Steam
2019-04-04 17:27 - 2014-06-25 23:21 - 000000000 ____D C:\Users\INES\AppData\Roaming\MPC-HC
2019-04-04 17:27 - 2014-06-24 23:02 - 000000000 ____D C:\Users\INES\AppData\Roaming\DAEMON Tools Lite
2019-04-04 17:26 - 2017-03-16 22:12 - 000000000 ____D C:\Users\INES\AppData\Local\CrashDumps
2019-04-04 17:21 - 2014-07-25 00:00 - 000000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-04-04 17:21 - 2014-07-25 00:00 - 000000000 ____D C:\Program Files\CCleaner
2019-04-04 17:09 - 2016-07-22 12:04 - 000000000 ____D C:\Users\INES\Documents\WeChat Files
2019-04-04 17:08 - 2014-06-24 18:04 - 000003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{255C00F5-AC8E-4614-8A10-7C87F210E5BF}
2019-04-04 15:55 - 2011-04-12 11:10 - 000761994 _____ C:\Windows\system32\perfh00A.dat
2019-04-04 15:55 - 2011-04-12 11:10 - 000163664 _____ C:\Windows\system32\perfc00A.dat
2019-04-04 15:55 - 2009-07-14 07:13 - 001705268 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-04 03:22 - 2014-06-26 22:12 - 000000000 ____D C:\Users\INES\Downloads\Descargas de JDownloads
2019-04-04 03:21 - 2014-06-24 22:58 - 000000000 ____D C:\Users\INES\AppData\Local\JDownloader v2.0
2019-04-03 23:00 - 2016-02-25 00:04 - 000000000 ____D C:\Program Files (x86)\Cheat Engine 6.4
2019-04-03 23:00 - 2014-09-14 22:49 - 000000000 ____D C:\Program Files (x86)\Rise of Venice
2019-04-03 23:00 - 2014-08-18 21:55 - 000000000 ____D C:\Program Files (x86)\King's Bounty - Warriors of the North
2019-04-03 23:00 - 2014-06-24 17:50 - 000000000 ____D C:\Users\INES\AppData\Roaming\Nero
2019-04-03 22:46 - 2014-07-24 23:37 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-03 22:46 - 2014-07-24 23:37 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2019-04-02 22:49 - 2014-06-24 17:17 - 000000000 ____D C:\Users\INES
2019-03-31 21:36 - 2011-04-30 20:01 - 000000000 ___RD C:\REDIMENSIONAR
2019-03-29 22:53 - 2017-06-30 22:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-03-29 22:53 - 2014-06-24 22:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-28 01:35 - 2014-12-21 01:57 - 000000000 ____D C:\Users\INES\AppData\Roaming\Omerta
2019-03-27 23:28 - 2016-04-17 16:36 - 000003532 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-27 23:28 - 2016-04-17 16:36 - 000003404 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-27 23:17 - 2009-07-14 06:45 - 000497608 _____ C:\Windows\system32\FNTCACHE.DAT
2019-03-27 02:28 - 2015-03-27 22:29 - 000000000 ____D C:\Users\INES\AppData\LocalLow\Obsidian Entertainment
2019-03-27 02:09 - 2014-06-24 18:02 - 000137800 _____ C:\Users\INES\AppData\Local\GDIPFONTCACHEV1.DAT
2019-03-27 00:15 - 2014-09-19 01:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-03-27 00:14 - 2014-09-19 01:05 - 000000000 ____D C:\Program Files (x86)\HP
2019-03-27 00:14 - 2014-08-27 01:29 - 000000000 ____D C:\Program Files\HP
2019-03-27 00:14 - 2014-08-27 01:28 - 000000000 ____D C:\ProgramData\HP
2019-03-26 00:08 - 2018-12-17 22:05 - 000000000 ____D C:\Users\INES\Desktop\CUADRO
2019-03-25 23:26 - 2017-08-31 00:14 - 000000000 ____D C:\Users\INES\Desktop\MICHAEL Y DAVID SMITH. GALERIA
2019-03-22 23:00 - 2016-04-17 16:36 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-14 21:14 - 2019-02-14 22:48 - 000249152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-03-14 21:14 - 2018-10-19 23:03 - 000042496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-03-14 21:14 - 2014-06-24 22:59 - 000476256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-03-14 21:14 - 2014-06-24 22:59 - 000380160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-03-14 21:14 - 2014-06-24 22:59 - 000220632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-03-14 21:14 - 2014-06-24 22:58 - 000169104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-03-14 21:14 - 2014-06-24 22:58 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-03-14 21:14 - 2014-06-24 22:58 - 000088152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-03-14 21:13 - 2019-01-14 23:47 - 000254408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-03-14 21:13 - 2019-01-04 23:28 - 000320904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-03-14 21:13 - 2019-01-04 23:28 - 000196304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-03-14 21:13 - 2019-01-04 23:28 - 000058168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-03-14 21:13 - 2019-01-04 23:28 - 000037320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-03-14 21:13 - 2017-11-16 21:35 - 000205608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-03-14 21:13 - 2014-06-24 22:59 - 001034640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-03-14 21:08 - 2009-07-14 07:08 - 000032546 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-03-13 00:48 - 2018-03-13 23:48 - 000004488 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-03-13 00:48 - 2014-06-25 00:04 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-03-13 00:48 - 2014-06-25 00:04 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-13 00:48 - 2014-06-25 00:04 - 000004320 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-03-13 00:48 - 2014-06-25 00:04 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-03-13 00:48 - 2014-06-25 00:04 - 000000000 ____D C:\Windows\system32\Macromed
2019-03-12 22:49 - 2014-06-24 17:53 - 000000000 ____D C:\Users\INES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-03-12 22:49 - 2014-06-24 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-03-12 22:49 - 2014-06-24 17:53 - 000000000 ____D C:\Program Files\WinRAR
2019-03-08 23:44 - 2018-04-04 22:55 - 000002427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-03-08 23:44 - 2018-04-04 22:55 - 000002384 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk

