Wiffi del CPU aparece simbolo de exclamacion y se va conexion

#1

Buenas noches, Hace varios meses tengo este problema con mi PC, se desconecta del Wiffi (aparece un simbolo de exclamacion) y se va la conexion a internet, para volver a tener tengo que poner resolver problemas y aveces se arregla otras tengo que reiniciar el CPU.

Agradecere mucho sus comentarios y ayuda en el tema por favor. Gracias! Saludos!

#2

Buenas @Arturo_Caruzo_Santos bienvenido al Foro.

Lo primero que debemos descartar en tu maquina seria la existencia de infecciones que puedan provocar ese tipo de problemas.

Para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Completo. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del manual :arrow_forward:Historial :arrow_backward: encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer, pulsamos Yes

  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos Javier.

#3

Buenas tardes JavierHF gracias por tu respuesta y disculpa la demora en responder. Adjunto los informes solicitados. Muchas gracias por tu apoyo. Quedo atento a cualquier comentario. Saludos cordiales.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 24/3/19
Hora del análisis: 11:04
Archivo de registro: 7e8b2973-4e4e-11e9-b328-fcaa14466d1b.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.563
Versión del paquete de actualización: 1.0.9800
Licencia: Gratis

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: usuario-PC\usuario

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 267283
Amenazas detectadas: 2
Amenazas en cuarentena: 2
Tiempo transcurrido: 3 min, 57 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 2
PUP.Optional.eShield, C:\USERS\USUARIO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JJFPY66P.DEFAULT\PREFS.JS, Sustituido, [245], [303395],1.0.9800
PUP.Optional.WinYahoo, C:\USERS\USUARIO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JJFPY66P.DEFAULT\PREFS.JS, Sustituido, [236], [342418],1.0.9800

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build:    01-30-2019
# Database: 2019-01-25.2 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    03-24-2019
# Duration: 00:00:09
# OS:       Windows 7 Ultimate
# Scanned:  31769
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [12431 octets] - [16/03/2019 23:55:22]
AdwCleaner[C00].txt - [10700 octets] - [16/03/2019 23:55:43]
AdwCleaner[S01].txt - [1377 octets] - [24/03/2019 11:12:10]
AdwCleaner[C01].txt - [1563 octets] - [24/03/2019 11:12:49]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Ultimate x64 
Ran by usuario (Administrator) on 24/03/2019 at 11:36:53.25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24/03/2019 at 11:38:20.74
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#4

Adjunto el segundo grupo


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by usuario (administrator) on USUARIO-PC (24-03-2019 11:38:44)
Running from C:\Users\usuario\Desktop
Loaded Profiles: usuario (Available Profiles: usuario & Invitado)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ArcSoft, Inc. -> ArcSoft, Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [909696 2010-12-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: E - E:\setup.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {162e76e7-2047-11e7-92a5-fcaa14466d1b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {310e57a8-adec-11e7-94ec-fcaa14466d1b} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {362ca5c7-2379-11e7-ab61-fcaa14466d1b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {502527f9-01ed-11e9-9587-fcaa14466d1b} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {66a29719-bb87-11e7-836a-fcaa14466d1b} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {6b0644cd-d4a7-11e8-b67b-806e6f6e6963} - E:\DisneySplash.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {770a289a-f649-11e8-bac4-fcaa14466d1b} - E:\autorun.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {82b956a9-02b6-11e5-9d6f-806e6f6e6963} - E:\Run.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {977f6621-c8d8-11e8-8e1b-fcaa14466d1b} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {c03655ce-cd30-11e7-b170-fcaa14466d1b} - E:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-07] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> 
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.0 csgob0t.online
Tcpip\Parameters: [DhcpNameServer] 190.113.220.18 190.113.220.51 190.113.220.54
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{5448B8E6-97C5-4B52-B132-814DD3AFADB7}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{5448B8E6-97C5-4B52-B132-814DD3AFADB7}: [DhcpNameServer] 190.113.220.18 190.113.220.51 190.113.220.54
Tcpip\..\Interfaces\{D23EF294-6C79-42D0-A1C0-A60003B972E9}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{D23EF294-6C79-42D0-A1C0-A60003B972E9}: [DhcpNameServer] 190.113.220.18 190.113.220.51 190.113.220.54

