Windows 7: Problemas con el escritorio

Hola!, hago esta consulta urguente. Hoy encendí mi notebook como siempre y luego que apareciera el logo de Windows, no podía seguir porque me aparecía el siguiente mensaje "Windows no se puede conectar al servicio cliente de directiva de grupo. Acceso denegado". Este problema pude solucionarlo, pero al reiniciar la Pc, el fondo de escritorio está negro, no puedo cambiar el tema (está con el tema clásico), y tampoco puedo crear archivos nuevos en el escritorio al presionar con el botón derecho, en la opción Nuevo dice Vacio

Pd: me olvidé de aclarar que ya analicé la pc con Malwarebytes y CCleaner

Espero su ayuda. Saludos!

Hola @Jimena_Pedraza

Para tratar de ayudarte:

  • Cual es tu Sistema Operativo?
  • Es original?
  • Marca y Modelo de tu equipo?
  • instalaste algo antes del problema?

Nos comentas.

Salu2

1 me gusta

Hola!, gracias por responderme. Es Windows 7 original, la notebook es Dell, ahora mismo no recuerdo el modelo. Volví a analizar con el Malwarebytes y me detecto el siguiente malwarw adware.elex.shrtcln, el día anterior había instalado un programa, que luego desinstalé. Esto será el causante de los problemas en el escritorio que mencione al comienzo?

Hola

Es probable. Que programa fue?

Pega el reporte de Malwarebytes.

Salu2

Volví a analizar la notebook con AdwCleaner, y ya no se detectaron elementos, dejo el último reporte. Creo que habría que arreglar algo del registro

# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build:    09-05-2019
# Database: 2019-09-17.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    09-18-2019
# Duration: 00:00:33
# OS:       Windows 7 Ultimate
# Cleaned:  32
# Failed:   0


***** [ Services ] *****

Deleted       scan

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\PARETOLOGIC
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted       C:\ProgramData\PARETOLOGIC
Deleted       C:\Users\Pedraza\AppData\Local\PASSWORDLOGICTOOLTAB
Deleted       C:\Users\Pedraza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PARETOLOGIC
Deleted       C:\Users\Pedraza\AppData\Roaming\PARETOLOGIC
Deleted       C:\Users\Pedraza\AppData\Roaming\RHEng
Deleted       C:\Windows\Installer\{773A8CA8-3876-4AA1-AB78-EECA231BFF3A}
Deleted       C:\extensions

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending
Deleted       HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
Deleted       HKLM\Software\Classes\CLSID\{4ABDD67C-44E3-42E0-816D-D7F0E54761DF}
Deleted       HKLM\Software\Classes\CLSID\{65416821-217D-44BD-9C61-F53398FB1B46}
Deleted       HKLM\Software\Classes\CLSID\{6DFC0DC7-FDC5-44C2-8B80-5977BA8F8ACC}
Deleted       HKLM\Software\Classes\CLSID\{94915A56-4D71-4F85-B59C-CC040F5AC6F0}
Deleted       HKLM\Software\Classes\CLSID\{E5AFF088-92F8-41a9-8CAB-E9CDCCE967AC}
Deleted       HKLM\Software\Classes\Interface\{4ABDD67C-44E3-42E0-816D-D7F0E54761DF}
Deleted       HKLM\Software\Classes\Interface\{65416821-217D-44BD-9C61-F53398FB1B46}
Deleted       HKLM\Software\Classes\TypeLib\{34F4FEAF-4921-4B5D-8BE5-CA384BFFC2CE}
Deleted       HKLM\Software\Classes\TypeLib\{39A37965-0A96-43A3-870E-821FE5C84B0B}
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted       HKLM\Software\Wow6432Node\ParetoLogic
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{82184935-B894-4AB2-8590-603BA7D74B71}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{4ABDD67C-44E3-42E0-816D-D7F0E54761DF}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{65416821-217D-44BD-9C61-F53398FB1B46}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{34F4FEAF-4921-4B5D-8BE5-CA384BFFC2CE}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{39A37965-0A96-43A3-870E-821FE5C84B0B}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced
Deleted       HKLM\Software\Wow6432Node\{E6276374-DE18-4AA5-A365-9016A2F98A2D}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [25219 octets] - [18/09/2019 00:41:00]
AdwCleaner[S00].txt - [4489 octets] - [18/09/2019 00:42:38]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########````

Hola @Jimena_Pedraza

Aun no respondiste que programa fue el que desinstalaste.

Había varias infecciones en tu equipo, realiza lo siguiente respetando el orden de los pasos:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga, instala y/o actualiza a las siguientes herramientas:

3.- Ejecutas respetando el orden los pasos con todos los programas cerrados incluido los navegadores

CCleaner

Usando su opción Limpiador de acuerdo su Manual:

  • Para borrar Cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.
  • Cuando lo instales destilda las casillas para no permitir la instalación de CcleanerBrowser.
  • NO necesitamos este reporte

AdwCleaner

Lo ejecutas.

  • Pulsa en el botón Escanear y espera a que se realice el proceso. Luego pulsa sobre el botón Limpiar.
  • Espera a que se complete. Si te pidiera reiniciar el sistema Aceptas.
  • Guarda el reporte que le aparecerá para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también puede encontrarse en “C:\AdwCleaner\AdwCleaner.txt”

ZHPCleaner

  • Siguiendo su manual, lo instalas y ejecutas. Cuando termine, elimina todo lo que encuentre.

Malwarebytes

  • No olvides actualizarlo.
  • Lee detenidamente su Manual
  • Realiza un Análisis Personalizado marcando todas las unidades
  • Pulsa en “Eliminar Seleccionados” para enviar lo encontrado a la cuarentena.
  • Reinicias el Sistema.
  • En el apartado del manual “Historial” >> Registros de Aplicación >> Scan Log/Registro de Análisis encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta.

4.- Nota Importante:

En tu próxima respuesta debes pegar los reportes de AdwCleaner , ZHPCleaner y Malwarebytes.

Guía: [size=2]¿Como Pegar reportes en el Foro?[/size]

Nos comentas.

Salu2

Yo empezaría por el principio: Equipo - Administrar - Servicios y Aplicaciones - Servicios y vería en que estado se encuentra el servicio “Cliente directiva de grupo”. Debe estar Iniciado y en Automático. Si no es así, cambia los parámetros para que sea ese su estado. Luego prueba el PC. A mi me ocurrió algo parecido y lo pude arreglar de esta forma. Suerte.

