Windows 7, se congelan programas, peor luego inactividad

Dejé a la PC haciendo el escaneo y me fui, por lo que estuvo inactiva una cuantas horas. Sigue costando que se abran programas, quedan congelados, tardan en responder.

Bien… pues entonces pasemos a revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Completo. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del manual :arrow_forward:Historial :arrow_backward: encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer, pulsamos Yes

  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 22/7/19
Hora del análisis: 21:28
Archivo de registro: d12c066a-ace0-11e9-8a7a-00ff1ddc2b53.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.586
Versión del paquete de actualización: 1.0.11678
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: CLAUDIA-PC\CLAUDIA

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 281716
Amenazas detectadas: 1
Amenazas en cuarentena: 1
Tiempo transcurrido: 11 min, 21 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 1
PUP.Optional.VisicomToolbar, C:\PROGRAM FILES (X86)\PANDASECURITYTB\PANDASECURITYTB64.DLL, En cuarentena, [2415], [635897],1.0.11678

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-04-03.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    07-22-2019
# Duration: 00:00:06
# OS:       Windows 7 Ultimate
# Cleaned:  15
# Failed:   0


***** [ Services ] *****

Deleted       Update service

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\pandasecuritytb
Deleted       C:\Users\CLAUDIA\AppData\LocalLow\pandasecuritytb
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\pandasecuritytb
Deleted       C:\Windows\System32\config\systemprofile\AppData\LocalLow\pandasecuritytb

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Lavasoft\Web Companion
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{184CF6CD-A0E6-4D84-B3EE-FD75B6B4BF52}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{1A09CF03-C482-4DAD-9FB7-8679B45AF74B}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{75025E10-B83B-4008-86E6-5EE90406249A}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{8B305652-5A32-4168-A08E-FECC25DF232F}
Deleted       HKLM\Software\Classes\Prod.cap
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2831 octets] - [22/07/2019 21:48:11]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-04-03.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    07-22-2019
# Duration: 00:00:12
# OS:       Windows 7 Ultimate
# Scanned:  27198
# Detected: 15


***** [ Services ] *****

PUP.Optional.Legacy             Update service

***** [ Folders ] *****

PUP.Optional.Legacy             C:\Program Files (x86)\pandasecuritytb
PUP.Optional.Legacy             C:\Users\CLAUDIA\AppData\LocalLow\pandasecuritytb
PUP.Optional.Legacy             C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\pandasecuritytb
PUP.Optional.Legacy             C:\Windows\System32\config\systemprofile\AppData\LocalLow\pandasecuritytb

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
PUP.Optional.Legacy             HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{184CF6CD-A0E6-4D84-B3EE-FD75B6B4BF52}
PUP.Optional.Legacy             HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{1A09CF03-C482-4DAD-9FB7-8679B45AF74B}
PUP.Optional.Legacy             HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{75025E10-B83B-4008-86E6-5EE90406249A}
PUP.Optional.Legacy             HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{8B305652-5A32-4168-A08E-FECC25DF232F}
PUP.Optional.Legacy             HKLM\Software\Classes\Prod.cap
PUP.Optional.WebCompanion       HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion       HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Ultimate x64 
Ran by CLAUDIA (Administrator) on 22/07/2019 at 21:54:20,65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 21 

Successfully deleted: C:\ProgramData\1509948131.bdinstall.bin (File) 
Successfully deleted: C:\ProgramData\babylon (Folder) 
Successfully deleted: C:\Users\CLAUDIA\AppData\Roaming\babylon (Folder) 
Successfully deleted: C:\Users\CLAUDIA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\CLAUDIA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\214G7MHF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\CLAUDIA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\77BZJU0K (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\CLAUDIA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8G3PW4BG (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\CLAUDIA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C2QOHZNK (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\CLAUDIA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OZ450EVY (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\CLAUDIA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RMH428SF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\CLAUDIA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SGZO514F (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\CLAUDIA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z4OKTLZN (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\214G7MHF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\77BZJU0K (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8G3PW4BG (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C2QOHZNK (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OZ450EVY (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RMH428SF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SGZO514F (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z4OKTLZN (Temporary Internet Files Folder) 