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2279528060-2720408392-1095724012-1000 -> DefaultScope {60B8B68B-912E-4AD4-9CCB-CF0B446795BC} URL = 
SearchScopes: HKU\S-1-5-21-2279528060-2720408392-1095724012-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-11-28] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-28] (Oracle America, Inc. -> Oracle Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [File not signed]
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: jjfpy66p.default
FF ProfilePath: C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\jjfpy66p.default [2019-03-24]
FF Homepage: Mozilla\Firefox\Profiles\jjfpy66p.default -> hxxps://www.malwarebytes.org/restorebrowser/s_16_26_wbf_fs_16_15&param1=1&param2=f%3D1%26b%3DFirefox%26cc%3Dpe%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1Qzu0F0C0A0AtCyEyEyCyC0DtC0ByByCtByDtN0D0Tzu0StCyCyEyDtN1L2XzutAtFtBtBtFtAtFtDtN1L1Czu1M1Q1CtByEtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2StD0AyE0CyEyCyDyBtGtCyC0B0FtGtCzyyB0FtGyB0EyCyCtG0FtAtD0EtBtC0DtB0B0DyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0C0DzytDtCzzzytGtDtBzzzztGyE0C0EyDtGzz0CyEtDtGtBtB0EtByB0EtB0DtA0B0Azy2QtN0A0LzuyE%26cr%3D1486652378%26a%3Dhdr_s_16_26_wbf_fs_16_15%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
FF NewTab: Mozilla\Firefox\Profiles\jjfpy66p.default -> hxxps://espanol.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10099_swoc_campaign_160417__yaff
FF Extension: (Avast SafePrice) - C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\jjfpy66p.default\Extensions\[email protected] [2018-12-16] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/sp/update.json]
FF Extension: (Avast Online Security) - C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\jjfpy66p.default\Extensions\[email protected] [2019-01-28]
FF Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\jjfpy66p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-03-13]
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-07] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-07] (Google Inc -> Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-01-31] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default [2019-03-24]
CHR Extension: (Presentaciones) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Documentos) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-03]
CHR Extension: (YouTube) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-03]
CHR Extension: (Second Ave) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\clpombgnlkmijadnpbdegihobnicakie [2017-07-29]
CHR Extension: (Adobe Acrobat) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-01-24]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-03-16]
CHR Extension: (Hojas de cálculo) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-19]
CHR Extension: (Avast Online Security) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-03-16]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-19]
CHR Extension: (Gmail) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-03]
CHR Extension: (Chrome Media Router) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-16]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43072 2012-03-19] (ArcSoft, Inc. -> ArcSoft, Inc.)
R3 Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe [1841344 2017-05-17] (Disc Soft Ltd -> Disc Soft Ltd)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [343016 2018-09-13] (Intel Corporation -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\Windows\System32\DRIVERS\aftap0901.sys [48624 2018-03-06] (AnchorFree Inc -> The OpenVPN Project)
R3 dtproscsibus; C:\Windows\System32\DRIVERS\dtproscsibus.sys [30264 2018-11-02] (Disc Soft Ltd -> Disc Soft Ltd)
S3 gdrv; C:\Windows\gdrv.sys [25640 2018-03-24] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-03-24] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [990864 2012-09-28] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [41560 2018-01-09] (Synaptics Incorporated -> Synaptics Incorporated)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (Duodian Online Technology Co. Ltd. -> BigNox Corporation)
R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [253384 2015-09-15] (Duodian Online Technology Co. Ltd. -> BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-15] (Duodian Online Technology Co. Ltd. -> BigNox Corporation)
U3 aswbdisk; no ImagePath
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-24 11:38 - 2019-03-24 11:39 - 000019412 _____ C:\Users\usuario\Desktop\FRST.txt
2019-03-24 11:38 - 2019-03-24 11:38 - 000000552 _____ C:\Users\usuario\Desktop\JRT.txt
2019-03-24 11:18 - 2019-03-24 11:38 - 000000000 ____D C:\FRST
2019-03-24 11:13 - 2019-03-24 11:13 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-03-24 11:02 - 2019-03-24 11:02 - 000001827 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-03-24 11:02 - 2019-03-24 11:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-03-24 11:02 - 2019-03-24 11:02 - 000000000 ____D C:\Program Files\Malwarebytes
2019-03-24 11:02 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-03-24 11:01 - 2019-03-24 11:01 - 000046422 _____ C:\Users\usuario\Desktop\cc_20190324_110101.reg
2019-03-24 10:57 - 2019-03-24 10:57 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-03-24 10:57 - 2019-03-24 10:57 - 000002816 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-03-24 10:57 - 2019-03-24 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-03-24 10:57 - 2019-03-24 10:57 - 000000000 ____D C:\Program Files\CCleaner
2019-03-24 10:56 - 2019-03-24 10:57 - 000000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-03-24 10:42 - 2019-03-24 10:42 - 002434048 _____ (Farbar) C:\Users\usuario\Downloads\FRST64.exe
2019-03-24 10:42 - 2019-03-24 10:42 - 002434048 _____ (Farbar) C:\Users\usuario\Desktop\FRST64.exe
2019-03-24 10:41 - 2019-03-24 10:41 - 007316688 _____ (Malwarebytes) C:\Users\usuario\Desktop\adwcleaner_7.2.7.0(1).exe
2019-03-24 10:41 - 2019-03-24 10:41 - 001790024 _____ (Malwarebytes) C:\Users\usuario\Downloads\JRT.exe
2019-03-24 10:41 - 2019-03-24 10:41 - 001790024 _____ (Malwarebytes) C:\Users\usuario\Desktop\JRT.exe
2019-03-24 10:40 - 2019-03-24 10:41 - 007316688 _____ (Malwarebytes) C:\Users\usuario\Downloads\adwcleaner_7.2.7.0(1).exe
2019-03-24 10:39 - 2019-03-24 10:34 - 062402408 _____ (Malwarebytes ) C:\Users\usuario\Desktop\mb3-setup-consumer-3.7.1.2839-1.0.563-1.0.9800.exe
2019-03-24 10:33 - 2019-03-24 10:34 - 062402408 _____ (Malwarebytes ) C:\Users\usuario\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.563-1.0.9800.exe
2019-03-24 10:32 - 2019-03-24 10:31 - 021205512 _____ (Piriform Software Ltd) C:\Users\usuario\Desktop\ccsetup555(2).exe
2019-03-24 10:31 - 2019-03-24 10:31 - 021205512 _____ (Piriform Software Ltd) C:\Users\usuario\Downloads\ccsetup555(2).exe
2019-03-24 01:01 - 2019-03-24 11:14 - 000151552 _____ C:\Windows\KMSEmulator.exe
2019-03-18 00:17 - 2019-03-18 00:16 - 000480615 _____ C:\Users\usuario\Desktop\declaraciones-juradas.pdf
2019-03-18 00:16 - 2019-03-18 00:16 - 000480615 _____ C:\Users\usuario\Downloads\declaraciones-juradas.pdf
2019-03-16 23:58 - 2019-03-16 23:58 - 021205512 _____ (Piriform Software Ltd) C:\Users\usuario\Downloads\ccsetup555(1).exe
2019-03-16 23:54 - 2019-03-16 23:54 - 021205512 _____ (Piriform Software Ltd) C:\Users\usuario\Downloads\ccsetup555.exe
2019-03-16 23:53 - 2019-03-16 23:53 - 007316688 _____ (Malwarebytes) C:\Users\usuario\Downloads\adwcleaner_7.2.7.0.exe
2019-03-16 23:35 - 2019-03-16 23:35 - 000000000 ____D C:\Users\usuario\AppData\Local\mbamtray
2019-03-16 23:35 - 2019-03-16 23:35 - 000000000 ____D C:\Users\usuario\AppData\Local\mbam
2019-03-16 23:30 - 2019-03-16 23:30 - 062177776 _____ (Malwarebytes ) C:\Users\usuario\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.538-1.0.9712.exe
2019-03-14 18:46 - 2019-03-14 18:45 - 004702245 _____ C:\Users\usuario\Desktop\ilovepdf_merged(4).pdf
2019-03-14 18:45 - 2019-03-14 18:45 - 004702245 _____ C:\Users\usuario\Downloads\ilovepdf_merged(4).pdf
2019-03-14 18:32 - 2019-03-14 18:32 - 004480579 _____ C:\Users\usuario\Downloads\ilovepdf_extracted-pages.zip
2019-03-14 18:32 - 2019-03-14 18:32 - 001940211 _____ C:\Users\usuario\Downloads\CV-Arturo Caruzo Santos-4.pdf
2019-03-14 18:32 - 2019-03-14 18:32 - 001518199 _____ C:\Users\usuario\Downloads\CV-Arturo Caruzo Santos-13.pdf
2019-03-14 18:32 - 2019-03-14 18:32 - 000568646 _____ C:\Users\usuario\Downloads\CV-Arturo Caruzo Santos-8.pdf
2019-03-14 18:32 - 2019-03-14 18:32 - 000203225 _____ C:\Users\usuario\Downloads\CV-Arturo Caruzo Santos-6.pdf
2019-03-14 18:32 - 2019-03-14 18:32 - 000195330 _____ C:\Users\usuario\Downloads\CV-Arturo Caruzo Santos-7.pdf
2019-03-14 18:32 - 2019-03-14 18:32 - 000172892 _____ C:\Users\usuario\Downloads\CV-Arturo Caruzo Santos-5.pdf
2019-03-14 18:16 - 2019-03-14 18:15 - 000112109 _____ C:\Users\usuario\Desktop\CV_CARUZO_SANTOS.pdf
2019-03-14 18:15 - 2019-03-14 18:15 - 000112109 _____ C:\Users\usuario\Downloads\CV_CARUZO_SANTOS.pdf
2019-03-12 11:28 - 2019-03-12 11:28 - 000000000 ____D C:\Users\usuario\AppData\LocalLow\Konami Digital Entertainment Co., Ltd_
2019-03-12 11:21 - 2019-03-12 11:21 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-03-11 15:00 - 2019-03-11 14:39 - 000030383 _____ C:\Users\usuario\Desktop\contrato-arrendamiento-local-negocio.pdf
2019-03-11 14:39 - 2019-03-11 14:39 - 000030383 _____ C:\Users\usuario\Downloads\contrato-arrendamiento-local-negocio.pdf
2019-03-04 17:52 - 2019-03-04 17:52 - 005887945 _____ C:\Users\usuario\Desktop\CV-Arturo Caruzo Santos.pdf
2019-03-04 17:51 - 2019-03-04 17:52 - 005887945 _____ C:\Users\usuario\Downloads\ilovepdf_merged(3).pdf
2019-03-04 17:35 - 2019-03-04 17:35 - 011612145 _____ C:\Users\usuario\Downloads\ilovepdf_merged(2).pdf
2019-03-04 17:33 - 2019-03-04 17:33 - 000161348 _____ C:\Users\usuario\Downloads\curriculum-Arturo-Caruzo-Santos(2).pdf
2019-03-04 17:33 - 2019-03-04 17:33 - 000161348 _____ C:\Users\usuario\Desktop\curriculum-Arturo-Caruzo-Santos(2).pdf
2019-03-04 17:21 - 2019-03-04 17:22 - 005889795 _____ C:\Users\usuario\Downloads\ilovepdf_merged(1).pdf
2019-03-04 17:17 - 2019-01-29 12:11 - 003792551 _____ C:\Users\usuario\Desktop\002.pdf
2019-03-04 17:16 - 2019-03-04 17:16 - 005889791 _____ C:\Users\usuario\Downloads\ilovepdf_merged.pdf
2019-03-04 17:16 - 2019-03-04 15:02 - 003950069 _____ C:\Users\usuario\Desktop\CV Arturo Caruzo Santos.pdf
2019-03-04 17:14 - 2019-03-04 17:14 - 001941734 _____ C:\Users\usuario\Desktop\001.pdf
2019-03-04 17:12 - 2019-03-04 17:12 - 000000000 ____D C:\Users\usuario\Desktop\2019-03-04
2019-03-04 17:12 - 2019-03-04 17:11 - 002613076 _____ C:\Users\usuario\Desktop\001.tif
2019-03-04 16:15 - 2019-03-04 16:15 - 000000000 ____D C:\Users\usuario\AppData\LocalLow\uTorrent
2019-03-04 14:56 - 2019-03-04 14:56 - 000163443 _____ C:\Users\usuario\Downloads\curriculum-Arturo-Caruzo-Santos(1).pdf
2019-03-04 14:54 - 2019-03-04 14:54 - 000162709 _____ C:\Users\usuario\Downloads\curriculum-Arturo-Caruzo-Santos.pdf
2019-02-24 14:24 - 2019-02-24 16:50 - 4126677001 _____ C:\Users\usuario\Downloads\Spider-Man Into the Spider-Verse (2019) 1080p Latino Line.mkv