Hola @SanMar, gracias por responder, no recuerdo exactamente el nombre del programa, pero te puedo decir que era un Root de Android, ya que buscaba un programa para recuperar conversaciones viejas de Whatsapp. Gracias por tu ayuda, en cuanto tenga los reportes los publico, perdón por la demora de mi respuesta

Hola @Jimena_Pedraza

Por acá te esperamos :coffee:

Salu2

@SanMar te dejo los informes!:

~ ZHPCleaner v2019.9.25.142 by Nicolas Coolman (2019/09/25)
~ Run by Pedraza (Administrator)  (25/09/2019 15:35:51)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Scanner
~ Report : C:\Users\Pedraza\Desktop\ZHPCleaner (S).txt
~ Quarantine : C:\Users\Pedraza\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : 
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)


---\\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Navegadores de Internet (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Archivo hosts (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Explorador ( Archivos, Carpetas ) (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Registro ( Claves, Valores, Datos) (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\ Resultado de la reparación.
~ ninguna reparación hecha


---\\ STATISTIQUES
~ Items escaneado : 0
~ Items encontrado : 0
~ artículos cancelados : 0
~ Items opciones : 0/13
~ Ahorro de espacio (bytes) : 0


~ End of search in 00h00mn00s

---\\  Reporte (0)
ZHPCleaner-[S]-25092019-15_35_51.txt


Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 26/9/19
Hora del análisis: 11:25
Archivo de registro: 78d96c8e-e069-11e9-8390-001c233e7c8b.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.625
Versión del paquete de actualización: 1.0.12657
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: Pedraza-PC\Pedraza

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 495722
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 11 hr, 35 min, 45 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)




# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build:    09-05-2019
# Database: 2019-09-23.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    09-25-2019
# Duration: 00:01:59
# OS:       Windows 7 Ultimate
# Scanned:  35648
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner_Debug.log - [67108 octets] - [18/09/2019 00:41:00]
AdwCleaner[S00].txt - [4489 octets] - [18/09/2019 00:42:38]
AdwCleaner[C00].txt - [4095 octets] - [18/09/2019 00:43:50]
AdwCleaner[S01].txt - [1514 octets] - [18/09/2019 12:44:00]
AdwCleaner[S02].txt - [1575 octets] - [18/09/2019 15:53:57]
AdwCleaner[S03].txt - [1636 octets] - [19/09/2019 19:16:05]
AdwCleaner[S04].txt - [1697 octets] - [19/09/2019 19:18:44]
AdwCleaner[C04].txt - [1885 octets] - [19/09/2019 19:19:30]
AdwCleaner[S05].txt - [1819 octets] - [24/09/2019 20:55:50]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S06].txt ##########

Hola @Jimena_Pedraza

Probaste lo comentado por @Fank


Luego realiza lo siguiente:

1.- Desactiva temporalmente su antivirus y cualquier programa de seguridad.

2.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. [size=1] >> Como saber si mi Windows es de 32 o 64 bits.?[/size]

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abriran dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

3.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2.

Hola @SanMar!, probé lo sugerido por @Fank, pero se encuetra iniciado. Te dejo los reportes (Los dejo en dos post porque supera el limite de caracteres):

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-09-2019
Ran by Pedraza (administrator) on PEDRAZA-PC (Dell Inc. Latitude D630) (27-09-2019 15:24:35)
Running from C:\Users\Pedraza\Downloads
Loaded Profiles: Pedraza (Available Profiles: Pedraza)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Digital Care Solutions) [File not signed] C:\Program Files\BDServices\BitDefenderCOM.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Protexis Inc. -> Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239192 2018-06-14] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [291568 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239192 2018-06-14] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-02] (AVAST Software a.s. -> Avast Software s.r.o.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\RunOnce: [*Restore] => C:\Windows\System32\rstrui.exe [296960 2017-07-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\system32\l3codecp.acm [182272 2009-07-13] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid.dll [411480 2010-03-04] (TechSmith Corporation -> TechSmith Corporation)
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.186\Installer\chrmstp.exe [2018-02-23] (Google Inc -> Google Inc.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09FA8F41-1EF9-427C-9D24-E96487DC123E} - System32\Tasks\DLL-Files FixerASKUSER => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: {0A383F70-723D-4EEC-A95C-92DC5F337546} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1634448849-352997038-3322466404-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {0B9A18D0-AED5-4D31-A161-3683D1CBCE36} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-16] (Google Inc -> Google Inc.)
Task: {24E80A78-8447-448C-8E83-E013DD610D99} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {268857D2-998A-4D7B-B607-9927D246EAFD} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe
Task: {2FD24FC2-B238-4CAD-89BE-BBA808B40CAE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {2FD24FC2-B238-4CAD-89BE-BBA808B40CAE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [  [ ]]
Task: {3708058B-2723-405B-BF11-5F6AA97D4ED7} - System32\Tasks\{47241BEF-2B2B-4B52-BB26-D06422D38D6E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe"
Task: {466E71E6-F4BA-4896-848C-2646DDA44193} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {478FF4D3-19D5-45F8-9453-83AA27A96570} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {4FFC545E-F50B-45FF-A512-3C2B68D1448C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {516C3E37-D303-4C31-BD9E-74DB56539454} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-07-18] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {519CD28B-70C7-49EC-803C-DBEDDC6BF8A5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {519CD28B-70C7-49EC-803C-DBEDDC6BF8A5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [  [ ]]
Task: {540221A4-7963-463C-ACD9-01584DDD2AFD} - System32\Tasks\{8B23250A-CA6F-416D-A7B0-B7B7C8E1DA28} => C:\Windows\system32\pcalua.exe -a D:\Sims3SP01Setup.exe -d D:\
Task: {646B4E5E-0CC5-4E08-9CAE-1B4F234618B3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {64ECE348-87FA-4A19-BCFA-A786DB0A28AB} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: {68041BB2-4998-42B2-88D1-195459036686} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: {6D315B1E-FA9F-427F-9658-4BBC2B48E91B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {6F9BAFE8-B5E3-4E21-B5CF-07AADA272801} - System32\Tasks\avastBCLRestart_chrome.exe => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe
Task: {8277A646-9397-4C5F-89C4-64175C8F1831} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {92CF50E8-9A25-4CA8-B6FA-B670B9555CBB} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {930DC825-72F9-463C-A6CD-7B78B6177216} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-16] (Google Inc -> Google Inc.)
Task: {95D8BF6C-93ED-4A78-9A7D-8400B1D3FC35} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [1298776 2016-08-21] (AVAST Software a.s. -> Avast Software s.r.o.)
Task: {C158866D-ADAC-4D59-B5C9-57B443C68ABB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C3039DA6-22F4-45ED-9309-66C679824494} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe
Task: {D5A8631F-5882-4B6D-92AC-D83AF3283C5E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {ED9CCFF8-4794-44D9-9179-96651745B9D7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {F8981F90-51EE-41F9-A143-3B5394A68593} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe
Task: {FD5C184E-F0AC-4A4E-BA7D-D4432F383F99} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {FE358FD7-B593-4909-9D60-4FD936868F2B} - System32\Tasks\{5283008F-BBEB-46DA-9873-8E98113EC806} => C:\Windows\system32\pcalua.exe -a D:\Sims3EP09Setup.exe -d D:\

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Acrobat Update Task.job => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: C:\Windows\Tasks\AdobeAAMUpdater-1.0-Pedraza-PC-Pedraza.job => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\Windows\Tasks\AdobeGCInvoker-1.0-Pedraza-PC-Pedraza.job => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\Pedraza\Desktop\adwcleaner_7.4.1.exe
Task: C:\Windows\Tasks\Antivirus Emergency Update.job => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
Task: C:\Windows\Tasks\AVG EUpdate Task.job => C:\Program Files (x86)\AVG\Setup\avgsetupx.exe
Task: C:\Windows\Tasks\AVGPCTuneUp_Task_BkGndMaintenance.job => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{706D681B-FBF2-4C06-8D84-A624C4453F51}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
URLSearchHook: [S-1-5-21-1634448849-352997038-3322466404-1000] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-02] (AVAST Software a.s. -> Avast Software s.r.o.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-02] (AVAST Software a.s. -> Avast Software s.r.o.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-21] [Legacy]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @ASC/FileLabPlugin;version=1.1.33 -> C:\ProgramData\FileLab\Plugin\Framework\npFlPluginS.dll [2012-02-20] (Ascensio System SIA -> FileLab) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-05-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-05-28] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [No File]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]