Registry: 4 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) 
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{159ff5d5-55f1-4d2f-b706-767a55f77abb} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{159ff5d5-55f1-4d2f-b706-767a55f77abb} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} (Registry Value) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22/07/2019 at 21:56:32,05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by CLAUDIA (administrator) on CLAUDIA-PC (MSI MS-7808) (22-07-2019 21:59:10)
Running from F:\Datos de usuario (C)\Desktop
Loaded Profiles: CLAUDIA (Available Profiles: CLAUDIA)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Software 2000 Limited) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCUpdate.exe
(Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Visicom Media Inc. -> Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1923008 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [429536 2019-06-03] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [95024 2019-04-11] (Bitdefender SRL -> Bitdefender)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKU\S-1-5-21-3899423591-2164203333-916106544-1000\...\Run: [uTorrent] => C:\Users\CLAUDIA\AppData\Roaming\uTorrent\uTorrent.exe [1820392 2019-07-14] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3899423591-2164203333-916106544-1000\...\Run: [Google Update] => C:\Users\CLAUDIA\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateCore.exe [410920 2019-05-15] (Google Inc -> Google LLC)
HKU\S-1-5-21-3899423591-2164203333-916106544-1000\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [6110768 2019-05-02] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3899423591-2164203333-916106544-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22691064 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3899423591-2164203333-916106544-1000\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [24860136 2019-06-13] (Plex, Inc -> Plex, Inc.)
HKU\S-1-5-18\...\RunOnce: [panda] => reg.exe delete "HKCU\Software\AppDataLow\Software\panda" /f
HKU\S-1-5-18\...\RunOnce: [panda_XP] => reg.exe delete "HKCU\Software\panda" /f
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-17] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-02] (Adobe Inc. -> Adobe Systems, Inc.)
Startup: C:\Users\CLAUDIA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BdBkpFolder [2019-02-20] ()
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
GroupPolicyScripts-x32: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0AC80924-AC81-4AE0-9498-ADC4AE440D0B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0DFA41C2-5811-46D7-A51F-0E6E1DAC6386} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0FA76392-D620-476A-9C1A-516554E21F25} - System32\Tasks\{380CB5D4-0871-4ECF-A2DB-7B2397D340B6} => C:\Windows\system32\pcalua.exe -a "F:\Datos de usuario (C)\Desktop\FacebookGameroom.exe" -d "F:\Datos de usuario (C)\Desktop"
Task: {2177318E-E293-4188-8B45-90DDE991FA70} - System32\Tasks\{989F6FE9-1D82-4DCC-9043-DFC2E022DEF1} => C:\Users\CLAUDIA\AppData\Roaming\uTorrent\uTorrent.exe [1820392 2019-07-14] (BitTorrent Inc -> BitTorrent Inc.)
Task: {22B976CD-8D98-4BB0-B0C7-1AD453816EF3} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [722880 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {58D35ACC-2F0A-47C0-86F1-00F8C953493E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_Plugin.exe [1457208 2019-06-30] (Adobe Inc. -> Adobe)
Task: {5F253BB4-0EBF-4DF3-A958-70182C79E55A} - System32\Tasks\{80921E0E-699A-4A58-A6A0-9DD9DAA88D56} => C:\Users\CLAUDIA\AppData\Roaming\uTorrent\uTorrent.exe [1820392 2019-07-14] (BitTorrent Inc -> BitTorrent Inc.)
Task: {6808F0D0-F0B5-4378-B1B6-D1D44199FF86} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3899423591-2164203333-916106544-1000UA => C:\Users\CLAUDIA\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2017-10-08] (Google Inc -> Google Inc.)
Task: {76646AA0-E449-4C13-9BD0-B20E44A95C59} - System32\Tasks\{879160F6-597C-4E4B-BAD3-C3EA92AB3043} => F:\Datos de usuario (C)\Desktop\Ripiar Subtit\Pegar Sub\PocketDivXEncoder_0.3.96.exe
Task: {7EB6FD60-1772-45BE-A751-EC43B65E9508} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3899423591-2164203333-916106544-1000 => C:\ProgramData\MEGAsync\MEGAupdater.exe [760696 2018-01-15] (Mega Limited -> Mega Limited)
Task: {82BD994E-3AD1-49FC-AF84-BB9DA10C5AFD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-05-18] (Google Inc -> Google Inc.)
Task: {82FF0B26-EFF6-44CD-BA5E-5829375F5CBC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [947136 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {871CFD72-774B-4D03-AA92-4B8061AD2613} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-05-18] (Google Inc -> Google Inc.)
Task: {9ABDA1E4-8909-4A96-85BD-566272474EDC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3899423591-2164203333-916106544-1000Core => C:\Users\CLAUDIA\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2017-10-08] (Google Inc -> Google Inc.)
Task: {9BAFC1E4-3652-4474-9F41-098435216299} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {B1A49445-5C38-4C8E-82DD-1AB79E65BBB8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [651200 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C26B40E1-04F4-4BD5-8BA3-38DC1C7AA746} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [491832 2019-06-13] (Bitdefender SRL -> Bitdefender)
Task: {C90E4E43-F932-430E-AA7E-A7ECD795B3E9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2017-07-24] (Apple Inc. -> Apple Inc.)
Task: {CDE79DC9-C7E9-4B85-85A0-9B1121F4C960} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [722880 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EA28E2D6-C68D-4D3E-8E34-758E6155D22D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F766CCAB-6ECA-4DE0-8545-FC4EDC38F72E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FA14E47A-7BC6-4589-8B4E-71BA0B8D1CF9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1540544 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FD2DE303-9669-45E4-840A-B5C10F2726C7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [651200 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FE049E36-92EF-4B06-BAFC-E7CF9222432F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{059851B9-9E3F-4809-981B-146338C47CEB}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{25DBF002-AB58-48A9-8C73-C15C146FD4D8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FEB12F56-A3A8-4855-914B-474096C66A63}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
URLSearchHook: HKU\S-1-5-21-3899423591-2164203333-916106544-1000 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -  No File
URLSearchHook: HKU\S-1-5-21-3899423591-2164203333-916106544-1000 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -  No File
SearchScopes: HKU\S-1-5-21-3899423591-2164203333-916106544-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2019-06-03] (Bitdefender SRL -> Bitdefender)
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2019-06-03] (Bitdefender SRL -> Bitdefender)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -  No File