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-24 11:27 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2019-03-24 11:21 - 2009-07-13 23:45 - 000026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-03-24 11:21 - 2009-07-13 23:45 - 000026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-03-24 11:16 - 2016-04-17 11:10 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Lavasoft
2019-03-24 11:16 - 2016-04-17 11:10 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2019-03-24 11:14 - 2018-11-24 09:08 - 000002982 _____ C:\Windows\System32\Tasks\AutoKMS
2019-03-24 11:14 - 2018-11-05 14:31 - 000000292 _____ C:\Windows\Tasks\AutoKMS.job
2019-03-24 11:13 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-24 11:02 - 2018-02-17 16:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-03-24 10:52 - 2018-11-18 01:06 - 000000000 ____D C:\Users\usuario\AppData\Local\AVAST Software
2019-03-24 10:52 - 2018-11-18 01:03 - 000000000 ____D C:\ProgramData\AVAST Software
2019-03-24 10:51 - 2017-08-11 08:28 - 000000000 ____D C:\Users\usuario\AppData\LocalLow\Mozilla
2019-03-24 06:18 - 2017-06-25 19:24 - 000000000 ____D C:\Users\usuario\AppData\Roaming\vlc
2019-03-24 01:01 - 2015-05-24 02:59 - 000000000 __SHD C:\Users\usuario\IntelGraphicsProfiles
2019-03-22 10:23 - 2010-11-21 02:09 - 000747718 _____ C:\Windows\system32\perfh00A.dat
2019-03-22 10:23 - 2010-11-21 02:09 - 000159190 _____ C:\Windows\system32\perfc00A.dat
2019-03-22 10:23 - 2009-07-14 00:13 - 001678206 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-21 12:14 - 2018-03-29 07:06 - 000000000 ____D C:\Users\usuario\Desktop\Nueva carpeta
2019-03-20 17:45 - 2018-11-08 21:31 - 000000000 ____D C:\Users\usuario\AppData\Roaming\.minecraft
2019-03-20 16:02 - 2018-04-12 06:31 - 000000000 ____D C:\Users\usuario\Desktop\Nueva carpeta (2)
2019-03-17 00:21 - 2015-05-30 16:08 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-03-17 00:21 - 2015-05-30 16:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-03-17 00:21 - 2015-05-30 16:08 - 000000000 ____D C:\Program Files\WinRAR
2019-03-17 00:00 - 2015-08-16 23:37 - 000000000 ____D C:\Users\usuario\AppData\Roaming\uTorrent
2019-03-16 23:59 - 2018-10-14 12:22 - 000000000 ____D C:\Users\usuario\AppData\Local\CrashDumps
2019-03-16 23:55 - 2015-06-22 22:49 - 000000000 ____D C:\AdwCleaner
2019-03-14 19:11 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF
2019-03-14 18:35 - 2019-02-01 11:29 - 000000000 ____D C:\Users\usuario\Desktop\PDF ARTURO
2019-03-12 11:28 - 2015-08-09 23:23 - 000000000 ____D C:\ProgramData\Package Cache
2019-03-07 16:26 - 2019-01-07 14:01 - 000002182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-04 15:55 - 2016-08-11 22:48 - 000000000 ____D C:\Users\usuario\AppData\Local\Nox
2019-03-04 15:45 - 2016-08-11 22:50 - 000000000 ____D C:\Users\usuario\vmlogs
2019-03-04 15:45 - 2016-08-11 22:50 - 000000000 ____D C:\Users\usuario\.BigNox
2019-03-04 15:45 - 2016-01-26 21:01 - 000000000 ____D C:\Users\usuario\.android
2019-02-27 18:38 - 2015-05-26 20:30 - 000000000 ____D C:\Users\usuario\AppData\Local\ElevatedDiagnostics
2019-02-23 10:48 - 2018-12-17 06:26 - 000000000 ____D C:\Users\usuario\Desktop\Nueva carpeta (3)
2019-02-23 10:37 - 2018-12-17 06:28 - 000000000 ____D C:\Users\usuario\Desktop\Nueva carpeta (4)
2019-02-22 00:25 - 2016-04-17 11:10 - 000000000 ____D C:\Users\usuario\AppData\Local\Lavasoft
2019-02-22 00:25 - 2016-04-17 11:10 - 000000000 ____D C:\ProgramData\Lavasoft

==================== Files in the root of some directories =======

2016-04-17 12:22 - 2019-01-18 21:00 - 000000234 _____ () C:\Users\usuario\AppData\Roaming\WB.CFG
2015-06-02 20:27 - 2016-07-03 21:03 - 000006656 _____ () C:\Users\usuario\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-22 22:26 - 2015-06-22 22:26 - 000000000 _____ () C:\Users\usuario\AppData\Local\Temp.dat
2016-11-02 13:21 - 2016-11-02 13:21 - 000000000 _____ () C:\Users\usuario\AppData\Local\{9C2F17E5-9B60-4399-A556-7FA6BC861477}
2016-10-16 22:56 - 2016-10-16 22:56 - 000000000 _____ () C:\Users\usuario\AppData\Local\{C5ED0689-235A-4D60-B7FD-9F6578FA45A0}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-03-24 00:58