Chrome: 
=======
CHR Profile: C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2019-09-25] <==== ATTENTION
CHR Extension: (Presentaciones de Google) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-24]
CHR Extension: (Google Docs) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-24]
CHR Extension: (Google Drive) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-24]
CHR Extension: (YouTube) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-24]
CHR Extension: (Avast SafePrice) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-08-22]
CHR Extension: (Hojas de cálculo de Google) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-24]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-28]
CHR Extension: (Avast Online Security) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-05-24]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-24]
CHR Extension: (Gmail) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-24]
CHR Extension: (Chrome Media Router) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-18]
CHR Profile: C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default [2019-09-25]
CHR Extension: (Documentos) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-30]
CHR Extension: (Google Drive) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-30]
CHR Extension: (YouTube) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-30]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-05]
CHR Extension: (Hojas de cálculo) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-30]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-01]
CHR Extension: (Avast Online Security) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-17]
CHR Extension: (AVG SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2019-09-05]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-30]
CHR Extension: (Gmail) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-20]
CHR Profile: C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-09-25]
CHR Extension: (AdBlock) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-13]
CHR Extension: (Avast Online Security) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-04-05]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Chrome Media Router) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-06]
CHR Profile: C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-25]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-02]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-02] (AVAST Software a.s. -> Avast Software s.r.o.)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [323512 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7829784 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428264 2018-06-14] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R2 BitDefenderCOM; C:\Program Files\BDServices\BitDefenderCom.exe [1028096 2016-12-12] (Digital Care Solutions) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd -> Disc Soft Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [6598496 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [45920 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [38752 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-02] (AVAST Software a.s. -> )
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-02] (AVAST Software a.s. -> Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-02] (AVAST Software a.s. -> Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-02] (AVAST Software a.s. -> )
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-02] (AVAST Software a.s. -> Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-02] (AVAST Software a.s. -> Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-02] (AVAST Software a.s. -> Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-02] (AVAST Software a.s. -> )
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [189544 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [222288 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [194224 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\System32\drivers\avgbloga.sys [339048 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [51952 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [39352 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [152016 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [104256 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [78352 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1020112 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [455464 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [203544 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [373944 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2017-12-18] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [30264 2016-05-19] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtultrausbbus; C:\Windows\System32\DRIVERS\dtultrausbbus.sys [47672 2016-05-19] (Disc Soft Ltd -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2019-08-27] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-09-17] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [225944 2019-09-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2019-09-27] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-09-27] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [106344 2019-09-27] (Malwarebytes Corporation -> Malwarebytes)
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [416768 2009-06-10] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [292864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
R3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
R3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT6.SYS [740864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [485512 2016-12-12] (Bitdefender SRL -> BitDefender S.R.L.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-03-29] (AVG Technologies CZ, s.r.o. -> AVG Netherlands B.V.)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-13] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three months (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-09-27 15:24 - 2019-09-27 15:34 - 000026778 _____ C:\Users\Pedraza\Downloads\FRST.txt
2019-09-27 15:21 - 2019-09-27 15:27 - 000000000 ___DC C:\FRST
2019-09-27 15:19 - 2019-09-27 15:20 - 001615872 _____ (Farbar) C:\Users\Pedraza\Downloads\FRST64.exe
2019-09-27 14:49 - 2019-09-27 15:14 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-09-27 14:47 - 2019-09-27 14:47 - 000106344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-09-26 10:47 - 2019-09-26 10:47 - 000225944 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-09-25 15:54 - 2019-09-27 15:10 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-09-25 15:40 - 2019-09-25 15:40 - 000278144 _____ C:\Windows\Minidump\092519-32916-01.dmp
2019-09-25 15:35 - 2019-09-25 15:35 - 000001633 _____ C:\Users\Pedraza\Desktop\ZHPCleaner (S).txt
2019-09-25 15:30 - 2019-09-25 15:30 - 000001880 _____ C:\Users\Pedraza\Desktop\AdwCleaner[S06].txt
2019-09-25 15:30 - 2019-09-25 15:30 - 000000794 _____ C:\Users\Pedraza\Desktop\ZHPCleaner.lnk
2019-09-25 15:18 - 2019-09-25 15:18 - 002812640 _____ (Kaspersky Lab) C:\Users\Pedraza\Downloads\ks3.020.0.14.1085aes_19549.exe
2019-09-25 15:09 - 2019-09-25 15:11 - 003328384 _____ (Nicolas Coolman) C:\Users\Pedraza\Downloads\ZHPCleaner.exe
2019-09-18 17:44 - 2019-09-25 19:54 - 000000000 ____D C:\Users\Pedraza\Downloads\ADOBEIllustratorCS6 Portable
2019-09-18 17:36 - 2019-09-18 17:36 - 000000000 ____D C:\Users\Pedraza\Downloads\Sims 3
2019-09-18 17:30 - 2019-09-18 17:42 - 257022327 _____ C:\Users\Pedraza\Downloads\ADOBEIllustratorCS6 Portable.rar
2019-09-18 16:16 - 2019-09-18 17:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Illustrator CS6
2019-09-18 16:05 - 2016-07-16 22:50 - 000000403 _____ C:\Users\Pedraza\Downloads\Importante!!.vbs
2019-09-18 13:25 - 2019-09-26 23:56 - 000001549 _____ C:\Users\Pedraza\Desktop\Malware.txt
2019-09-18 00:43 - 2019-09-19 19:19 - 000000288 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
2019-09-18 00:39 - 2019-09-18 00:40 - 007636680 _____ (Malwarebytes) C:\Users\Pedraza\Desktop\adwcleaner_7.4.1.exe
2019-09-18 00:33 - 2019-09-18 00:43 - 000000000 ___DC C:\AdwCleaner
2019-09-17 21:15 - 2019-09-17 21:15 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-09-17 21:13 - 2019-09-25 15:47 - 000002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-09-17 21:13 - 2019-09-25 15:47 - 000002020 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-09-17 21:13 - 2019-09-17 21:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-09-17 21:13 - 2019-09-17 21:13 - 000000000 ____D C:\Program Files\Malwarebytes
2019-09-17 21:13 - 2019-08-27 05:50 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-09-17 21:05 - 2019-09-17 21:08 - 066495960 _____ (Malwarebytes ) C:\Users\Pedraza\Downloads\mb3-setup-consumer-3.8.3.2965-1.0.625-1.0.12519.exe
2019-09-17 17:48 - 2019-09-17 17:48 - 000000031 _____ C:\Users\Pedraza\Desktop\Themes.BAT
2019-09-17 17:32 - 2019-09-17 17:32 - 000000000 ____D C:\Windows\system32\%LocalAppData%
2019-09-17 16:32 - 2019-09-17 16:32 - 000000000 ____D C:\Users\Pedraza\Nueva carpeta
2019-09-17 16:03 - 2019-09-17 16:03 - 000000000 ____D C:\Program Files (x86)\GUM7A2E.tmp
2019-09-17 12:42 - 2019-09-17 12:42 - 000002253 _____ C:\Users\Pedraza\Desktop\Google Chrome.lnk
2019-09-17 12:18 - 2019-09-27 15:49 - 000262144 _____ C:\Users\Pedraza\ntuser.man
2019-09-16 20:50 - 2019-09-16 20:50 - 000000000 ____D C:\Users\Pedraza\Gihosoft Android Data Recovery
2019-09-16 20:46 - 2019-09-16 20:46 - 000000000 ____D C:\Program Files\SAMSUNG
2019-09-16 20:37 - 2019-09-16 20:37 - 000000000 ____D C:\ProgramData\Samsung
2019-09-16 20:33 - 2019-09-16 20:41 - 000000000 ____D C:\Users\Pedraza\.android
2019-09-11 23:20 - 2019-09-11 23:21 - 000000000 ___DC C:\5541b24cb0ef1467f89ccc92fa2e
2019-09-10 19:37 - 2019-09-10 19:37 - 000000000 ____D C:\ProgramData\ALM
2019-09-10 15:29 - 2019-08-15 22:02 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-09-10 15:29 - 2019-08-15 21:56 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-09-09 20:29 - 2019-09-09 20:30 - 000000000 ____D C:\Users\Pedraza\AppData\LocalLow\Adobe
2019-09-09 20:29 - 2019-09-09 20:29 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-09-09 20:29 - 2019-09-09 20:29 - 000000000 ____D C:\ProgramData\ALM.BackupByIllustratorPortable
2019-09-09 20:09 - 2019-09-09 20:09 - 000000000 ____D C:\ProgramData\Adobe
2019-09-09 20:03 - 2019-09-18 17:06 - 000000000 ____D C:\Program Files (x86)\Illustrator CS6
2019-09-08 18:27 - 2019-09-17 12:17 - 000000000 ____D C:\Users\Pedraza\AppData\LocalLow\uTorrent
2019-09-07 13:20 - 2019-09-07 13:20 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe.BackupByIllustratorPortable
2019-08-25 17:32 - 2019-08-25 17:32 - 000000000 __HDC C:\Leawo_iOS_Backup_Temp_Folder_And_Ensure_This_Name_Is_Only_One_So_It_Is_Very_Long
2019-08-25 17:29 - 2019-08-25 17:30 - 000000000 ____D C:\ProgramData\Leawo
2019-08-25 17:29 - 2019-08-25 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leawo
2019-08-25 17:26 - 2019-08-25 17:26 - 000000000 ____D C:\Program Files (x86)\Leawo
2019-08-20 13:04 - 2019-08-20 13:04 - 000000165 ____H C:\Users\Pedraza\Downloads\~$Lista02protecturbo EQUIPO NEUMATICO modifi 19-08 OK-convertido.xlsx
2019-07-17 17:06 - 2019-07-17 17:07 - 005044856 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-30 21:16 - 2019-06-30 21:17 - 001775130 _____ C:\Users\Pedraza\Downloads\MegaDownloader.zip