FireFox:
========
FF DefaultProfile: 8udjyvsr.default-1546383147576
FF ProfilePath: C:\Users\CLAUDIA\AppData\Roaming\Mozilla\Firefox\Profiles\8udjyvsr.default-1546383147576 [2019-07-22]
FF Homepage: Mozilla\Firefox\Profiles\8udjyvsr.default-1546383147576 -> hxxps://www.google.com.ar/
FF Extension: (Avast Online Security) - C:\Users\CLAUDIA\AppData\Roaming\Mozilla\Firefox\Profiles\8udjyvsr.default-1546383147576\Extensions\[email protected] [2019-07-19]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2019-03-05]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Extension: (Bitdefender Anti-tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2019-07-01]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2017-09-29] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_207.dll [2019-06-30] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_207.dll [2019-06-30] (Adobe Inc. -> )
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-07-31] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: JFGuide -> C:\Program Files (x86)\NetSurveillance\CMS\npGuide.dll [2016-11-18] () [File not signed]
FF Plugin-x32: JFWeb -> C:\Program Files (x86)\NetSurveillance\CMS\npWebPlugin.dll [2017-02-27] () [File not signed]
FF Plugin HKU\S-1-5-21-3899423591-2164203333-916106544-1000: @tools.google.com/Google Update;version=3 -> C:\Users\CLAUDIA\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-3899423591-2164203333-916106544-1000: @tools.google.com/Google Update;version=9 -> C:\Users\CLAUDIA\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com.ar/
CHR StartupUrls: Default -> "hxxp://www.google.com.ar/"
CHR Profile: C:\Users\CLAUDIA\AppData\Local\Google\Chrome\User Data\Default [2019-07-22]
CHR Extension: (Presentaciones) - C:\Users\CLAUDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Documentos) - C:\Users\CLAUDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\CLAUDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\CLAUDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-18]
CHR Extension: (File Converter - By Online-Convert.com) - C:\Users\CLAUDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfhgjcpnkofndjpgimpgmkgmgfkmlan [2019-02-21]
CHR Extension: (Adobe Acrobat) - C:\Users\CLAUDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-11]
CHR Extension: (Hojas de cálculo) - C:\Users\CLAUDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (NavegaTV) - C:\Users\CLAUDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnldlnogdgpgnepocacgmeilijjfnjmn [2018-01-21]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\CLAUDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-25]
CHR Extension: (AdBlock) - C:\Users\CLAUDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-07-10]
CHR Extension: (Avast Online Security) - C:\Users\CLAUDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-19]
CHR Extension: (Cuevana Full Downloader) - C:\Users\CLAUDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\joplgpkbfbcdjidogkikhdbddahjclpc [2018-01-14]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\CLAUDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2019-07-10]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\CLAUDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\CLAUDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-08]
CHR Extension: (Chrome Media Router) - C:\Users\CLAUDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-14]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\vpnservice.exe [322432 2019-03-25] (AnchorFree Inc -> AnchorFree Inc.)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [783816 2019-06-03] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195320 2018-09-25] (Bitdefender SRL -> Bitdefender)
R2 BdVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [96568 2019-04-11] (Bitdefender SRL -> Bitdefender)
R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [95520 2019-03-28] (Bitdefender SRL -> Bitdefender)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] (Canon Inc. -> )
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109024 2017-11-08] (Panda Security S.L. -> Panda Security, S.L.)
S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-19] (AnchorFree Inc -> )
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 panda_url_filtering; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [287752 2015-10-02] (Visicom Media Inc. -> Visicom Media Inc.)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2120168 2019-06-13] (Plex, Inc -> Plex, Inc.)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1294448 2019-05-14] (Bitdefender SRL -> Bitdefender)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2018-05-30] (Panda Security S.L. -> Panda Security, S.L.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [119944 2019-06-03] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe [805232 2019-06-03] (Bitdefender SRL -> Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aftap0901; C:\Windows\System32\DRIVERS\aftap0901.sys [48624 2018-06-15] (AnchorFree Inc -> The OpenVPN Project)
R1 atc; C:\Windows\System32\DRIVERS\atc.sys [1534688 2019-06-03] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\Windows\System32\DRIVERS\bddci.sys [395728 2019-06-03] (Bitdefender SRL -> Bitdefender)
R0 bdprivmon; C:\Windows\System32\DRIVERS\bdprivmon.sys [46056 2019-06-03] (Bitdefender SRL -> © Bitdefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [96448 2018-05-24] (Bitdefender SRL -> BitDefender)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [120416 2017-03-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
R1 Gemma; C:\Windows\System32\DRIVERS\Gemma.sys [374632 2019-03-05] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [188384 2019-06-03] (Bitdefender SRL -> BitDefender LLC)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 Ignis; C:\Windows\System32\DRIVERS\ignis.sys [196392 2019-04-08] (Bitdefender SRL -> Bitdefender)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-07-22] (Malwarebytes Corporation -> Malwarebytes)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [107848 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [212360 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [121232 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [126352 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [94392 2017-09-18] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [118136 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [85176 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [135640 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [337520 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [249976 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [123304 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [281912 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [125840 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [190552 2017-11-08] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [153176 2018-01-23] (Panda Security S.L. -> Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [206424 2018-01-30] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [146976 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [159312 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [129448 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
U3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [72280 2017-05-22] (Panda Security S.L. -> Panda Security, S.L.)
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1528976 2013-03-06] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [213088 2017-03-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [610640 2019-03-05] (Bitdefender SRL -> Bitdefender)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
U3 aswbdisk; no ImagePath
U3 aswblog; no ImagePath
S3 panda_url_filteringd; \??\C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-22 21:56 - 2019-07-22 21:56 - 000004298 _____ C:\Users\CLAUDIA\Desktop\JRT.txt
2019-07-22 21:50 - 2017-05-22 07:29 - 000072280 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2019-07-22 21:44 - 2019-07-22 21:52 - 000000000 ____D C:\Users\CLAUDIA\AppData\LocalLow\uTorrent
2019-07-22 21:23 - 2019-07-22 21:23 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-07-22 21:13 - 2019-07-22 21:59 - 000000000 ____D C:\FRST
2019-07-22 21:12 - 2019-07-22 21:48 - 000000000 ____D C:\AdwCleaner
2019-07-22 20:38 - 2019-07-22 20:45 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-07-22 20:38 - 2019-07-22 20:38 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-22 20:38 - 2019-07-22 20:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-21 17:59 - 2019-07-21 17:59 - 000003560 ____N C:\bootsqm.dat
2019-07-20 14:25 - 2019-07-21 16:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-06-30 20:45 - 2019-06-30 20:45 - 000004458 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-06-30 20:35 - 2019-06-30 20:35 - 000057681 _____ C:\Users\CLAUDIA\Downloads\cupon_canje13763(1)
2019-06-30 20:34 - 2019-06-30 20:34 - 000057681 _____ C:\Users\CLAUDIA\Downloads\cupon_canje13763.pdf
2019-06-30 00:37 - 2019-07-14 17:13 - 000000000 ____D C:\Users\CLAUDIA\AppData\Roaming\Soda Player
2019-06-30 00:37 - 2019-06-30 00:37 - 000000000 ____D C:\Users\CLAUDIA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soda Player
2019-06-30 00:36 - 2019-06-30 00:37 - 000000000 ____D C:\Users\CLAUDIA\AppData\Local\sodaplayer
2019-06-29 16:13 - 2019-06-29 16:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2019-06-29 15:52 - 2019-06-29 15:52 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-06-29 15:49 - 2019-06-29 15:49 - 000000000 ____D C:\Program Files (x86)\Plex
2019-06-29 03:28 - 2019-06-29 03:54 - 000000000 ____D C:\Users\CLAUDIA\AppData\Local\PlexMediaPlayer
2019-06-29 03:28 - 2019-06-29 03:28 - 000000000 ____D C:\Users\CLAUDIA\AppData\Local\cache
2019-06-29 03:27 - 2019-06-29 03:27 - 000000000 ____D C:\Program Files\Plex
2019-06-29 01:05 - 2019-06-29 15:52 - 000000000 ____D C:\Users\CLAUDIA\AppData\Local\Plex Media Server
2019-06-29 01:00 - 2019-06-29 01:01 - 081391472 _____ (Plex, Inc.) C:\Users\CLAUDIA\Downloads\PlexMediaServer-1.16.0.1226-7eb2c8f6f-x86.exe
2019-06-29 00:45 - 2019-06-29 00:46 - 038911168 _____ C:\Users\CLAUDIA\Downloads\vlc-3.0.0-win32.exe
2019-06-25 00:43 - 2019-06-25 00:43 - 000074428 _____ C:\ProgramData\agent.update.1561434168.bdinstall.v2.bin