==================== End of FRST.txt ============================
#5

Tercer y ultimo grupo

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by usuario (24-03-2019 11:39:33)
Running from C:\Users\usuario\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2015-05-25 08:24:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2279528060-2720408392-1095724012-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-2279528060-2720408392-1095724012-1003 - Limited - Enabled)
Invitado (S-1-5-21-2279528060-2720408392-1095724012-501 - Limited - Enabled) => C:\Users\Invitado
usuario (S-1-5-21-2279528060-2720408392-1095724012-1000 - Administrator - Enabled) => C:\Users\usuario

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\uTorrent) (Version: 3.5.5.45095 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{BE930E38-7BB3-45B6-85B2-5251F374F844}) (Version: 6.2.2 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20091 - Adobe Systems Incorporated)
Aiseesoft Blu-ray Player 6.5.12 (HKLM-x32\...\{8DE02D37-9263-43f6-A121-88D0E9C08C6B}_is1) (Version: 6.5.12 - Aiseesoft Studio)
ArcSoft Perfect365 (HKLM-x32\...\{5B5E949E-3924-45E3-9229-84E8270BED68}) (Version: 1.8.0.3 - ArcSoft, Inc.)
AVG 2016 (HKLM\...\{EE270421-C142-4677-935E-46E9B32F25FA}) (Version: 16.0.4776 - AVG Technologies) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 8.2.0.0708 - Disc Soft Ltd)
Disney Enredados (HKLM-x32\...\{AEAEA61F-ECE0-4528-AD7A-8A916F5F576E}) (Version: 1.00.0000 - Disney Interactive Studios)
DriversCloud.com (64 bits) (HKLM\...\{A05439B0-F943-46C3-85B6-1C9D02A090E8}) (Version: 10.0.7.0 - Cybelsoft)
Facebook (HKLM-x32\...\{d85544fc-e402-c7a2-a96a-48078edaf203}_is1) (Version: 2.0.701 - Facebook_Webapp)
FormatFactory 4.5.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.5.0.0 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP Photosmart C4700 All-in-One Driver 14.0 Rel. 6 (HKLM\...\{68550918-63B5-4762-85CB-3C160AA4B213}) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{8EF98706-3C4B-4C5B-B035-01187E17D0E6}) (Version: 12.10.49.21 - HP)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.5057 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{557D160E-2085-4D38-BDA3-1D5D3F74A3A4}) (Version: 6.0.4 - Intel Corporation)
Java 8 Update 191 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
MakeMKV v1.14.2 (HKLM-x32\...\MakeMKV) (Version: v1.14.2 - GuinpinSoft inc)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Minecraft 1.8 1.00 (HKLM-x32\...\Minecraft 1.8 1.00) (Version:  - )
MKVToolNix 25.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 25.0.0 - Moritz Bunkus)
Mozilla Firefox 38.0.5 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 es-ES)) (Version: 38.0.5 - Mozilla)
Mozilla Firefox 65.0 (x64 es-ES) (HKLM\...\Mozilla Firefox 65.0 (x64 es-ES)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
Network64 (HKLM\...\{48C0866E-57EB-444C-8371-8E4321066BC3}) (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.7.1.0 - Duodian Technology Co. Ltd.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PicosmosTools 1.4.6.0 (HKLM-x32\...\PicosmosTools) (Version: 1.4.6.0 - Free Time)
Princesas Disney - Reinos Mágicos (HKLM-x32\...\{34647679-5D7E-455C-9DC6-618FA3B7FE1A}) (Version: 1.00.0000 - Disney Interactive Studios)
PS_AIO_06_C4700_SW_Min (HKLM-x32\...\{537DB9D6-1AB1-4CE9-8DE7-312256B49A98}) (Version: 140.0.690.000 - Hewlett-Packard) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 3.1 - Qualcomm Atheros)
Ravensword Shadowlands (HKLM-x32\...\Ravensword Shadowlands_is1) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.80.000 - Hewlett-Packard) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Spotify (HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\Spotify) (Version: 1.0.75.483.g7ff4a0dc - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tiana y el Sapo (HKLM-x32\...\{DE5ECBF6-8A4A-4855-98D0-D6576145EBFF}) (Version: 1.00.0000 - Disney Interactive Studios)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden
VirtualDJ 8 (HKLM-x32\...\{6CA212A6-6CE6-4235-9EA8-4DA53D13C58D}) (Version: 8.2.3523.0 - Atomix Productions)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Windows Driver Package - BigNox Corporation (VBoxUSB) USB  (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System  (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation XQHDrv System  (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2279528060-2720408392-1095724012-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2279528060-2720408392-1095724012-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2279528060-2720408392-1095724012-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2279528060-2720408392-1095724012-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2279528060-2720408392-1095724012-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2279528060-2720408392-1095724012-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2279528060-2720408392-1095724012-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation -> Intel Corporation)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6718864 2011-02-12] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4220304 2011-02-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} =>  -> No File
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_105.dll [2018-11-28] (Free Time) [File not signed]
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} =>  -> No File
ContextMenuHandlers2: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files\DAEMON Tools Pro\DTShl64.dll [2017-05-17] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers3: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files\DAEMON Tools Pro\DTShl64.dll [2017-05-17] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_105.dll [2018-11-28] (Free Time) [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2018-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\Windows\system32\igfxOSP.dll [2018-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} =>  -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08423C38-7379-44B6-BF64-23695887FCD7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {096ECEE8-7C5A-4317-8D78-5C12B61E5D66} - System32\Tasks\{61AED785-C077-4433-84AA-797A78A0D10B} => C:\Windows\system32\pcalua.exe -a C:\Users\usuario\AppData\Local\TNT2\2.0.0.2030\TNT2User.exe -c /UNINSTALL PARTNER=11433
Task: {2331029C-DE98-4639-A5A1-891C1BAC10EB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {362C5394-576B-44A8-AF1A-7FC31AB3CF7D} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe
Task: {4A7A81F2-69CA-4B29-B6CF-1D189980E993} - System32\Tasks\{54B98F12-4842-45D6-BF4C-DA011CCB4EE9} => C:\Windows\system32\pcalua.exe -a C:\Users\usuario\Downloads\vcredist_x64.exe -d C:\Users\usuario\Downloads
Task: {5DAA23C7-9330-4FD1-BA32-E2A8D1069AC3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe (HP Inc. -> HP Inc.)
Task: {94CF4BDE-7412-4FE2-AC24-93209317638B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe (HP Inc. -> HP Inc.)
Task: {BCC85797-D0B9-4CBE-8E8A-DD984101F759} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {CE9E1648-0551-49AE-B93A-ECC89C5B0EAA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D3E257C3-A6E2-4E26-B567-DBF48140CD3C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E0094B59-EF44-40CA-B710-2B1DCFD2A453} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EAB9EB43-E2EA-4947-816B-49791C594FDA} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe () [File not signed]
Task: {F6515305-5E76-47C7-B095-8B10F73EACA8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