==================== Three months (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-09-27 15:21 - 2009-07-14 01:45 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-09-27 15:21 - 2009-07-14 01:45 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-09-27 15:11 - 2017-12-21 07:52 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2019-09-27 15:08 - 2009-07-14 02:08 - 000032554 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-09-27 15:08 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-09-27 14:50 - 2017-12-28 12:07 - 000000392 ____H C:\Windows\Tasks\AVG EUpdate Task.job
2019-09-25 15:44 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2019-09-25 15:40 - 2015-07-12 13:59 - 000000000 ____D C:\Windows\Minidump
2019-09-18 23:35 - 2015-07-01 23:59 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-09-18 17:43 - 2017-11-21 15:07 - 000000000 ____D C:\Users\Pedraza\Desktop\Diseño Gráfico
2019-09-18 16:51 - 2019-04-02 13:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X4
2019-09-18 00:43 - 2017-12-18 13:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2019-09-17 21:15 - 2016-05-08 16:13 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-09-17 15:45 - 2017-12-28 15:00 - 000000474 __RSH C:\Users\Pedraza\ntuser.pol
2019-09-17 14:35 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\registration
2019-09-17 14:12 - 2017-01-12 21:02 - 000130560 ___SH C:\Users\Pedraza\Thumbs.db
2019-09-17 13:04 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\PLA
2019-09-14 13:29 - 2015-12-18 02:59 - 001661458 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-09-14 13:29 - 2010-11-21 04:09 - 000751508 _____ C:\Windows\system32\perfh00A.dat
2019-09-14 13:29 - 2010-11-21 04:09 - 000160518 _____ C:\Windows\system32\perfc00A.dat
2019-09-14 13:28 - 2009-07-14 02:13 - 001661458 _____ C:\Windows\system32\PerfStringBackup.INI

==================== Files in the root of some directories ================

2016-12-26 15:02 - 2016-12-26 15:02 - 007680000 _____ () C:\Program Files (x86)\GUT29CE.tmp
2016-08-22 12:04 - 2016-08-22 12:04 - 007065600 _____ () C:\Program Files (x86)\GUT5D6C.tmp
2016-08-21 23:15 - 2016-08-21 23:15 - 007065600 _____ () C:\Program Files (x86)\GUTAF33.tmp
2016-06-02 13:10 - 2019-05-14 19:34 - 000000033 _____ () C:\Users\Pedraza\AppData\Roaming\AdobeWLCMCache.dat
2017-09-19 13:23 - 2017-11-20 14:21 - 000090349 _____ () C:\Users\Pedraza\AppData\Roaming\downloads.json
2016-12-27 21:46 - 2016-12-27 21:56 - 000000115 _____ () C:\Users\Pedraza\AppData\Roaming\LogFile.txt
2016-01-05 21:00 - 2016-02-21 16:33 - 000009216 _____ () C:\Users\Pedraza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-12 15:01 - 2015-08-12 15:01 - 000000000 _____ () C:\Users\Pedraza\AppData\Local\{124D4E24-BFA9-4A41-A096-B6F6B426E767}
2015-08-14 23:17 - 2015-08-14 23:17 - 000000000 _____ () C:\Users\Pedraza\AppData\Local\{8152E4D6-FFDB-47BF-9AB5-48B81B353353}