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-22 21:59 - 2019-01-02 17:45 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-07-22 21:59 - 2009-07-14 01:45 - 000017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-22 21:59 - 2009-07-14 01:45 - 000017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-22 21:54 - 2017-05-18 11:22 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-22 21:53 - 2017-06-05 00:26 - 000000000 ____D C:\Users\CLAUDIA\AppData\LocalLow\Mozilla
2019-07-22 21:52 - 2017-11-06 01:50 - 000003648 _____ C:\Windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2019-07-22 21:52 - 2017-06-01 00:23 - 000000000 ____D C:\Users\CLAUDIA\AppData\Roaming\uTorrent
2019-07-22 21:50 - 2019-03-01 18:44 - 000000000 ____D C:\Users\CLAUDIA\AppData\Local\BitTorrentHelper
2019-07-22 21:50 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-22 21:49 - 2017-11-06 03:02 - 000179133 _____ C:\bdlog.txt
2019-07-22 21:23 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2019-07-21 16:42 - 2017-06-01 00:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-20 15:09 - 2017-05-22 22:05 - 000000000 ____D C:\Windows\Minidump
2019-07-17 08:47 - 2017-05-18 09:37 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-14 17:26 - 2019-02-24 18:04 - 000000000 ____D C:\Users\CLAUDIA\AppData\Local\Videostream
2019-07-14 17:06 - 2017-06-05 01:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2019-06-30 20:45 - 2017-09-05 03:08 - 000000000 ____D C:\Windows\system32\Macromed
2019-06-30 20:45 - 2017-05-18 11:38 - 000000000 ____D C:\Users\CLAUDIA\AppData\Local\Adobe
2019-06-30 20:45 - 2017-05-18 08:47 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-06-30 20:45 - 2017-05-18 08:47 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-06-30 20:45 - 2017-05-18 08:47 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-06-30 04:39 - 2019-02-24 18:04 - 000000000 ____D C:\Users\CLAUDIA\AppData\Local\SquirrelTemp
2019-06-30 00:34 - 2017-05-18 08:53 - 000000000 ____D C:\Users\CLAUDIA\AppData\Roaming\vlc
2019-06-29 16:14 - 2017-05-18 11:18 - 000000000 ____D C:\ProgramData\Package Cache
2019-06-29 15:52 - 2017-06-25 19:29 - 000000000 ____D C:\Users\CLAUDIA\AppData\Local\Apple Computer
2019-06-29 15:52 - 2017-06-25 19:27 - 000000000 ____D C:\Users\CLAUDIA\AppData\Roaming\Apple Computer
2019-06-29 03:58 - 2017-07-31 14:37 - 000000000 ____D C:\Users\CLAUDIA\AppData\Local\CrashDumps
2019-06-29 00:48 - 2017-07-02 20:51 - 000001066 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-06-25 00:43 - 2017-11-06 01:48 - 000000000 ____D C:\Program Files\Bitdefender Agent
2019-06-24 12:11 - 2009-07-14 06:31 - 000747720 _____ C:\Windows\system32\perfh00A.dat
2019-06-24 12:11 - 2009-07-14 06:31 - 000159192 _____ C:\Windows\system32\perfc00A.dat
2019-06-24 12:11 - 2009-07-14 02:13 - 001678218 _____ C:\Windows\system32\PerfStringBackup.INI

==================== Files in the root of some directories ================

2019-06-13 15:49 - 2019-06-13 15:49 - 000035936 _____ () C:\Users\CLAUDIA\AppData\Roaming\Valores separados por comas (Windows).ADR
2019-06-01 20:59 - 2019-06-01 21:02 - 000005632 _____ () C:\Users\CLAUDIA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-28 11:01 - 2017-07-28 11:01 - 000000085 _____ () C:\Users\CLAUDIA\AppData\Local\Lockdir6

