Hola
Si todo lo que es puesto del reporte es lo que tienes, algo has hecho mal porque ahí faltan muchas entradas, ejemplo de reporte, comparalo con el tuyo y verás todo lo que falta.
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by Gustavo Caro (25-07-2019 15:03:06) Run:6
Running from C:\Users\Gustavo Caro\Desktop
Loaded Profiles: Gustavo Caro (Available Profiles: Gustavo Caro & CDFAccount)
Boot Mode: Safe Mode (minimal)
==============================================
fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKU\S-1-5-21-808367516-1742056278-3576212296-1001\...\Run: [uTorrent] => C:\Users\Gustavo Caro\AppData\Roaming\uTorrent\uTorrent.exe [1818352 2019-07-04] (BitTorrent Inc -> BitTorrent Inc.)
GroupPolicy: Restriction ? <==== ATTENTION
Task: {05097E2A-D507-41D8-B5EC-5DAF3044BA9A} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-07-11] (Advanced Micro Devices, Inc.) [File not signed]
Task: {A55B1698-8ECD-46FE-A6D8-817C40E8E37E} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-07-11] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
CHR StartupUrls: Default -> "hxxps://boards.4chan.org/w/","hxxps://www.youtube.com/watch?v=EvazDsAWAno","hxxps://www.reddit.com/r/leagueoflegends","hxxp://www.lolskill.net/game/LAS/panconmoco","hxxp://www.probuilds.net/guide/EUW/2310884659/18995872","hxxps://www.facebook.com/groups/SDLG14/?fref=nf","hxxp://boards.4chan.org/wg/","hxxp://boards.4chan.org/wg/thread/6312763/startpage-and-new-tab-thread-3#p6312811","file:///C:/Users/Cherno/Documents/startpage/index.html"
CHR Extension: (Twitter Image Downloader) - C:\Users\Gustavo Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dappmbmnllkinofmgdmjdeeajmcljnkc [2019-07-02]
CHR Extension: (MyJSCript) - C:\Users\Gustavo Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpabpfikknflecblchhfkpkcpilbkfcd [2019-01-14]
CHR Extension: (InstaG Downloader) - C:\Users\Gustavo Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnkdcmgmnegofdddphijckfagibepdlb [2018-07-11]
CHR Extension: (Chrome Media Router) - C:\Users\Gustavo Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-22]
CHR Extension: (MyJSCript) - C:\Users\Gustavo Caro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gpabpfikknflecblchhfkpkcpilbkfcd [2019-01-14]
CHR Extension: (Chrome Media Router) - C:\Users\Gustavo Caro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-23]
CHR Extension: (Chrome Media Router) - C:\Users\Gustavo Caro\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-21]
2019-07-22 17:48 - 2019-07-22 17:48 - 000000000 ____D C:\WINDOWS\System32\Tasks\R@1n-KMS
FirewallRules: [{676AD5D5-2212-4505-BA44-46E89A64EC3F}] => (Allow) F:\Steam\steamapps\common\Little Nightmares\Atlas\Binaries\Win64\LittleNightmares.exe (Tarsier Studios) [File not signed]
FirewallRules: [{DBC80291-DC4F-465C-AAFC-7A3AD4306008}] => (Allow) F:\Steam\steamapps\common\Little Nightmares\Atlas\Binaries\Win64\LittleNightmares.exe (Tarsier Studios) [File not signed]
FirewallRules: [{0E2EADF2-E9A1-4B54-B2BE-1CBECEE741D3}] => (Allow) F:\Steam\steamapps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe () [File not signed]
FirewallRules: [{789D74EE-73AD-4154-8C7D-CA6980F183B4}] => (Allow) F:\Steam\steamapps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe () [File not signed]
FirewallRules: [{A774CF01-9F12-43B5-8933-C0C045590C4F}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.0.11.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe () [File not signed]
FirewallRules: [{F633B1CA-E768-44FE-801E-8A2B1FEE5E2F}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.0.11.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe () [File not signed]
FirewallRules: [{4AF373CF-2150-4500-B238-E4E7C85F3696}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.0.11.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe () [File not signed]
FirewallRules: [{275320FB-DBF3-4FDB-9116-B56E5D0CBE0D}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.0.11.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe () [File not signed]
FirewallRules: [{DF0E960B-F2E8-4509-9755-7098632737CF}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.0.11.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe () [File not signed]
FirewallRules: [{C35F336A-B746-4ADD-B929-016DDC4428A8}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.0.11.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe () [File not signed]
FirewallRules: [{EE800D87-F922-4216-9039-C574183148A8}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.0.11.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe () [File not signed]
FirewallRules: [{15C87481-09B7-4A52-85F4-FCF0D2CDC9AB}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.0.11.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe () [File not signed]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKU\S-1-5-21-808367516-1742056278-3576212296-1001\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent" => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05097E2A-D507-41D8-B5EC-5DAF3044BA9A}" => not found
C:\WINDOWS\System32\Tasks\AMDLinkUpdate => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AMDLinkUpdate" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A55B1698-8ECD-46FE-A6D8-817C40E8E37E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A55B1698-8ECD-46FE-A6D8-817C40E8E37E}" => removed successfully
C:\WINDOWS\System32\Tasks\ModifyLinkUpdate => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ModifyLinkUpdate" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"Chrome StartupUrls" => removed successfully
CHR Extension: (Twitter Image Downloader) - C:\Users\Gustavo Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dappmbmnllkinofmgdmjdeeajmcljnkc [2019-07-02] => Error: No automatic fix found for this entry.