==================== SigCheckExt ================

2006-12-01 23:37 - 2006-12-01 23:37 - 000904704 ____C (Microsoft Corporation) C:\msdia80.dll
2015-12-30 20:05 - 1998-10-06 19:34 - 000327168 _____ (InstallShield Software Corporation, Inc.) C:\Windows\IsUn040a.exe
2015-09-05 05:09 - 2015-09-05 05:09 - 000105984 _____ (Beepa P/L) C:\Windows\system32\frapsv64.dll
2003-03-18 19:05 - 2003-03-18 19:05 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll
2001-01-30 04:33 - 2001-01-30 04:33 - 000028944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20ESP.DLL
2015-09-05 05:09 - 2015-09-05 05:09 - 000094208 _____ (Beepa P/L) C:\Windows\SysWOW64\frapsvid.dll
2003-03-18 21:20 - 2003-03-18 21:20 - 001060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2003-03-18 20:44 - 2003-03-18 20:44 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHS.DLL
2003-03-18 20:44 - 2003-03-18 20:44 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHT.DLL
2003-03-18 20:44 - 2003-03-18 20:44 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71DEU.DLL
2003-03-18 20:44 - 2003-03-18 20:44 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ENU.DLL
2003-03-18 20:44 - 2003-03-18 20:44 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ESP.DLL
2003-03-18 20:44 - 2003-03-18 20:44 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71FRA.DLL
2003-03-18 20:44 - 2003-03-18 20:44 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ITA.DLL
2003-03-18 20:44 - 2003-03-18 20:44 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71JPN.DLL
2003-03-18 20:44 - 2003-03-18 20:44 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71KOR.DLL
2003-03-18 21:12 - 2003-03-18 21:12 - 001047552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71u.dll
2012-03-12 20:56 - 2012-03-12 20:56 - 000947472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjava.dll
1999-05-23 20:07 - 1999-05-23 20:07 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msprpes.dll
2000-04-03 20:05 - 2000-04-03 20:05 - 000118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstdfmt.dll
2000-04-03 17:52 - 2000-04-03 17:52 - 000094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstkprp.dll
2003-03-18 20:14 - 2003-03-18 20:14 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2012-02-02 15:57 - 2012-02-02 15:57 - 000344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2003-02-21 04:42 - 2003-02-21 04:42 - 000348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2002-02-04 02:43 - 2002-02-04 02:43 - 000082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4r.dll
1998-03-24 21:54 - 1998-03-24 21:54 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SCP32.DLL
1999-05-23 20:07 - 1999-05-23 20:07 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stdftes.dll
1999-05-23 20:07 - 1999-05-23 20:07 - 000119568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb6es.dll
1999-11-24 18:40 - 1999-11-24 18:40 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBAME.DLL
2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WISPTIS.EXE
2015-09-21 14:32 - 2015-09-21 14:32 - 000003216 _____ C:\Windows\System32\Tasks\avastBCLRestart_chrome.exe
2019-09-27 15:19 - 2019-09-27 15:20 - 001615872 _____ (Farbar) C:\Users\Pedraza\Downloads\FRST64.exe
2019-09-25 15:09 - 2019-09-25 15:11 - 003328384 _____ (Nicolas Coolman) C:\Users\Pedraza\Downloads\ZHPCleaner.exe

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


==================== BCD ================================

Administrador de arranque de Windows
----------------------------------
Identificador           {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  es-ES
inherit                 {globalsettings}
default                 {current}
resumeobject            {4715bec1-1ea5-11e5-9c3b-c324c92c6321}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Cargador de arranque de Windows
-----------------------------
Identificador           {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  es-ES
inherit                 {bootloadersettings}
recoverysequence        {4715bec3-1ea5-11e5-9c3b-c324c92c6321}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {4715bec1-1ea5-11e5-9c3b-c324c92c6321}
nx                      OptOut

Cargador de arranque de Windows
-----------------------------
Identificador           {4715bec3-1ea5-11e5-9c3b-c324c92c6321}
device                  ramdisk=[C:]\Recovery\4715bec3-1ea5-11e5-9c3b-c324c92c6321\Winre.wim,{4715bec4-1ea5-11e5-9c3b-c324c92c6321}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\4715bec3-1ea5-11e5-9c3b-c324c92c6321\Winre.wim,{4715bec4-1ea5-11e5-9c3b-c324c92c6321}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Reanudar tras hibernaci�n
-------------------------
Identificador           {4715bec1-1ea5-11e5-9c3b-c324c92c6321}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  es-ES
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Herramienta de comprobaci�n de memoria de Windows
-------------------------------------------------
Identificador           {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Herramienta de diagn�stico de memoria de Windows
locale                  es-ES
inherit                 {globalsettings}
badmemoryaccess         Yes

Configuraci�n de EMS
--------------------
Identificador           {emssettings}
bootems                 Yes

Configuraci�n del depurador
---------------------------
Identificador           {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

Defectos de RAM
---------------
Identificador           {badmemory}

Configuraci�n global
--------------------
Identificador           {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Configuraci�n del cargador de arranque
------------------------------------
Identificador           {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Configuraci�n de hipervisor
-------------------
Identificador           {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Reanudar la configuraci�n del cargador
--------------------------------------
Identificador           {resumeloadersettings}
inherit                 {globalsettings}

Opciones de dispositivo
-----------------------
Identificador           {4715bec4-1ea5-11e5-9c3b-c324c92c6321}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\4715bec3-1ea5-11e5-9c3b-c324c92c6321\boot.sdi


LastRegBack: 2016-03-11 04:18
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2019
Ran by Pedraza (27-09-2019 15:53:44)
Running from C:\Users\Pedraza\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2015-06-30 01:41:09)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1634448849-352997038-3322466404-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-1634448849-352997038-3322466404-1002 - Limited - Enabled)
Invitado (S-1-5-21-1634448849-352997038-3322466404-501 - Limited - Disabled)
Pedraza (S-1-5-21-1634448849-352997038-3322466404-1000 - Administrator - Enabled) => C:\Users\Pedraza

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2218 - AVAST Software)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 18.5.3059 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\{52B6D655-9038-4290-B710-0E568F806155}) (Version: 16.80.3 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.80.3.38236 - AVG Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
Corel Shell Extension - 64Bit (HKLM\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF011}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 12 (HKLM-x32\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.458 - Corel Corporation)
CorelDRAW Graphics Suite X4 - Capture (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF012}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Content (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF016}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Draw (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF013}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Filters (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF017}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - FontNav (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF019}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics SUite X4 - ICA (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - IPM (HKLM-x32\...\{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang ES (HKLM-x32\...\{D2827848-7D2A-4547-9AD1-C965FB3E6344}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - PP (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF014}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - VBA (HKLM-x32\...\{BF439B41-0252-48DE-8B8B-0430CB26A181}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 (HKLM-x32\...\{44A27085-0616-4181-A0C3-81C7ECA17F73}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version:  - Corel Corporation)
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version: 1.0 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 (HKLM-x32\...\_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version:  - Corel Corporation)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
FileLab Plugin 1.1.33 (HKLM-x32\...\{6AC5F630-9453-433D-90FF-BB3A8E4F8960}) (Version: 1.1.33 - FileLab)
Flash Movie Player 1.5 (HKLM-x32\...\Flash Movie Player) (Version: 1.5 - Eolsoft)
FMW 1 (HKLM\...\{4CC5FB14-3F4D-4FA8-B921-00A9B40145C4}) (Version: 1.227.45 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Los Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Los Sims™ 3 ¡Menuda familia! (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Los Sims™ 3 Aventura en la Isla (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
Los Sims™ 3 Salto a la fama (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
The Sims 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.10.1 - Electronic Arts)
The Sims 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
The Sims™ 3 Outdoor Living Stuff (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.3.2 - Electronic Arts)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-02] (AVAST Software a.s. -> Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-02] (AVAST Software a.s. -> Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-02] (AVAST Software a.s. -> Avast Software s.r.o.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-02] (AVAST Software a.s. -> Avast Software s.r.o.)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-02] (AVAST Software a.s. -> Avast Software s.r.o.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-02] (AVAST Software a.s. -> Avast Software s.r.o.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-09-25 14:58 - 2019-09-25 14:58 - 048920064 _____ () [File not signed] C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000018728 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-core-file-l1-2-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000018736 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-core-file-l2-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000021296 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-core-localization-l1-2-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000019248 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-core-processthreads-l1-1-1.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000019248 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-core-synch-l1-2-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000018736 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-core-timezone-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000019760 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-conio-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000022832 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-convert-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000019248 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-environment-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000020784 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-filesystem-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000019752 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-heap-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000019248 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-locale-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000027952 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-math-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000026928 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-multibyte-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000023336 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-runtime-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000024880 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-stdio-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000024880 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-string-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000021296 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-time-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000019248 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-utility-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 001001264 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\ucrtbase.DLL
2017-12-19 16:43 - 2017-12-19 16:43 - 000018224 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-core-file-l1-2-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000018224 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-core-file-l2-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000020784 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-core-localization-l1-2-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000018736 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-core-processthreads-l1-1-1.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000018736 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-core-synch-l1-2-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000018224 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-core-timezone-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000022320 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-convert-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000018736 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-environment-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000020272 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-filesystem-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000019248 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-heap-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000018736 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-locale-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000028968 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-math-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000026416 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-multibyte-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000022832 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-runtime-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000024368 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-stdio-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000024368 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-string-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000020784 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-time-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 000018736 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-utility-l1-1-0.dll
2017-12-19 16:43 - 2017-12-19 16:43 - 001142064 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\ucrtbase.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:972E3A44 [120]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:34 - 2018-07-04 20:00 - 000000826 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
MpsSvc => Firewall Service is not running.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: SessionEnv => 3
MSCONFIG\startupreg: uTorrent => "C:\Users\Pedraza\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{4E299A70-2655-4F79-9B8D-2083A5FDEAC6}C:\program files (x86)\microsoft office\office12\groove.exe] => (Block) C:\program files (x86)\microsoft office\office12\groove.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{F9538EF1-1E86-4120-8FFD-F07F7E93CB50}C:\program files (x86)\microsoft office\office12\groove.exe] => (Block) C:\program files (x86)\microsoft office\office12\groove.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