Shortcut: C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com

ShortcutWithArgument: C:\Users\usuario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\3de2d4b4eca6efff\Chromium.lnk -> C:\Users\usuario\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2013-08-27 14:32 - 2013-08-27 14:32 - 000747520 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
2009-05-14 16:49 - 2009-05-14 16:49 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2009-05-14 16:49 - 2009-05-14 16:49 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2018-11-28 19:55 - 2018-11-28 19:55 - 000302080 _____ (Free Time) [File not signed] C:\Program Files (x86)\FormatFactory\ShellEx64_105.dll
2017-05-17 03:26 - 2017-05-17 03:26 - 005200576 _____ (Disc Soft Ltd -> Disc Soft Ltd) [File not signed] C:\Program Files\DAEMON Tools Pro\Engine.dll
2019-03-24 11:02 - 2019-03-13 09:22 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-03-24 11:02 - 2019-03-13 09:22 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-03-24 11:02 - 2019-03-13 09:22 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-03-24 11:02 - 2019-03-13 09:22 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-03-24 11:02 - 2019-03-13 09:22 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-03-24 11:02 - 2019-03-13 09:22 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-03-24 11:02 - 2019-03-13 09:22 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-03-24 11:02 - 2019-03-13 09:22 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-03-24 11:02 - 2019-03-13 09:22 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-03-24 11:02 - 2019-03-13 09:22 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-03-24 11:02 - 2019-03-13 09:22 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-03-24 11:02 - 2019-03-13 09:22 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-03-24 11:02 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-03-24 11:02 - 2019-03-13 09:22 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-03-24 11:02 - 2019-03-13 09:22 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-03-24 11:02 - 2019-03-13 09:22 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-03-24 11:02 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-03-24 11:02 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-03-24 11:02 - 2019-03-13 09:22 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2019-01-24 10:52 - 000000858 _____ C:\Windows\system32\drivers\etc\hosts

0.0.0.0 csgob0t.online

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
MSCONFIG\startupreg: AvgUi => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
MSCONFIG\startupreg: Chromium => "c:\users\usuario\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: McAfeeSafeConnect => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
MSCONFIG\startupreg: Picosmos => "C:\Program Files (x86)\PicosmosTools\PicosmosTools.exe" /start
MSCONFIG\startupreg: Plex Media Server => "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => C:\Users\usuario\AppData\Roaming\Spotify\Spotify.exe --autostart
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\usuario\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
MSCONFIG\startupreg: Steam => "D:\Steam\steam.exe" -silent
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{225705C8-8C6C-423A-9884-7250B65667BD}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{119C7D69-757C-4E07-8E57-4BC149D1AFD4}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7D7BF5A7-D0A5-44F9-8AAE-A1047EB3EB37}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F5C6EE54-02AC-4EC6-83F8-77B8DD38BA78}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D0C7AA5A-AE06-4F5E-B6B4-DC17732B0715}C:\programdata\battle.net\agent\agent.1737\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1737\agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{D088C95C-4C6A-4634-B9EA-43DECF8B80ED}C:\programdata\battle.net\agent\agent.1737\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1737\agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{C37C1A5A-E90A-4885-AC64-EFC2D0E1D5D1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{D56C4E20-6954-45D0-8225-E435AD21BFEB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{4AF6D7E9-D68F-4067-A55F-674ABFCC1CE2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{88AF51CD-6AD5-4738-A6A0-46116B44B896}C:\users\usuario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\usuario\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{C67E1EA9-9E7F-4AE6-8781-009889027C51}C:\users\usuario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\usuario\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{354D712A-989B-48D2-8598-D5BCD643EA3D}] => (Allow) C:\Users\usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{8101DE9A-9224-4E9C-A64A-DEFF91D27A50}] => (Allow) C:\Users\usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E41B6326-897C-4CD7-8ABB-14EEEFB2B3AF}] => (Allow) C:\Users\usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{25CD04A4-D03D-4F0E-905F-CBCC52EFA6E7}] => (Allow) C:\Users\usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D4D4A04C-B833-4322-B103-C7A5856C55D3}] => (Allow) C:\Users\usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{05EB1132-9A14-4688-B26C-05148831BFE7}] => (Allow) C:\Users\usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{32C36521-904D-4C0F-BFC2-0FD022C29FE1}D:\warcraft iii\war3.exe] => (Allow) D:\warcraft iii\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [UDP Query User{8C34741C-9209-49CB-BEFF-97F4247E2357}D:\warcraft iii\war3.exe] => (Allow) D:\warcraft iii\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [{5C52E5AA-677C-48D2-A985-546F0CD0C77D}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{50CF44B2-4BFD-42B5-B073-4D5351577887}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{69477A1D-A228-4F1A-868B-61FB750F76C0}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{F9328420-CD99-49E7-8A6B-3890A3B1E3DB}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{BDDF7919-996F-4552-AED9-EC0649D35356}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{462442AF-64F7-4D71-A6AE-A039D77F4E0B}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8ED6EACE-BF01-496A-A913-CC6F1C7B501B}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{85EA0597-FC84-45CB-9CB7-F5FA79F2F31A}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8D602912-E84F-45DA-9CB6-7AC7406DD605}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{F67ADBD9-C355-4FF4-B1ED-8CDC3201DC6B}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{35C3100B-9EB5-4CE9-B101-F4B2E4D72868}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{B259D20B-ACEC-4514-ACA8-899906CAC1EE}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{7F49A969-4074-49E7-80EE-6CA4600F7992}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{13BADD8E-0B5B-4F17-8975-ED042137B68D}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{0B101C37-334F-469E-9833-774CAF3AF028}] => (Allow) C:\Users\usuario\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed]
FirewallRules: [{D6046891-A0E0-4051-B752-ED771812DAB4}] => (Allow) C:\Users\usuario\AppData\Roaming\Nox\bin\Nox.exe (Duodian Online Technology Co. Ltd. -> Duodian Technology Co. Ltd.)
FirewallRules: [{56E8A20C-8082-44BF-B2CE-A29BDDB98A63}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe (Valve -> )
FirewallRules: [{734517B6-1ED2-4DE1-9926-E38C04418C36}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe (Valve -> )
FirewallRules: [{1D6C0919-E151-4787-9F24-71A7781CE24D}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{EC64BB72-65A6-43F3-A34D-A79C8FED0BF0}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{AD748BF4-E684-42F7-9944-595FCE7F8E92}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{64651A07-906E-4D83-8D80-3F57355A6F77}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{271BA07A-7B38-4B5D-9EDD-0A6163C8EB45}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{1CAFB766-0633-4AA6-A449-100907EE62FC}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{4AC5A16C-8B19-46F5-930B-5DB5DB13CD82}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{04A22C03-A51F-45DB-BF2A-48D3B0D71E5F}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{E305E256-57B3-44CC-88D5-F6C8B7766EE6}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{1E20430F-9708-4CFA-9F38-9EFEF80DCA8C}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{818DF8C2-48C0-4D0D-97A8-22CE3D2432A8}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{78F6FC1F-AB88-474E-9638-849973613A08}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{8D683B4F-E814-4836-A453-C17C7DD1482F}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{8AB5978F-B2A9-47A0-878D-EE9AD0656A23}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{7F2C9535-E800-4711-8A8E-2D4074519BDC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{73C115F6-C5E3-4BBD-A253-FE128CFC1DEF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E720E896-C197-4AF1-B88B-534F5ECDD0D4}] => (Allow) C:\Windows\SysWOW64\TCPSVCS.EXE (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{33F275E1-407A-46C4-9219-03D0A8520A0A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{D42EB57F-5267-4448-8D1C-0DECE5C65F03}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{79FFCEFB-0368-4C42-AFE6-9C8FC908D00A}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [{EA17A321-9A1C-4E7C-81A4-29E248CD6857}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [TCP Query User{AEEE7044-AD71-4CA4-9E18-89A4E5C8CEBA}C:\program files\java\jre1.8.0_191\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_191\bin\javaw.exe
FirewallRules: [UDP Query User{E746CB62-A544-416D-B86A-E5D74D1DE71E}C:\program files\java\jre1.8.0_191\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_191\bin\javaw.exe
FirewallRules: [{32558EFB-DFF1-4345-8DF0-082FC2382279}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{AA6D72C3-3C37-4FC5-ADBB-918F0E7A21D5}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [TCP Query User{C13C36DF-169D-4A15-AC38-492D1369F38D}C:\program files\java\jre1.8.0_191\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_191\bin\javaw.exe
FirewallRules: [UDP Query User{E4F50970-18EE-44FE-93F5-ABAEEB3171D0}C:\program files\java\jre1.8.0_191\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_191\bin\javaw.exe
FirewallRules: [{EC4B7614-81CC-4B07-8E07-A7F240A63E70}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{FB935E4C-F665-47B9-8D88-E589ED8BBC57}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{976AFFC4-FB78-46D9-8577-B6051F10BAA6}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{55A0CFBF-904A-47BA-86B9-7C36F5E9CEA5}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{123AA0D8-1E78-484D-AF8E-0C87D435FE7C}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{FD5E8E4E-93BA-4EDE-808B-6674A4EA3C09}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{69FBBA74-BEE3-4FD1-9B50-D39A7020C1AD}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{0916B53E-E455-439A-92BC-AC32D89921A6}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{687E346D-93F6-4A08-A011-09F816A3AAB7}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C5845F6C-DEAB-4059-873B-A33F3C1C9140}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{B08B5591-4101-4BB4-9508-6981E8CB1497}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C5056AF7-92EC-4726-9338-E47E80F47FEB}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{BEBF1AE9-974B-4209-BDBD-5D4EA193BF94}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{40DFDB89-45C8-4C6A-8795-67F70D48CFCE}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E0B998F9-BA33-461A-93E0-A49BBC4C3C1A}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C1C27A17-8504-4653-96A3-3625CD954649}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6F23AB96-0A29-4056-89F6-CACE80790D60}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{1433A09D-1842-422B-8848-8722F213A40A}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{0A3D07D9-0562-4B8E-85AC-DB92377A0504}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{5ECFA570-1F22-46A4-BFB3-904B9AA0F194}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{D7FC2DB8-5A0E-4651-9DAB-B22B08059744}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{35281C9A-87A9-47BD-9B60-47786FEA57C8}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{9BDD4B41-1114-4B70-A9BF-A9230AAD9436}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{5A364FB3-BDD3-4D82-8218-75C3CE3BC784}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{E0554F3C-279B-48BA-9274-E85F01BC9549}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{1D3E55F1-A1BA-42EC-A989-922A2E9F13E5}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{1C7CEB3C-7CE9-4FBC-A2F7-59B5055FF39A}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{4EBC04F1-863F-4A23-9FEE-3842CBEA4049}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{791722C0-7670-400D-8AAE-17EE7DD07F53}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6FE247D6-521B-4AE6-8CA7-7B6B96AF4B46}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{10BF7271-CCEF-4FA5-ABAC-2637B50F6F84}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{556F1B46-E8BE-4557-8949-6F9A4B392DAE}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{A1816CA3-4C88-4F7E-9EE0-BCA0B9AE2F77}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{9AF1EB33-26A6-4984-8CB2-2CBC1DB11D82}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{766CE976-D071-4919-AC5F-BC8F145274C5}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{E8F6E9EB-9305-4C60-ABFD-BF74BF4D04E1}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{758F27C5-8236-4CA5-A4DB-3E44AF8C8BEB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{1E4928F5-F4FE-4D17-A3A3-5DA0EA728DCB}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6EA0C902-437D-44B9-A2A7-DE31D5E9FFB6}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{0788B982-EE26-4B1C-9BE9-30DC6CB71ED1}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{DFFB2A74-66B0-4BA0-8741-E0A80E9C4DF7}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{B5093DCD-9AF7-41C4-B09B-A89C4EE1E6B1}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6502CF4D-B541-41EC-84C3-D8BC92AD652A}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{375751CD-393A-4724-BAD7-1309B84335F5}] => (Allow) D:\Steam\steamapps\common\Yu-Gi-Oh! Duel Links\dlpc.exe () [File not signed]
FirewallRules: [{E484F072-8B00-48AB-833D-9CA7E08ED3AF}] => (Allow) D:\Steam\steamapps\common\Yu-Gi-Oh! Duel Links\dlpc.exe () [File not signed]
FirewallRules: [{07FE198E-7AF3-4B01-B14B-B5002A5BAA0A}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{DA163645-2447-4263-BD96-5EDD69DE5775}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )

==================== Restore Points =========================

11-03-2019 06:56:21 Windows Update
12-03-2019 11:27:49 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
12-03-2019 11:28:13 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
21-03-2019 13:20:24 Punto de control programado
24-03-2019 10:58:03 JRT Pre-Junkware Removal
24-03-2019 11:15:32 JRT Pre-Junkware Removal
24-03-2019 11:36:53 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/24/2019 11:15:57 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.

Error: (03/24/2019 11:15:57 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.

Error: (03/24/2019 11:15:57 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.

Error: (03/24/2019 11:15:57 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.

Error: (03/24/2019 11:15:57 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.

Error: (03/24/2019 11:13:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (03/24/2019 10:54:52 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.

Error: (03/24/2019 10:54:52 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.


System errors:
=============
Error: (03/24/2019 11:13:37 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
cdrom

Error: (03/24/2019 11:12:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (03/24/2019 11:12:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) HD Graphics Control Panel Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (03/24/2019 11:12:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Office Software Protection Platform se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (03/24/2019 11:12:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Presentation Foundation Font Cache 3.0.0.0 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

Error: (03/24/2019 11:12:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Dynamic Application Loader Host Interface Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (03/24/2019 11:12:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Disc Soft Pro Bus Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (03/24/2019 11:12:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio MSCamSvc se terminó de manera inesperada. Esto ha sucedido 1 veces.


Windows Defender:
===================================
Date: 2018-01-04 07:21:19.274
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{A83C0B3B-887E-434E-A4E3-225677ADA0B5}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2018-01-03 12:15:37.777
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{33EA3B92-1F54-47AA-B1E8-032BE1B95651}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2018-01-02 07:19:27.414
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{17B227BD-0303-4F70-8F9B-FB467CD3EF32}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2017-10-30 10:07:58.192
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{40533B4F-0CE8-45D4-AB59-F03A8C91A131}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2017-04-02 09:38:27.368
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{A57E87E6-66A0-4F93-8FAC-F5C38A07C978}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2018-07-07 20:17:27.493
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:1.271.645.0
Versión de firma anterior:1.261.1644.0
Origen de actualización:Usuario
Tipo de firma:AntiSpyware
Tipo de actualización:Diferencia
Usuario:NT AUTHORITY\SYSTEM
Versión de motor actual:1.1.15000.2
Versión de motor anterior:1.1.14500.5
Código de error:0x80070666
Descripción de error:Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. 

Date: 2018-07-07 20:17:27.485
Description: 
Windows Defender encontró un error al intentar actualizar el motor.
Nueva versión de motor:1.1.15000.2
Versión de motor anterior:1.1.14500.5
Origen de actualización:Usuario
Usuario:NT AUTHORITY\SYSTEM
Código de error:0x80070666
Descripción de error:Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. 