Some files in TEMP:
====================
2019-04-03 20:55 - 2019-04-03 20:55 - 000040448 ____N () C:\Users\INES\AppData\Local\Temp\proxy_vole7400463920231596163.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-04-03 21:50

==================== End of FRST.txt ============================
0 me gusta

#8

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Task: {04C2C278-8A30-4E07-9018-9B9844255B56} - System32\Tasks\{F9D02078-6979-4199-ABE7-A88D246D0385} => C:\Windows\system32\pcalua.exe -a "C:\JUEGOS 2014-2015\0 JUGADOS\TOWNSMEN\Setup.exe" -d "C:\JUEGOS 2014-2015\0 JUGADOS\TOWNSMEN"
Task: {10324D20-858E-4C2A-819C-7993B9E24E3C} - System32\Tasks\{29022CC9-810E-43D5-9192-D9E5CEF49CE5} => C:\Windows\system32\pcalua.exe -a G:\Setup.exe -d G:\
Task: {7B90A296-74F3-4FBB-8CDC-3F468F02E9B3} - System32\Tasks\{C356217E-FF00-4249-8471-1BF92E27414A} => F:\Archivos de programa\Corel\CorelDRAW Graphics Suite X5\Setup\Setup.exe
Task: {A6104BA1-4FDA-4DFB-BFA7-98C3EFAD715C} - System32\Tasks\{1719566C-8C5C-48DD-8B45-EDDA0D95D6F6} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\EA GAMES\Los Sims 2 Mansiones y Jardines Accesorios\CSBin\PackageInstaller.exe" -d "C:\Users\INES\Documents\EA Games\Los Sims 2\Downloads" -c "C:\Users\INES\Documents\EA Games\Los Sims 2\Downloads\stones02.Sims2Pack"
Task: {BC7E527A-7BEA-47B3-9436-DC6FD450A145} - System32\Tasks\{7281CFC8-D204-4CBF-B9DD-FBCD2D77E478} => C:\Windows\system32\pcalua.exe -a "C:\Users\INES\Downloads\Traducción The Guild 2 - Venice.exe" -d C:\Users\INES\Downloads
AlternateDataStreams: C:\ProgramData\TEMP:AA559E17 [122]
HKU\S-1-5-21-289902958-906773711-2650684897-1000\Software\Classes\.exe: => <==== ATTENTION
FF Homepage: Mozilla\Firefox\Profiles\jrxuh4pm.default-1485287988378 -> hxxps://www.google.es
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S0 kkpdwwb; C:\Windows\SysWOW64\drivers\bbmsveh.sys [61440 2014-07-31] () [File not signed]
S3 catchme; \??\C:\Combo-Fix\catchme.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
2019-04-03 20:55 - 2019-04-03 20:55 - 000040448 ____N () C:\Users\INES\AppData\Local\Temp\proxy_vole7400463920231596163.dll
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora inicia tu equipo desde el :arrow_forward: Modo Seguro – con funciones de Red, de Windows