23-09-2019 01:56:09 Windows Update
23-09-2019 11:54:33 Windows Update
24-09-2019 00:21:44 Windows Update
26-09-2019 00:43:09 Windows Update
27-09-2019 00:29:39 Windows Update

==================== Faulty Device Manager Devices =============

Name: Controladora de host universal USB de la familia Intel(R) ICH8 - 2830
Description: Controladora de host universal USB de la familia Intel(R) ICH8 - 2830
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: Adaptador ISATAP de Microsoft
Description: Adaptador ISATAP de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Adaptador ISATAP de Microsoft #2
Description: Adaptador ISATAP de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: CDC Serial
Description: CDC Serial
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: MTP
Description: MTP
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

El servicio de Registro de eventos de Windows est� inici�ndose.
El servicio de Registro de eventos de Windows no ha podido iniciarse.

Error de sistema.

Error de sistema 1899.

No se pudo crear la entrada de la base de datos del asignador de extremo.


==================== Memory info =========================== 

BIOS: Dell Inc. A08 02/28/2008
Motherboard: Dell Inc. 0KU184
Processor: Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz
Percentage of memory in use: 93%
Total physical RAM: 2037.97 MB
Available physical RAM: 134.8 MB
Total Virtual: 4075.95 MB
Available Virtual: 728.69 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.95 GB) (Free:15.13 GB) NTFS

\\?\Volume{e660c6c5-1ec6-11e5-8bc8-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: BC5B9E56)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Hola @Jimena_Pedraza

Se ven varios problemas en tu equipo:

Paso 1:

Tienes dos antivirus funcionales en tu equipo y dos de los pesos pesados, desinstala ambos (AVG y Avast) con su >>> Herramienta especifica de desinstalación.

Desinstalas uno primero, luego de reiniciar el segundo.

Estarás sin antivirus, navega y descarga con precaución.


Paso 2:

Desinstala con Revo Uninstaller en su Modo Avanzado:

  • 1. AVG PC TuneUp
  • 2. Dll-Files. com Fixer

Manual de Revo Uninstaller.


Paso 3:

Ejecutaste FRST desde un lugar incorrecto:

  • Running from C:\Users\Pedraza\ Downloads

Corta el ejecutable y pegalo en tu escritorio <<< Esto es Muy Importante.


Paso 4:

Sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Abre un nuevo archivo Notepad/Bloc de Notas y copia y pega este contenido:


Start
CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\system32\l3codecp.acm [182272 2009-07-13] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid.dll [411480 2010-03-04] (TechSmith Corporation -> TechSmith Corporation)
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {09FA8F41-1EF9-427C-9D24-E96487DC123E} - System32\Tasks\DLL-Files FixerASKUSER => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: {24E80A78-8447-448C-8E83-E013DD610D99} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {268857D2-998A-4D7B-B607-9927D246EAFD} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe
C:\Windows\system32\GWX
Task: {2FD24FC2-B238-4CAD-89BE-BBA808B40CAE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {2FD24FC2-B238-4CAD-89BE-BBA808B40CAE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [  [ ]]
Task: {3708058B-2723-405B-BF11-5F6AA97D4ED7} - System32\Tasks\{47241BEF-2B2B-4B52-BB26-D06422D38D6E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe"
Task: {466E71E6-F4BA-4896-848C-2646DDA44193} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4FFC545E-F50B-45FF-A512-3C2B68D1448C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {519CD28B-70C7-49EC-803C-DBEDDC6BF8A5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {519CD28B-70C7-49EC-803C-DBEDDC6BF8A5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [  [ ]]
Task: {540221A4-7963-463C-ACD9-01584DDD2AFD} - System32\Tasks\{8B23250A-CA6F-416D-A7B0-B7B7C8E1DA28} => C:\Windows\system32\pcalua.exe -a D:\Sims3SP01Setup.exe -d D:\
Task: {64ECE348-87FA-4A19-BCFA-A786DB0A28AB} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: {68041BB2-4998-42B2-88D1-195459036686} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: {6D315B1E-FA9F-427F-9658-4BBC2B48E91B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {8277A646-9397-4C5F-89C4-64175C8F1831} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {92CF50E8-9A25-4CA8-B6FA-B670B9555CBB} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {C158866D-ADAC-4D59-B5C9-57B443C68ABB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C3039DA6-22F4-45ED-9309-66C679824494} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe
Task: {D5A8631F-5882-4B6D-92AC-D83AF3283C5E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {F8981F90-51EE-41F9-A143-3B5394A68593} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe
Task: {FD5C184E-F0AC-4A4E-BA7D-D4432F383F99} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {FE358FD7-B593-4909-9D60-4FD936868F2B} - System32\Tasks\{5283008F-BBEB-46DA-9873-8E98113EC806} => C:\Windows\system32\pcalua.exe -a D:\Sims3EP09Setup.exe -d D:\
Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\Pedraza\Desktop\adwcleaner_7.4.1.exe
URLSearchHook: [S-1-5-21-1634448849-352997038-3322466404-1000] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [No File]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
CHR Profile: C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2019-09-25] <==== ATTENTION
2019-09-17 17:32 - 2019-09-17 17:32 - 000000000 ____D C:\Windows\system32\%LocalAppData%
2019-09-17 16:03 - 2019-09-17 16:03 - 000000000 ____D C:\Program Files (x86)\GUM7A2E.tmp
2019-09-16 20:50 - 2019-09-16 20:50 - 000000000 ____D C:\Users\Pedraza\Gihosoft Android Data Recovery
2019-09-11 23:20 - 2019-09-11 23:21 - 000000000 ___DC C:\5541b24cb0ef1467f89ccc92fa2e
2019-09-18 00:43 - 2017-12-18 13:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2016-12-26 15:02 - 2016-12-26 15:02 - 007680000 _____ () C:\Program Files (x86)\GUT29CE.tmp
2016-08-22 12:04 - 2016-08-22 12:04 - 007065600 _____ () C:\Program Files (x86)\GUT5D6C.tmp
2016-08-21 23:15 - 2016-08-21 23:15 - 007065600 _____ () C:\Program Files (x86)\GUTAF33.tmp
2017-09-19 13:23 - 2017-11-20 14:21 - 000090349 _____ () C:\Users\Pedraza\AppData\Roaming\downloads.json
2016-12-27 21:46 - 2016-12-27 21:56 - 000000115 _____ () C:\Users\Pedraza\AppData\Roaming\LogFile.txt
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
AlternateDataStreams: C:\ProgramData\TEMP:972E3A44 [120]

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Nos comentas luego de reiniciar como sigue el problema.