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz
Percentage of memory in use: 95%
Total physical RAM: 3995.73 MB
Available physical RAM: 179.85 MB
Total Virtual: 7989.67 MB
Available Virtual: 3710.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:439.36 GB) (Free:321.08 GB) NTFS
Drive d: () (Fixed) (Total:492.06 GB) (Free:275.38 GB) NTFS

\\?\Volume{82b956a4-02b6-11e5-9d6f-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: E6C8E6C8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=439.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=492.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
#6

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} => -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} => -> No File
Task: {08423C38-7379-44B6-BF64-23695887FCD7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {096ECEE8-7C5A-4317-8D78-5C12B61E5D66} - System32\Tasks\{61AED785-C077-4433-84AA-797A78A0D10B} => C:\Windows\system32\pcalua.exe -a C:\Users\usuario\AppData\Local\TNT2\2.0.0.2030\TNT2User.exe -c /UNINSTALL PARTNER=11433
Task: {4A7A81F2-69CA-4B29-B6CF-1D189980E993} - System32\Tasks\{54B98F12-4842-45D6-BF4C-DA011CCB4EE9} => C:\Windows\system32\pcalua.exe -a C:\Users\usuario\Downloads\vcredist_x64.exe -d C:\Users\usuario\Downloads
Task: {BCC85797-D0B9-4CBE-8E8A-DD984101F759} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: E - E:\setup.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {162e76e7-2047-11e7-92a5-fcaa14466d1b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {310e57a8-adec-11e7-94ec-fcaa14466d1b} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {362ca5c7-2379-11e7-ab61-fcaa14466d1b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {502527f9-01ed-11e9-9587-fcaa14466d1b} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {66a29719-bb87-11e7-836a-fcaa14466d1b} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {6b0644cd-d4a7-11e8-b67b-806e6f6e6963} - E:\DisneySplash.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {770a289a-f649-11e8-bac4-fcaa14466d1b} - E:\autorun.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {82b956a9-02b6-11e5-9d6f-806e6f6e6963} - E:\Run.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {977f6621-c8d8-11e8-8e1b-fcaa14466d1b} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {c03655ce-cd30-11e7-b170-fcaa14466d1b} - E:\HiSuiteDownLoader.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2279528060-2720408392-1095724012-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
FF Extension: (Avast SafePrice) - C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\jjfpy66p.default\Extensions\[email protected] [2018-12-16] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/sp/update.json]
FF Extension: (Avast Online Security) - C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\jjfpy66p.default\Extensions\[email protected] [2019-01-28]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-03-16]
CHR Extension: (Avast Online Security) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-03-16]
U3 aswbdisk; no ImagePath
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2016-04-17 12:22 - 2019-01-18 21:00 - 000000234 _____ () C:\Users\usuario\AppData\Roaming\WB.CFG
2015-06-02 20:27 - 2016-07-03 21:03 - 000006656 _____ () C:\Users\usuario\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-22 22:26 - 2015-06-22 22:26 - 000000000 _____ () C:\Users\usuario\AppData\Local\Temp.dat
2016-11-02 13:21 - 2016-11-02 13:21 - 000000000 _____ () C:\Users\usuario\AppData\Local\{9C2F17E5-9B60-4399-A556-7FA6BC861477}
2016-10-16 22:56 - 2016-10-16 22:56 - 000000000 _____ () C:\Users\usuario\AppData\Local\{C5ED0689-235A-4D60-B7FD-9F6578FA45A0}
2019-03-24 11:16 - 2016-04-17 11:10 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Lavasoft
2019-03-24 11:16 - 2016-04-17 11:10 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2019-02-22 00:25 - 2016-04-17 11:10 - 000000000 ____D C:\Users\usuario\AppData\Local\Lavasoft
2019-02-22 00:25 - 2016-04-17 11:10 - 000000000 ____D C:\ProgramData\Lavasoft
2019-03-24 10:52 - 2018-11-18 01:06 - 000000000 ____D C:\Users\usuario\AppData\Local\AVAST Software
2019-03-24 10:52 - 2018-11-18 01:03 - 000000000 ____D C:\ProgramData\AVAST Software
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora inicia tu equipo desde el :arrow_forward: Modo Seguro – con funciones de Red, de Windows

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

#7

Hola, muchas gracias por todo! Ya se arreglo el problema. Gracias!!!