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

0 me gusta

#9
Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by INES (06-04-2019 23:15:05) Run:1
Running from C:\Users\INES\Desktop
Loaded Profiles: INES (Available Profiles: INES)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Task: {04C2C278-8A30-4E07-9018-9B9844255B56} - System32\Tasks\{F9D02078-6979-4199-ABE7-A88D246D0385} => C:\Windows\system32\pcalua.exe -a "C:\JUEGOS 2014-2015\0 JUGADOS\TOWNSMEN\Setup.exe" -d "C:\JUEGOS 2014-2015\0 JUGADOS\TOWNSMEN"
Task: {10324D20-858E-4C2A-819C-7993B9E24E3C} - System32\Tasks\{29022CC9-810E-43D5-9192-D9E5CEF49CE5} => C:\Windows\system32\pcalua.exe -a G:\Setup.exe -d G:\
Task: {7B90A296-74F3-4FBB-8CDC-3F468F02E9B3} - System32\Tasks\{C356217E-FF00-4249-8471-1BF92E27414A} => F:\Archivos de programa\Corel\CorelDRAW Graphics Suite X5\Setup\Setup.exe
Task: {A6104BA1-4FDA-4DFB-BFA7-98C3EFAD715C} - System32\Tasks\{1719566C-8C5C-48DD-8B45-EDDA0D95D6F6} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\EA GAMES\Los Sims 2 Mansiones y Jardines Accesorios\CSBin\PackageInstaller.exe" -d "C:\Users\INES\Documents\EA Games\Los Sims 2\Downloads" -c "C:\Users\INES\Documents\EA Games\Los Sims 2\Downloads\stones02.Sims2Pack"
Task: {BC7E527A-7BEA-47B3-9436-DC6FD450A145} - System32\Tasks\{7281CFC8-D204-4CBF-B9DD-FBCD2D77E478} => C:\Windows\system32\pcalua.exe -a "C:\Users\INES\Downloads\Traducci�n The Guild 2 - Venice.exe" -d C:\Users\INES\Downloads
AlternateDataStreams: C:\ProgramData\TEMP:AA559E17 [122]
HKU\S-1-5-21-289902958-906773711-2650684897-1000\Software\Classes\.exe: => <==== ATTENTION
FF Homepage: Mozilla\Firefox\Profiles\jrxuh4pm.default-1485287988378 -> hxxps://www.google.es
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S0 kkpdwwb; C:\Windows\SysWOW64\drivers\bbmsveh.sys [61440 2014-07-31] () [File not signed]
S3 catchme; \??\C:\Combo-Fix\catchme.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
2019-04-03 20:55 - 2019-04-03 20:55 - 000040448 ____N () C:\Users\INES\AppData\Local\Temp\proxy_vole7400463920231596163.dll
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{04C2C278-8A30-4E07-9018-9B9844255B56}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04C2C278-8A30-4E07-9018-9B9844255B56}" => removed successfully
C:\Windows\System32\Tasks\{F9D02078-6979-4199-ABE7-A88D246D0385} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F9D02078-6979-4199-ABE7-A88D246D0385}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10324D20-858E-4C2A-819C-7993B9E24E3C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10324D20-858E-4C2A-819C-7993B9E24E3C}" => removed successfully
C:\Windows\System32\Tasks\{29022CC9-810E-43D5-9192-D9E5CEF49CE5} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{29022CC9-810E-43D5-9192-D9E5CEF49CE5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7B90A296-74F3-4FBB-8CDC-3F468F02E9B3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B90A296-74F3-4FBB-8CDC-3F468F02E9B3}" => removed successfully
C:\Windows\System32\Tasks\{C356217E-FF00-4249-8471-1BF92E27414A} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C356217E-FF00-4249-8471-1BF92E27414A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A6104BA1-4FDA-4DFB-BFA7-98C3EFAD715C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6104BA1-4FDA-4DFB-BFA7-98C3EFAD715C}" => removed successfully
C:\Windows\System32\Tasks\{1719566C-8C5C-48DD-8B45-EDDA0D95D6F6} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1719566C-8C5C-48DD-8B45-EDDA0D95D6F6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BC7E527A-7BEA-47B3-9436-DC6FD450A145}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC7E527A-7BEA-47B3-9436-DC6FD450A145}" => removed successfully
C:\Windows\System32\Tasks\{7281CFC8-D204-4CBF-B9DD-FBCD2D77E478} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7281CFC8-D204-4CBF-B9DD-FBCD2D77E478}" => removed successfully
C:\ProgramData\TEMP => ":AA559E17" ADS removed successfully
HKU\S-1-5-21-289902958-906773711-2650684897-1000\Software\Classes\.exe => removed successfully
"Firefox homepage" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully
AvastVBoxSvc => service not found.
HKLM\System\CurrentControlSet\Services\kkpdwwb => removed successfully
kkpdwwb => service removed successfully
HKLM\System\CurrentControlSet\Services\catchme => removed successfully
catchme => service removed successfully
VBoxAswDrv => service not found.
C:\Users\INES\AppData\Local\Temp\proxy_vole7400463920231596163.dll => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKU\S-1-5-21-289902958-906773711-2650684897-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-289902958-906773711-2650684897-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-289902958-906773711-2650684897-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local 4 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local 3 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local 2 mientras los medios
est‚n desconectados.