Salu2.

Hola @SanMar!,llegué al paso 4 y me sale esto, qué puedo estar haciendo mal?

Hola

El Fixlist se ve en el escritorio, pero dónde tienes FRST.?

Debería estar en la misma ubicación, lo que te dice el cartel es que no encuentra el Fix, corta el ejecutable y pegarlo en el escritorio.

Salu2

Gracias @SanMar!, te dejo el reporte:

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-09-2019
Ran by Pedraza (01-10-2019 17:05:50) Run:1
Running from C:\Users\Pedraza\Desktop\FRST-OlderVersion
Loaded Profiles: Pedraza (Available Profiles: Pedraza)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\system32\l3codecp.acm [182272 2009-07-13] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid.dll [411480 2010-03-04] (TechSmith Corporation -> TechSmith Corporation)
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {09FA8F41-1EF9-427C-9D24-E96487DC123E} - System32\Tasks\DLL-Files FixerASKUSER => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: {24E80A78-8447-448C-8E83-E013DD610D99} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {268857D2-998A-4D7B-B607-9927D246EAFD} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe
C:\Windows\system32\GWX
Task: {2FD24FC2-B238-4CAD-89BE-BBA808B40CAE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {2FD24FC2-B238-4CAD-89BE-BBA808B40CAE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [  [ ]]
Task: {3708058B-2723-405B-BF11-5F6AA97D4ED7} - System32\Tasks\{47241BEF-2B2B-4B52-BB26-D06422D38D6E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe"
Task: {466E71E6-F4BA-4896-848C-2646DDA44193} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4FFC545E-F50B-45FF-A512-3C2B68D1448C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {519CD28B-70C7-49EC-803C-DBEDDC6BF8A5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {519CD28B-70C7-49EC-803C-DBEDDC6BF8A5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [  [ ]]
Task: {540221A4-7963-463C-ACD9-01584DDD2AFD} - System32\Tasks\{8B23250A-CA6F-416D-A7B0-B7B7C8E1DA28} => C:\Windows\system32\pcalua.exe -a D:\Sims3SP01Setup.exe -d D:\
Task: {64ECE348-87FA-4A19-BCFA-A786DB0A28AB} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: {68041BB2-4998-42B2-88D1-195459036686} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: {6D315B1E-FA9F-427F-9658-4BBC2B48E91B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {8277A646-9397-4C5F-89C4-64175C8F1831} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {92CF50E8-9A25-4CA8-B6FA-B670B9555CBB} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {C158866D-ADAC-4D59-B5C9-57B443C68ABB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C3039DA6-22F4-45ED-9309-66C679824494} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe
Task: {D5A8631F-5882-4B6D-92AC-D83AF3283C5E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {F8981F90-51EE-41F9-A143-3B5394A68593} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe
Task: {FD5C184E-F0AC-4A4E-BA7D-D4432F383F99} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {FE358FD7-B593-4909-9D60-4FD936868F2B} - System32\Tasks\{5283008F-BBEB-46DA-9873-8E98113EC806} => C:\Windows\system32\pcalua.exe -a D:\Sims3EP09Setup.exe -d D:\
Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\Pedraza\Desktop\adwcleaner_7.4.1.exe
URLSearchHook: [S-1-5-21-1634448849-352997038-3322466404-1000] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [No File]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
CHR Profile: C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2019-09-25] <==== ATTENTION
2019-09-17 17:32 - 2019-09-17 17:32 - 000000000 ____D C:\Windows\system32\%LocalAppData%
2019-09-17 16:03 - 2019-09-17 16:03 - 000000000 ____D C:\Program Files (x86)\GUM7A2E.tmp
2019-09-16 20:50 - 2019-09-16 20:50 - 000000000 ____D C:\Users\Pedraza\Gihosoft Android Data Recovery
2019-09-11 23:20 - 2019-09-11 23:21 - 000000000 ___DC C:\5541b24cb0ef1467f89ccc92fa2e
2019-09-18 00:43 - 2017-12-18 13:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2016-12-26 15:02 - 2016-12-26 15:02 - 007680000 _____ () C:\Program Files (x86)\GUT29CE.tmp
2016-08-22 12:04 - 2016-08-22 12:04 - 007065600 _____ () C:\Program Files (x86)\GUT5D6C.tmp
2016-08-21 23:15 - 2016-08-21 23:15 - 007065600 _____ () C:\Program Files (x86)\GUTAF33.tmp
2017-09-19 13:23 - 2017-11-20 14:21 - 000090349 _____ () C:\Users\Pedraza\AppData\Roaming\downloads.json
2016-12-27 21:46 - 2016-12-27 21:56 - 000000115 _____ () C:\Users\Pedraza\AppData\Roaming\LogFile.txt
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
AlternateDataStreams: C:\ProgramData\TEMP:972E3A44 [120]