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by usuario (25-03-2019 21:43:34) Run:1
Running from C:\Users\usuario\Desktop
Loaded Profiles: usuario (Available Profiles: usuario & Invitado)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} => -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} => -> No File
Task: {08423C38-7379-44B6-BF64-23695887FCD7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {096ECEE8-7C5A-4317-8D78-5C12B61E5D66} - System32\Tasks\{61AED785-C077-4433-84AA-797A78A0D10B} => C:\Windows\system32\pcalua.exe -a C:\Users\usuario\AppData\Local\TNT2\2.0.0.2030\TNT2User.exe -c /UNINSTALL PARTNER=11433
Task: {4A7A81F2-69CA-4B29-B6CF-1D189980E993} - System32\Tasks\{54B98F12-4842-45D6-BF4C-DA011CCB4EE9} => C:\Windows\system32\pcalua.exe -a C:\Users\usuario\Downloads\vcredist_x64.exe -d C:\Users\usuario\Downloads
Task: {BCC85797-D0B9-4CBE-8E8A-DD984101F759} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: E - E:\setup.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {162e76e7-2047-11e7-92a5-fcaa14466d1b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {310e57a8-adec-11e7-94ec-fcaa14466d1b} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {362ca5c7-2379-11e7-ab61-fcaa14466d1b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {502527f9-01ed-11e9-9587-fcaa14466d1b} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {66a29719-bb87-11e7-836a-fcaa14466d1b} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {6b0644cd-d4a7-11e8-b67b-806e6f6e6963} - E:\DisneySplash.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {770a289a-f649-11e8-bac4-fcaa14466d1b} - E:\autorun.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {82b956a9-02b6-11e5-9d6f-806e6f6e6963} - E:\Run.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {977f6621-c8d8-11e8-8e1b-fcaa14466d1b} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\...\MountPoints2: {c03655ce-cd30-11e7-b170-fcaa14466d1b} - E:\HiSuiteDownLoader.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2279528060-2720408392-1095724012-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
FF Extension: (Avast SafePrice) - C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\jjfpy66p.default\Extensions\[email protected] [2018-12-16] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/sp/update.json]
FF Extension: (Avast Online Security) - C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\jjfpy66p.default\Extensions\[email protected] [2019-01-28]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-03-16]
CHR Extension: (Avast Online Security) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-03-16]
U3 aswbdisk; no ImagePath
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2016-04-17 12:22 - 2019-01-18 21:00 - 000000234 _____ () C:\Users\usuario\AppData\Roaming\WB.CFG
2015-06-02 20:27 - 2016-07-03 21:03 - 000006656 _____ () C:\Users\usuario\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-22 22:26 - 2015-06-22 22:26 - 000000000 _____ () C:\Users\usuario\AppData\Local\Temp.dat
2016-11-02 13:21 - 2016-11-02 13:21 - 000000000 _____ () C:\Users\usuario\AppData\Local\{9C2F17E5-9B60-4399-A556-7FA6BC861477}
2016-10-16 22:56 - 2016-10-16 22:56 - 000000000 _____ () C:\Users\usuario\AppData\Local\{C5ED0689-235A-4D60-B7FD-9F6578FA45A0}
2019-03-24 11:16 - 2016-04-17 11:10 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Lavasoft
2019-03-24 11:16 - 2016-04-17 11:10 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2019-02-22 00:25 - 2016-04-17 11:10 - 000000000 ____D C:\Users\usuario\AppData\Local\Lavasoft
2019-02-22 00:25 - 2016-04-17 11:10 - 000000000 ____D C:\ProgramData\Lavasoft
2019-03-24 10:52 - 2018-11-18 01:06 - 000000000 ____D C:\Users\usuario\AppData\Local\AVAST Software
2019-03-24 10:52 - 2018-11-18 01:03 - 000000000 ____D C:\ProgramData\AVAST Software
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Atheros => removed successfully
HKLM\Software\Classes\CLSID\{B8952421-0E55-400B-94A6-FA858FC0A39F} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\_Movavivc11 => removed successfully
HKLM\Software\Classes\CLSID\{1C604495-4D32-476e-8D7E-FBF50F6C80BF} => not found
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\###MegaContextMenuExt => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\_Movavivc11 => removed successfully
HKLM\Software\Classes\CLSID\{1C604495-4D32-476e-8D7E-FBF50F6C80BF} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{08423C38-7379-44B6-BF64-23695887FCD7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08423C38-7379-44B6-BF64-23695887FCD7}" => removed successfully
C:\Windows\System32\Tasks\Avast Software\Overseer => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{096ECEE8-7C5A-4317-8D78-5C12B61E5D66}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{096ECEE8-7C5A-4317-8D78-5C12B61E5D66}" => removed successfully
C:\Windows\System32\Tasks\{61AED785-C077-4433-84AA-797A78A0D10B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{61AED785-C077-4433-84AA-797A78A0D10B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4A7A81F2-69CA-4B29-B6CF-1D189980E993}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A7A81F2-69CA-4B29-B6CF-1D189980E993}" => removed successfully
C:\Windows\System32\Tasks\{54B98F12-4842-45D6-BF4C-DA011CCB4EE9} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{54B98F12-4842-45D6-BF4C-DA011CCB4EE9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BCC85797-D0B9-4CBE-8E8A-DD984101F759}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCC85797-D0B9-4CBE-8E8A-DD984101F759}" => removed successfully
C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGPCTuneUp_Task_BkGndMaintenance" => removed successfully
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => removed successfully
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{162e76e7-2047-11e7-92a5-fcaa14466d1b} => removed successfully
HKLM\Software\Classes\CLSID\{162e76e7-2047-11e7-92a5-fcaa14466d1b} => not found
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{310e57a8-adec-11e7-94ec-fcaa14466d1b} => removed successfully
HKLM\Software\Classes\CLSID\{310e57a8-adec-11e7-94ec-fcaa14466d1b} => not found
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{362ca5c7-2379-11e7-ab61-fcaa14466d1b} => removed successfully
HKLM\Software\Classes\CLSID\{362ca5c7-2379-11e7-ab61-fcaa14466d1b} => not found
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{502527f9-01ed-11e9-9587-fcaa14466d1b} => removed successfully
HKLM\Software\Classes\CLSID\{502527f9-01ed-11e9-9587-fcaa14466d1b} => not found
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{66a29719-bb87-11e7-836a-fcaa14466d1b} => removed successfully
HKLM\Software\Classes\CLSID\{66a29719-bb87-11e7-836a-fcaa14466d1b} => not found
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6b0644cd-d4a7-11e8-b67b-806e6f6e6963} => removed successfully
HKLM\Software\Classes\CLSID\{6b0644cd-d4a7-11e8-b67b-806e6f6e6963} => not found
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{770a289a-f649-11e8-bac4-fcaa14466d1b} => removed successfully
HKLM\Software\Classes\CLSID\{770a289a-f649-11e8-bac4-fcaa14466d1b} => not found
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82b956a9-02b6-11e5-9d6f-806e6f6e6963} => removed successfully
HKLM\Software\Classes\CLSID\{82b956a9-02b6-11e5-9d6f-806e6f6e6963} => not found
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{977f6621-c8d8-11e8-8e1b-fcaa14466d1b} => removed successfully
HKLM\Software\Classes\CLSID\{977f6621-c8d8-11e8-8e1b-fcaa14466d1b} => not found
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c03655ce-cd30-11e7-b170-fcaa14466d1b} => removed successfully
HKLM\Software\Classes\CLSID\{c03655ce-cd30-11e7-b170-fcaa14466d1b} => not found
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => removed successfully
HKLM\Software\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => not found
C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\jjfpy66p.default\Extensions\[email protected] => moved successfully
C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\jjfpy66p.default\Extensions\[email protected] => path removed successfully
C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\jjfpy66p.default\Extensions\[email protected] => moved successfully
C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\jjfpy66p.default\Extensions\[email protected] => path removed successfully
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-03-16] => Error: No automatic fix found for this entry.
CHR Extension: (Avast Online Security) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-03-16] => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully
aswbdisk => service removed successfully
HKLM\System\CurrentControlSet\Services\BTATH_BUS => removed successfully
BTATH_BUS => service removed successfully
HKLM\System\CurrentControlSet\Services\VGPU => removed successfully
VGPU => service removed successfully
C:\Users\usuario\AppData\Roaming\WB.CFG => moved successfully
C:\Users\usuario\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Users\usuario\AppData\Local\Temp.dat => moved successfully
C:\Users\usuario\AppData\Local\{9C2F17E5-9B60-4399-A556-7FA6BC861477} => moved successfully
C:\Users\usuario\AppData\Local\{C5ED0689-235A-4D60-B7FD-9F6578FA45A0} => moved successfully
C:\Users\usuario\AppData\Roaming\Lavasoft => moved successfully
C:\Program Files (x86)\Lavasoft => moved successfully
C:\Users\usuario\AppData\Local\Lavasoft => moved successfully
C:\ProgramData\Lavasoft => moved successfully
C:\Users\usuario\AppData\Local\AVAST Software => moved successfully
C:\ProgramData\AVAST Software => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2279528060-2720408392-1095724012-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de red inal mbrica 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local mientras los medios
est‚n desconectados.

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv6 . . . . . . . . . . : 2800:200:e800:255b::1
   Direcci¢n IPv6 . . . . . . . . . . : 2800:200:e800:255b:493c:5b2:15b1:c2e6
   Direcci¢n IPv6 temporal. . . . . . : 2800:200:e800:255b:84b6:ce43:7824:7a83
   V¡nculo: direcci¢n IPv6 local. . . : fe80::493c:5b2:15b1:c2e6%12
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.10
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : fe80::4a83:c7ff:feb8:ac08%12
                                       192.168.0.1

Adaptador de Ethernet Conexi¢n de  rea local:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Conexi¢n de  rea local* 9:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Teredo Tunneling Pseudo-Interface:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{D23EF294-6C79-42D0-A1C0-A60003B972E9}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{1F3BE8E9-18A8-4776-BB52-1DA6936065FF}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 4194304 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 26882615 B
Java, Flash, Steam htmlcache => 388678634 B
Windows/system/drivers => 2594155 B
Edge => 0 B
Chrome => 237399 B
Firefox => 845933009 B
Opera => 929792 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 58392 B
Public => 0 B
ProgramData => 0 B
systemprofile => 203084 B
systemprofile32 => 84910 B
LocalService => 132244 B
NetworkService => 43842251 B
usuario => 16151604 B
Invitado => 153412 B

RecycleBin => 143348 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:45:50 ====
#8

Perfecto @Arturo_Caruzo_Santos :+1: excelente, nos alegra ver que ya está el problema inicial completamente arreglado, ahora solo queda eliminar las herramientas usadas.

Para hacerlo descarga :arrow_forward: DelFix.exe en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador -).

  • Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.


Para cualquier otro problema, no dudes en volver a postear., ya sabes dónde estamos. :+1:

Tema Solucionado.

Saludos, Javier.

cerrado #9