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-07-19 10:54
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by CLAUDIA (22-07-2019 22:00:41)
Running from F:\Datos de usuario (C)\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2017-05-17 21:55:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3899423591-2164203333-916106544-500 - Administrator - Disabled)
CLAUDIA (S-1-5-21-3899423591-2164203333-916106544-1000 - Administrator - Enabled) => C:\Users\CLAUDIA
HomeGroupUser$ (S-1-5-21-3899423591-2164203333-916106544-1008 - Limited - Enabled)
Invitado (S-1-5-21-3899423591-2164203333-916106544-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Panda Dome (Disabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender Antivirus (Disabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Dome (Disabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}
AS: Bitdefender Antispyware (Disabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
FW: Bitdefender Cortafuego (Disabled) {362C5A58-E860-6396-9204-BEEEF20CA463}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3899423591-2164203333-916106544-1000\...\uTorrent) (Version: 3.5.5.45291 - BitTorrent Inc.)
A Sharper Scaling version 1.2 (HKLM-x32\...\{7CFADE53-9599-48C5-9FE3-689E56C1D96B}_is1) (Version: 1.2 - )
Actualización de NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.207 - Adobe)
Amazon Kindle (HKU\S-1-5-21-3899423591-2164203333-916106544-1000\...\Amazon Kindle) (Version: 1.26.0.55076 - Amazon)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden
A-PDF Page Cut (HKLM-x32\...\A-PDF Page Cut_is1) (Version:  - A-PDF Solution)
Apowersoft Online Launcher versión 1.7.1 (HKU\S-1-5-21-3899423591-2164203333-916106544-1000\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.1 - APOWERSOFT LIMITED)
Apple Application Support (32 bits) (HKLM-x32\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.25.59 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 23.0.22.104 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 22.0.12.161 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 23.0.8.665 - Bitdefender)
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CanoScan LiDE 100 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2413) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.6795 - CDBurnerXP)
Complemento Guardar como PDF o XPS de Microsoft para programas de Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0C0A-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
eMule (HKLM-x32\...\eMule) (Version:  - )
Epubor Ultimate (HKLM-x32\...\Epubor Ultimate) (Version: 3.0.10.508 - Epubor Inc.)
FormatFactory 4.5.5.0 (HKLM-x32\...\FormatFactory) (Version: 4.5.5.0 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Photos Backup (HKU\S-1-5-21-3899423591-2164203333-916106544-1000\...\Google Photos Backup) (Version: 1.1.4.11 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HP LaserJet P1000 series (HKLM-x32\...\HP LaserJet P1000 series) (Version:  - )
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Inkjet Printer/Scanner Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Mozilla Firefox 68.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 68.0.1 (x64 es-ES)) (Version: 68.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
Mozilla Thunderbird 60.8.0 (x86 es-ES) (HKLM-x32\...\Mozilla Thunderbird 60.8.0 (x86 es-ES)) (Version: 60.8.0 - Mozilla)
MrvlUsgTracking (HKLM-x32\...\{A82D052A-0806-42DF-80CD-1730A1AC0ED3}) (Version: 1.0.7 - Marvell)
MrvlUsgTracking64 (HKLM\...\{42F0FD29-7EB3-4CAA-AF10-BC2619B96D80}) (Version: 1.0.1 - Marvell Semiconductor Pvt Ltd)
Nero 8.3.2.1 (HKLM-x32\...\Nero8WinuE_is1) (Version: 8.3.2.1 - Bj @ WinuE)
NetSurveillance (HKLM-x32\...\NetSurveillance) (Version:  - )
NVIDIA Controlador de 3D Vision 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.9.0.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.97 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
Panda Devices Agent (HKLM-x32\...\{DB0164A2-ADE9-4FEE-B080-D506BDD6427F}) (Version: 1.08.09 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.09 - Panda Security) Hidden
Panda Dome (HKLM\...\{DC22166B-6F26-4E2E-BFDE-CC3578246940}) (Version: 9.14.00 - Panda Security) Hidden
Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 18.6.0 - Panda Security)
Panda Security Toolbar (HKLM-x32\...\pandasecuritytb) (Version: 4.3.1.9 - Panda Security and Visicom Media Inc.)
Panel de control de NVIDIA 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.05 - NVIDIA Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plex Media Server (HKLM-x32\...\{017EC936-F40B-46B4-B4F3-780FA47060B3}) (Version: 1.16.1226 - Plex, Inc.) Hidden
Plex Media Server (HKLM-x32\...\{3185722c-8e5f-42f5-a135-7bc633e77ee4}) (Version: 1.16.0.1226 - Plex, Inc.)
Popcorn-Time (HKU\S-1-5-21-3899423591-2164203333-916106544-1000\...\Popcorn-Time) (Version: 0.3.10 - Popcorn Time)
QuickTime (HKLM-x32\...\{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}) (Version: 7.66.71.0 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.101.714.2016 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.39 - Piriform)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
Soda Player (HKU\S-1-5-21-3899423591-2164203333-916106544-1000\...\sodaplayer) (Version: 1.4.2 - Soda Player)
Stopping Plex (HKLM-x32\...\{C3FA8D60-EF35-4946-944D-91CD68AFA109}) (Version: 1.16.1226 - Plex, Inc.) Hidden
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version:  - )
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Videostream (HKU\S-1-5-21-3899423591-2164203333-916106544-1000\...\Videostream) (Version: 0.3.5 - Videostream)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.0 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3899423591-2164203333-916106544-1000_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\CLAUDIA\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3899423591-2164203333-916106544-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\CLAUDIA\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_105.dll [2018-11-28] (Free Time) [File not signed]
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2009-12-12] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2009-12-12] () [File not signed]
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_105.dll [2018-11-28] (Free Time) [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2009-12-12] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2009-12-12] () [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2009-12-12] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2009-12-12] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-05-18 08:47 - 2009-12-12 15:12 - 000052224 _____ () [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll
2017-10-18 18:51 - 2017-10-18 18:51 - 000598528 _____ () [File not signed] C:\ProgramData\MEGAsync\ShellExtX64.dll
2018-11-28 21:55 - 2018-11-28 21:55 - 000302080 _____ (Free Time) [File not signed] C:\Program Files (x86)\FormatFactory\ShellEx64_105.dll
2018-02-12 21:56 - 2017-09-27 17:30 - 000489984 _____ (Newtonsoft) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\Newtonsoft.Json.dll
2017-05-18 11:22 - 2017-05-01 17:14 - 000339072 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\_nvstapisvr64.dll