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c
No se puede iniciar el servicio o grupo de dependencia.



========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 73233048 B
Java, Flash, Steam htmlcache => 410873017 B
Windows/system/drivers => 3894726 B
Edge => 0 B
Chrome => 137230 B
Firefox => 123780080 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33186 B
systemprofile32 => 3904225 B
LocalService => 0 B
NetworkService => 0 B
INES => 132298400 B

RecycleBin => 0 B
EmptyTemp: => 713.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 23:15:39 ====
0 me gusta

#10

El problema de inicio del post, como dije, ya se arregló, pero hay otra cosa que no consigo arreglarle. Cada vez que inicia el ordenador le sale un mensaje que le pide el paquete “trayApp.msi”. He probado la solución de este enlace pero sigue saliendo el mensaje al reiniciar el ordenador, no sé si tú me podrías arreglar, ya que debe de haber algo por ahí colgando, algún registro, que le hace ejecutar el instalador.

0 me gusta

#11

Hola.

Bien… y ese problema que ahora comentas existe desde el principio o a surgido a raíz de realizar los análisis…??

0 me gusta

#12

Surgió después de los análisis.

0 me gusta

#13

Bien… pues dime exactamente que impresora tienes instalada en tu equipo, necesito modelo y fabricante exactos.

Ademas dime también SI has tenido instalada alguna otra impresora en ese equipo, dando modelo y fabricante igualmente.

Y sacas nuevos informes de Addition.txt y FRST.txt usando de nuevo el programa FRST.exe que ya tienes en tu equipo y los pones en tu próxima respuesta.

:warning: Y de momento , Por Favor, mientras estemos desinfectando/arreglando tu maquina :

No realices pasos/acciones que NOSOTROS no te hayamos indicado.

No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.

No instales NADA (programas/software/complementos/extensiones del navegador…)

No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…)

No realices por tu cuenta otros procedimientos.

Usa tu equipo EXCLUSIVAMENTE para desinfectarlo/arreglarlo siguiendo nuestras indicaciones.

Saludos.

0 me gusta

#14

No importa, se puso a trastear y a borrar todos los archivos que tenía instalados de la anterior impresora y parece que se le arregló ese problema también. Así que ya no necesita nuestra ayuda. Por mí se puede dar por solucionado el tema.

Muchas gracias por la ayuda, Javier. :slight_smile:

0 me gusta

#15

Perfecto :+1: excelente, nos alegra ver que ya está el problema inicial completamente arreglado, Y ahora solo queda eliminar las herramientas usadas.

Para hacerlo descarga :arrow_forward: DelFix.exe en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador -).

  • Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.


Para cualquier otro problema, no dudes en volver a postear., ya sabes dónde estamos. :+1:

Tema Solucionado.

Saludos, Javier.

0 me gusta

cerrado #16
0 me gusta