CHR Extension: (MyJSCript) - C:\Users\Gustavo Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpabpfikknflecblchhfkpkcpilbkfcd [2019-01-14] => Error: No automatic fix found for this entry.
CHR Extension: (InstaG Downloader) - C:\Users\Gustavo Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnkdcmgmnegofdddphijckfagibepdlb [2018-07-11] => Error: No automatic fix found for this entry.
CHR Extension: (Chrome Media Router) - C:\Users\Gustavo Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-22] => Error: No automatic fix found for this entry.
CHR Extension: (MyJSCript) - C:\Users\Gustavo Caro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gpabpfikknflecblchhfkpkcpilbkfcd [2019-01-14] => Error: No automatic fix found for this entry.
CHR Extension: (Chrome Media Router) - C:\Users\Gustavo Caro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-23] => Error: No automatic fix found for this entry.
CHR Extension: (Chrome Media Router) - C:\Users\Gustavo Caro\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-21] => Error: No automatic fix found for this entry.
C:\WINDOWS\System32\Tasks\R@1n-KMS => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{676AD5D5-2212-4505-BA44-46E89A64EC3F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DBC80291-DC4F-465C-AAFC-7A3AD4306008}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0E2EADF2-E9A1-4B54-B2BE-1CBECEE741D3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{789D74EE-73AD-4154-8C7D-CA6980F183B4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A774CF01-9F12-43B5-8933-C0C045590C4F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F633B1CA-E768-44FE-801E-8A2B1FEE5E2F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4AF373CF-2150-4500-B238-E4E7C85F3696}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{275320FB-DBF3-4FDB-9116-B56E5D0CBE0D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DF0E960B-F2E8-4509-9755-7098632737CF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C35F336A-B746-4ADD-B929-016DDC4428A8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EE800D87-F922-4216-9039-C574183148A8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{15C87481-09B7-4A52-85F4-FCF0D2CDC9AB}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-808367516-1742056278-3576212296-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-808367516-1742056278-3576212296-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= End of CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
========= End of CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
Unable to connect to BITS - 0x8007043c
========= End of CMD: =========
========= netsh advfirewall reset =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est ejecutando e intenta la solicitud de nuevo.
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est ejecutando e intenta la solicitud de nuevo.
========= End of CMD: =========
========= netsh int ipv4 reset =========
No hay valores configurados por el usuario para restablecer.
========= End of CMD: =========
========= netsh int ipv6 reset =========
No hay valores configurados por el usuario para restablecer.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 11296768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 141252924 B
Java, Flash, Steam htmlcache => 101700947 B
Windows/system/drivers => 3812018 B
Edge => 3209804 B
Chrome => 391842674 B
Firefox => 31523108 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 12450 B
NetworkService => 0 B
Gustavo Caro => 280608782 B
CDFAccount => 0 B
RecycleBin => 0 B
EmptyTemp: => 920.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 15:04:19 ====
Los programas que estamos utilizando no dañan tu disco duro, estos no son los responsables.
Ahora … si has realizado algo que no te haya indicado por tu cuenta … eso es otra cosa y en tu equipo se ve que utilizas craks, el sistema operativo es legal o también lo tienes pirateado.
No has llegado a poner el reporte de Adwcleaner aunque no te haya detectado nada, aunque creo que cuando abriste el tema ya lo habías utilizado y eliminaste el programa, hubiera sido importante revisarlo por si eliminaste algo que hubiera que recuperar de la cuarentena, al eliminar el programa se borra la cuarentena, mira a ver si tienes el último reporte y lo pones.
Revisa el manual de AfwCleaner sobre todo la parte de “Analizar y Limpiar”
Un saludo