2018-02-12 21:55 - 2018-01-26 17:08 - 000088064 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppCollect.dll
2018-02-12 21:55 - 2018-01-26 17:08 - 000200192 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppCommon.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3899423591-2164203333-916106544-1000\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:34 - 2019-07-22 21:50 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3899423591-2164203333-916106544-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\CLAUDIA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Google Update => C:\Users\CLAUDIA\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateCore.exe
MSCONFIG\startupreg: GoogleChromeAutoLaunch_9506BAA3F065E2036F5E300ED2152B14 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
MSCONFIG\startupreg: PSUAMain => "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E803ABAC-5210-404D-B358-587946FA2C5D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0FEC3A22-E2B7-438A-8734-9C0A1F6124A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C527DED8-BD68-4416-8B23-A90C8856D061}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ED31F8DD-96BA-462E-8867-B865ADB3DA13}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9D3A6BF3-47F8-4A1D-AE66-943993D242F6}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE (Microsoft Windows Hardware Compatibility Publisher -> Software 2000 Limited)
FirewallRules: [{17DF89DE-12A4-4425-B979-CB4519B7250C}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE (Microsoft Windows Hardware Compatibility Publisher -> Software 2000 Limited)
FirewallRules: [{14776270-9F17-4449-AC52-FC615C4F02F6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7A009CB1-EEC7-4769-8279-B0203E18D891}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{3625FBC5-CC6F-4452-BE56-453428C1E4EA}C:\users\claudia\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\claudia\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [UDP Query User{8CAEBD03-3E10-4C93-BF5E-811A79A0DD5C}C:\users\claudia\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\claudia\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [{97A5B695-B21F-4C8B-8187-E814452313AC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A7C35E7E-BD16-45D5-B726-0AC42C806C99}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{FBE36C9C-B67F-4447-AAE0-F3C8C9370311}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D82C3246-84AD-41B3-A9F5-3264C6419E95}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{EAB69103-11E2-48A9-A71F-0BBFCE630008}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ABBDEA1B-7E98-4344-A13C-FEDC6EB48117}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8BB03483-9712-42F8-8FF0-5D3694B6D672}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{910108FB-A6E4-41C2-9132-72C7D98CCEFF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{327B6D80-6073-4567-8736-8BF042F3861A}F:\datos de usuario (c)\claudia\programas\emule0.50a\emule.exe] => (Block) F:\datos de usuario (c)\claudia\programas\emule0.50a\emule.exe (hxxp://www.emule-project.net) [File not signed]
FirewallRules: [UDP Query User{9005E94C-5490-4BEB-98B3-09F72CBD63C2}F:\datos de usuario (c)\claudia\programas\emule0.50a\emule.exe] => (Block) F:\datos de usuario (c)\claudia\programas\emule0.50a\emule.exe (hxxp://www.emule-project.net) [File not signed]
FirewallRules: [{8CFCEFED-A89B-45C8-AB1F-C3E65F1841EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{BA4AFB2F-4409-4110-AA09-D5AA464A979A}F:\datos de usuario (c)\claudia\programas\emule0.50a\emule.exe] => (Allow) F:\datos de usuario (c)\claudia\programas\emule0.50a\emule.exe (hxxp://www.emule-project.net) [File not signed]
FirewallRules: [UDP Query User{42FBA3D9-7434-4B03-8AF7-6146BF24904E}F:\datos de usuario (c)\claudia\programas\emule0.50a\emule.exe] => (Allow) F:\datos de usuario (c)\claudia\programas\emule0.50a\emule.exe (hxxp://www.emule-project.net) [File not signed]
FirewallRules: [{2EB5D644-E53E-47A6-817F-A674E15E28B8}] => (Allow) C:\Users\CLAUDIA\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1210D07B-6096-44A6-BD63-D5797D5E721A}] => (Allow) C:\Users\CLAUDIA\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{3A203287-4946-40C5-9684-50AC12549645}] => (Allow) C:\Users\CLAUDIA\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{BA54FEAF-F51F-4403-9B43-A6752360353B}] => (Allow) C:\Users\CLAUDIA\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{944C390F-C2FA-48E9-8E7A-614CB3CE7935}] => (Allow) C:\Users\CLAUDIA\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{81DBE12A-968D-4CCB-9130-EBC2F88FD388}] => (Allow) C:\Users\CLAUDIA\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{038E7012-AD9E-4341-9482-34F721AED35F}] => (Allow) C:\Users\CLAUDIA\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E8565D09-A567-4D51-95FB-3428A57D0D72}] => (Allow) C:\Users\CLAUDIA\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{55BA2EFC-814B-4567-9EC3-106F546FE45F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{B28522AB-3171-4D79-8F79-133024A37AC5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{01D8CF52-B0B5-4A7E-946D-F6D81B7F2475}] => (Allow) C:\Users\CLAUDIA\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{D331E736-77BC-488B-9EAA-EE23D2F0AD65}] => (Allow) C:\Users\CLAUDIA\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{19298CD7-84AE-4DDE-A089-5D50983B09E8}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{A4F472B4-7680-4424-86AF-58E63C828703}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{B72A5D86-2465-449A-8AB2-663963D79544}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{33442AC4-2C49-4997-A5EC-6468DAE8F5D3}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{EAC3C875-9F99-4541-B893-CC64536B412B}] => (Allow) LPort=5556
FirewallRules: [{8EBE37A7-C6B7-46AD-8C04-573C75E213BE}] => (Allow) LPort=5557
FirewallRules: [TCP Query User{C981A32C-D36E-431E-811A-9173C34D6654}C:\users\claudia\appdata\local\videostream\app-0.3.5\videostream-native\videostream-native.exe] => (Allow) C:\users\claudia\appdata\local\videostream\app-0.3.5\videostream-native\videostream-native.exe (Groupnotes, Inc. -> )
FirewallRules: [UDP Query User{9420E745-9B85-4664-84B2-F430D0D9E7B2}C:\users\claudia\appdata\local\videostream\app-0.3.5\videostream-native\videostream-native.exe] => (Allow) C:\users\claudia\appdata\local\videostream\app-0.3.5\videostream-native\videostream-native.exe (Groupnotes, Inc. -> )
FirewallRules: [{FD8373D6-1789-4B6B-956A-BBCAD26D5A8E}] => (Block) C:\users\claudia\appdata\local\videostream\app-0.3.5\videostream-native\videostream-native.exe (Groupnotes, Inc. -> )
FirewallRules: [{993BF8E4-4DAB-4B59-9BF8-B2003AEC1D0D}] => (Block) C:\users\claudia\appdata\local\videostream\app-0.3.5\videostream-native\videostream-native.exe (Groupnotes, Inc. -> )
FirewallRules: [{7CE7C282-44B1-4174-8FCF-BECE51B1777F}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [{7E9BB725-8074-4AE3-99B1-0213749D7289}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc -> Python Software Foundation)
FirewallRules: [{13CFBE69-2CAF-4BDD-B5C4-656843FA85D6}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [{23AE29C8-C241-41E7-8C19-43671A907E1F}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc -> )
FirewallRules: [{431040CA-2ABF-4957-B353-6F50ED90DA97}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