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\msacm.l3acm => value restored successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.FPS1" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.FPS1" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\vidc.tscc => value restored successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\vidc.VP60" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\vidc.VP61" => not found
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{09FA8F41-1EF9-427C-9D24-E96487DC123E} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09FA8F41-1EF9-427C-9D24-E96487DC123E} => removed successfully
C:\Windows\System32\Tasks\DLL-Files FixerASKUSER => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DLL-Files FixerASKUSER => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24E80A78-8447-448C-8E83-E013DD610D99} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{268857D2-998A-4D7B-B607-9927D246EAFD} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{268857D2-998A-4D7B-B607-9927D246EAFD} => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => removed successfully
"C:\Windows\system32\GWX" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2FD24FC2-B238-4CAD-89BE-BBA808B40CAE} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FD24FC2-B238-4CAD-89BE-BBA808B40CAE} => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FD24FC2-B238-4CAD-89BE-BBA808B40CAE} => not found
"C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3708058B-2723-405B-BF11-5F6AA97D4ED7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3708058B-2723-405B-BF11-5F6AA97D4ED7}" => removed successfully
C:\Windows\System32\Tasks\{47241BEF-2B2B-4B52-BB26-D06422D38D6E} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{47241BEF-2B2B-4B52-BB26-D06422D38D6E}" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{466E71E6-F4BA-4896-848C-2646DDA44193} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4FFC545E-F50B-45FF-A512-3C2B68D1448C} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{519CD28B-70C7-49EC-803C-DBEDDC6BF8A5} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{519CD28B-70C7-49EC-803C-DBEDDC6BF8A5} => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{519CD28B-70C7-49EC-803C-DBEDDC6BF8A5} => not found
"C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{540221A4-7963-463C-ACD9-01584DDD2AFD} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{540221A4-7963-463C-ACD9-01584DDD2AFD} => removed successfully
C:\Windows\System32\Tasks\{8B23250A-CA6F-416D-A7B0-B7B7C8E1DA28} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8B23250A-CA6F-416D-A7B0-B7B7C8E1DA28} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64ECE348-87FA-4A19-BCFA-A786DB0A28AB} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64ECE348-87FA-4A19-BCFA-A786DB0A28AB} => removed successfully
C:\Windows\System32\Tasks\DLL-Files.Com Fixer_Updates => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DLL-Files.Com Fixer_Updates => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68041BB2-4998-42B2-88D1-195459036686} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68041BB2-4998-42B2-88D1-195459036686} => removed successfully
C:\Windows\System32\Tasks\DLL-Files.Com Fixer_MONTHLY => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DLL-Files.Com Fixer_MONTHLY => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D315B1E-FA9F-427F-9658-4BBC2B48E91B} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8277A646-9397-4C5F-89C4-64175C8F1831} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92CF50E8-9A25-4CA8-B6FA-B670B9555CBB} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-URT => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C158866D-ADAC-4D59-B5C9-57B443C68ABB} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3039DA6-22F4-45ED-9309-66C679824494} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3039DA6-22F4-45ED-9309-66C679824494} => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5A8631F-5882-4B6D-92AC-D83AF3283C5E} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F8981F90-51EE-41F9-A143-3B5394A68593} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8981F90-51EE-41F9-A143-3B5394A68593} => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD5C184E-F0AC-4A4E-BA7D-D4432F383F99} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE358FD7-B593-4909-9D60-4FD936868F2B} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE358FD7-B593-4909-9D60-4FD936868F2B} => removed successfully
C:\Windows\System32\Tasks\{5283008F-BBEB-46DA-9873-8E98113EC806} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5283008F-BBEB-46DA-9873-8E98113EC806} => removed successfully
C:\Windows\Tasks\AdwCleaner_onReboot.job => moved successfully
Could not restore Default URLSearchHook.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect => removed successfully
C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => moved successfully
C:\Windows\system32\%LocalAppData% => moved successfully
C:\Program Files (x86)\GUM7A2E.tmp => moved successfully
C:\Users\Pedraza\Gihosoft Android Data Recovery => moved successfully
C:\5541b24cb0ef1467f89ccc92fa2e => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft => moved successfully
C:\Program Files (x86)\GUT29CE.tmp => moved successfully
C:\Program Files (x86)\GUT5D6C.tmp => moved successfully
C:\Program Files (x86)\GUTAF33.tmp => moved successfully
C:\Users\Pedraza\AppData\Roaming\downloads.json => moved successfully
C:\Users\Pedraza\AppData\Roaming\LogFile.txt => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing => removed successfully
HKLM\Software\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
C:\ProgramData\TEMP => ":972E3A44" ADS removed successfully

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local mientras los medios
est‚n desconectados.

Adaptador de Ethernet Conexi¢n de  rea local:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:

   Sufijo DNS espec¡fico para la conexi¢n. . : home
   Direcci¢n IPv6 . . . . . . . . . . : fdb9:5a12:aa48:1:30a2:19fb:47eb:fcc3
   Direcci¢n IPv6 temporal. . . . . . : fdb9:5a12:aa48:1:a041:ca5d:cf19:25d5
   V¡nculo: direcci¢n IPv6 local. . . : fe80::30a2:19fb:47eb:fcc3%11
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.34
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de t£nel isatap.home:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{611E4EA4-90E0-43ED-8579-4548115BAB09}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========

La siguiente DLL de ayuda no se puede cargar: FWCFG.DLL.
La siguiente DLL de ayuda no se puede cargar: AUTHFWCFG.DLL.
La siguiente DLL de ayuda no se puede cargar: NSHIPSEC.DLL.

El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall reset =========

La siguiente DLL de ayuda no se puede cargar: FWCFG.DLL.
La siguiente DLL de ayuda no se puede cargar: AUTHFWCFG.DLL.
La siguiente DLL de ayuda no se puede cargar: NSHIPSEC.DLL.
No se encuentra el comando: advfirewall reset

========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

La siguiente DLL de ayuda no se puede cargar: FWCFG.DLL.
La siguiente DLL de ayuda no se puede cargar: AUTHFWCFG.DLL.
La siguiente DLL de ayuda no se puede cargar: NSHIPSEC.DLL.
No se encuentra el comando: advfirewall set allprofiles state ON

========= End of CMD: =========


========= netsh int ipv4 reset =========

La siguiente DLL de ayuda no se puede cargar: FWCFG.DLL.
La siguiente DLL de ayuda no se puede cargar: AUTHFWCFG.DLL.
La siguiente DLL de ayuda no se puede cargar: NSHIPSEC.DLL.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

La siguiente DLL de ayuda no se puede cargar: FWCFG.DLL.
La siguiente DLL de ayuda no se puede cargar: AUTHFWCFG.DLL.
La siguiente DLL de ayuda no se puede cargar: NSHIPSEC.DLL.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 20971520 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9525516 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 488020507 B
Edge => 0 B
Chrome => 10259336 B
Firefox => 0 B
Opera => 162816 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 39531 B
Public => 0 B
ProgramData => 0 B
systemprofile => 48129153 B
systemprofile32 => 66356 B
LocalService => 66228 B
NetworkService => 66228 B
Pedraza => 96370254 B

RecycleBin => 0 B
EmptyTemp: => 642.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:11:50 ====

Y en cuanto al escritorio:

Hola @Jimena_Pedraza

Realiza lo siguiente:

1.- Botón de Inicio >>> escribes CMD >>> Botón derecho sobre el >>> Ejecutar como Administrador.

En la consola que se abre escribe tal cual el siguiente comando:

sfc /scannow

Presionas Enter

Tomará un tiempo largo.

2.- A continuación, ingresa los siguientes comandos en la consola del símbolo de sistema, pulsando Enter después de cada uno de ellos:

dism /online /cleanup-image /scanhealth

dism /online /cleanup-image /checkhealth

dism /online /cleanup-image /restorehealth


Al finalizar en la misma consola escribes:

findstr /c:“[SR]” %windir%\Logs\CBS\CBS.log >“%userprofile%\Desktop\sfcdetails.txt”

Nota: La ejecución de estos procesos puede demorar, no olvides reiniciar el equipo para aplicar los cambios cuando termines con todos los comandos.

Nota 2: Los comandos debes copiarlos tal cual respetando los espacios.

Quedará un reporte de nombre sfcdetails.txt en tu escritorio lo pegas en tu próxima respuesta.

Cualquier error tomas una imagen y la subes.

Salu2

@SanMar, me salió lo siguiente:

Hola @Jimena_Pedraza

Y que paso cuando ejecutaste el primer comando:

sfc /scannow

Reparo algo?

El escritorio sigue igual?


Busca manualmente la siguiente ruta:

  • C:\WINDOWS\LOGS\CBS\ CBS.LOG

Sube el archivo a algún sitio tipo Dropbox, Google Drive, Onedrive, etc ya que aquí no te permitirá por ser muy largo, y nos compartes el enlace.

Salu2