19-07-2019 11:01:17 Punto de control programado
22-07-2019 21:54:22 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: Adaptador de tunelización Teredo de Microsoft
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Controladora de bus serie universal(USB)
Description: Controladora de bus serie universal(USB)
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Controladora simple de comunicaciones PCI
Description: Controladora simple de comunicaciones PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/22/2019 09:16:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa thunderbird.exe, versión 60.8.0.7123, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador de proceso: 1bf4

Hora de inicio: 01d540db7ade35f0

Hora de finalización: 437

Ruta de acceso de la aplicación: C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

Identificador de informe:

Error: (07/22/2019 09:16:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa seccenter.exe, versión 23.0.24.122, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador de proceso: 1a90

Hora de inicio: 01d540e18bd1c374

Hora de finalización: 281

Ruta de acceso de la aplicación: C:\Program Files\Bitdefender\Bitdefender Security\seccenter.exe

Identificador de informe: 1bd70e22-acdf-11e9-b48f-d43d7e96eef1


System errors:
=============
Error: (07/22/2019 09:54:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (07/22/2019 09:54:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 1000 milisegundos: Reiniciar el servicio.

Error: (07/22/2019 09:49:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio debido a un error en el inicio de sesión.

Error: (07/22/2019 09:49:16 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: El servicio WMPNetworkSvc no se pudo iniciarse como NT AUTHORITY\NetworkService con la contraseña configurada actualmente debido al siguiente error: 
Solicitud no compatible.


Para asegurarse de que el servicio esté correctamente configurado, use el complemento Servicios en Microsoft Management Console (MMC).

Error: (07/22/2019 09:48:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Protección de software terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.

Error: (07/22/2019 09:48:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (07/22/2019 09:48:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Servicio VPN de Bitdefender se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (07/22/2019 09:48:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Wondershare Application Framework Service se terminó de manera inesperada. Esto ha sucedido 1 veces.


CodeIntegrity:
===================================

Date: 2018-10-17 23:29:41.283
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-10-17 23:29:41.252
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-10-17 23:29:41.221
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-10-17 23:29:41.190
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-10-17 23:28:35.287
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-10-17 23:28:35.255
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-10-17 23:28:35.224
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-10-17 23:28:35.193
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. V1.4 01/21/2013
Motherboard: MSI B75MA-P33 (MS-7808)
Processor: Intel(R) Pentium(R) CPU G2030 @ 3.00GHz
Percentage of memory in use: 79%
Total physical RAM: 4026.95 MB
Available physical RAM: 841.88 MB
Total Virtual: 8052.04 MB
Available Virtual: 4398.61 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:253.81 GB) (Free:196.71 GB) NTFS
Drive d: () (Fixed) (Total:677.6 GB) (Free:118.69 GB) NTFS
Drive f: (Disco) (Fixed) (Total:1862.89 GB) (Free:30.52 GB) NTFS

\\?\Volume{016367c4-3b4a-11e7-89c7-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 00061AC3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=253.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=677.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Creo que subí todos los informes. Veo como funciona PC y te comento. Gracias Saludos

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
HKU\S-1-5-18\...\RunOnce: [panda] => reg.exe delete "HKCU\Software\AppDataLow\Software\panda" /f
HKU\S-1-5-18\...\RunOnce: [panda_XP] => reg.exe delete "HKCU\Software\panda" /f
Startup: C:\Users\CLAUDIA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BdBkpFolder [2019-02-20] ()
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
GroupPolicyScripts-x32: Restriction <==== ATTENTION
Task: {0AC80924-AC81-4AE0-9498-ADC4AE440D0B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0DFA41C2-5811-46D7-A51F-0E6E1DAC6386} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0FA76392-D620-476A-9C1A-516554E21F25} - System32\Tasks\{380CB5D4-0871-4ECF-A2DB-7B2397D340B6} => C:\Windows\system32\pcalua.exe -a "F:\Datos de usuario (C)\Desktop\FacebookGameroom.exe" -d "F:\Datos de usuario (C)\Desktop"
Task: {76646AA0-E449-4C13-9BD0-B20E44A95C59} - System32\Tasks\{879160F6-597C-4E4B-BAD3-C3EA92AB3043} => F:\Datos de usuario (C)\Desktop\Ripiar Subtit\Pegar Sub\PocketDivXEncoder_0.3.96.exe
Task: {9BAFC1E4-3652-4474-9F41-098435216299} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-05] (AVAST Software s.r.o. -> AVAST Software)
URLSearchHook: HKU\S-1-5-21-3899423591-2164203333-916106544-1000 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - No File
URLSearchHook: HKU\S-1-5-21-3899423591-2164203333-916106544-1000 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - No File
SearchScopes: HKU\S-1-5-21-3899423591-2164203333-916106544-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN -> VideoLAN)
U3 aswbdisk; no ImagePath
U3 aswblog; no ImagePath
S3 panda_url_filteringd; \??\C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora inicia tu equipo desde el :arrow_forward: Modo Seguro – con funciones de Red, de Windows

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by CLAUDIA (25-07-2019 15:26:46) Run:1
Running from F:\Datos de usuario (C)\Desktop
Loaded Profiles: CLAUDIA (Available Profiles: CLAUDIA)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
START

CREATERESTOREPOINT:

CLOSEPROCESSES:

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File

HKU\S-1-5-18\...\RunOnce: [panda] => reg.exe delete "HKCU\Software\AppDataLow\Software\panda" /f

HKU\S-1-5-18\...\RunOnce: [panda_XP] => reg.exe delete "HKCU\Software\panda" /f

Startup: C:\Users\CLAUDIA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BdBkpFolder [2019-02-20] ()

GroupPolicy: Restriction ? <==== ATTENTION

GroupPolicyScripts: Restriction <==== ATTENTION

GroupPolicyScripts-x32: Restriction <==== ATTENTION

Task: {0AC80924-AC81-4AE0-9498-ADC4AE440D0B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {0DFA41C2-5811-46D7-A51F-0E6E1DAC6386} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {0FA76392-D620-476A-9C1A-516554E21F25} - System32\Tasks\{380CB5D4-0871-4ECF-A2DB-7B2397D340B6} => C:\Windows\system32\pcalua.exe -a "F:\Datos de usuario (C)\Desktop\FacebookGameroom.exe" -d "F:\Datos de usuario (C)\Desktop"

Task: {76646AA0-E449-4C13-9BD0-B20E44A95C59} - System32\Tasks\{879160F6-597C-4E4B-BAD3-C3EA92AB3043} => F:\Datos de usuario (C)\Desktop\Ripiar Subtit\Pegar Sub\PocketDivXEncoder_0.3.96.exe

Task: {9BAFC1E4-3652-4474-9F41-098435216299} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-05] (AVAST Software s.r.o. -> AVAST Software)

URLSearchHook: HKU\S-1-5-21-3899423591-2164203333-916106544-1000 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - No File

URLSearchHook: HKU\S-1-5-21-3899423591-2164203333-916106544-1000 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - No File

SearchScopes: HKU\S-1-5-21-3899423591-2164203333-916106544-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear

Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - No File

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN -> VideoLAN)

U3 aswbdisk; no ImagePath

U3 aswblog; no ImagePath

S3 panda_url_filteringd; \??\C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [X]

S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]

S3 tsusbhub; system32\drivers\tsusbhub.sys [X]

S3 VGPU; System32\drivers\rdvgkmd.sys [X]

HOSTS:

REMOVEPROXY:

EMPTYTEMP:

CMD: netsh winsock reset

CMD: ipconfig /renew

CMD: ipconfig /flushdns

CMD: bitsadmin /reset /allusers

CMD: netsh advfirewall reset

CMD: netsh advfirewall set allprofiles state ON

CMD: netsh int ipv4 reset

CMD: netsh int ipv6 reset

END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\panda" => removed successfully
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\panda_XP" => removed successfully
Could not move "C:\Users\CLAUDIA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BdBkpFolder" => Scheduled to move on reboot.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"C:\Windows\system32\GroupPolicy\Machine" => not found
C:\Windows\SysWOW64\GroupPolicy\Machine => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{0AC80924-AC81-4AE0-9498-ADC4AE440D0B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AC80924-AC81-4AE0-9498-ADC4AE440D0B}" => removed successfully
C:\Windows\System32\Tasks\CCleaner Update => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Update" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0DFA41C2-5811-46D7-A51F-0E6E1DAC6386}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0DFA41C2-5811-46D7-A51F-0E6E1DAC6386}" => removed successfully
C:\Windows\System32\Tasks\CCleanerSkipUAC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0FA76392-D620-476A-9C1A-516554E21F25}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FA76392-D620-476A-9C1A-516554E21F25}" => removed successfully
C:\Windows\System32\Tasks\{380CB5D4-0871-4ECF-A2DB-7B2397D340B6} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{380CB5D4-0871-4ECF-A2DB-7B2397D340B6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{76646AA0-E449-4C13-9BD0-B20E44A95C59}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76646AA0-E449-4C13-9BD0-B20E44A95C59}" => removed successfully
C:\Windows\System32\Tasks\{879160F6-597C-4E4B-BAD3-C3EA92AB3043} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{879160F6-597C-4E4B-BAD3-C3EA92AB3043}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{9BAFC1E4-3652-4474-9F41-098435216299}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BAFC1E4-3652-4474-9F41-098435216299}" => removed successfully
C:\Windows\System32\Tasks\Avast Software\Overseer => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => removed successfully
"HKU\S-1-5-21-3899423591-2164203333-916106544-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => removed successfully
HKLM\Software\Classes\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => removed successfully
"HKU\S-1-5-21-3899423591-2164203333-916106544-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => not found
HKU\S-1-5-21-3899423591-2164203333-916106544-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => removed successfully
HKLM\Software\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => removed successfully
HKLM\Software\Classes\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => not found
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN" => not found
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully
aswbdisk => service removed successfully
HKLM\System\CurrentControlSet\Services\aswblog => removed successfully
aswblog => service removed successfully
HKLM\System\CurrentControlSet\Services\panda_url_filteringd => removed successfully
panda_url_filteringd => service removed successfully
HKLM\System\CurrentControlSet\Services\Synth3dVsc => removed successfully
Synth3dVsc => service removed successfully
HKLM\System\CurrentControlSet\Services\tsusbhub => removed successfully
tsusbhub => service removed successfully
HKLM\System\CurrentControlSet\Services\VGPU => removed successfully
VGPU => service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3899423591-2164203333-916106544-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3899423591-2164203333-916106544-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local mientras los medios
est‚n desconectados.

Adaptador de Ethernet Conexi¢n de  rea local 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::a995:76d0:5c7f:7d7b%11
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.118
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de Ethernet Conexi¢n de  rea local:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18358529 B
Java, Flash, Steam htmlcache => 524 B
Windows/system/drivers => 151268 B
Edge => 0 B
Chrome => 105749125 B
Firefox => 79120093 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 4339027 B
systemprofile32 => 2096276 B
LocalService => 132244 B
NetworkService => 66228 B
CLAUDIA => 3223945 B

RecycleBin => 0 B
EmptyTemp: => 203.4 MB temporary data Removed.

================================

Parece funcionar un poco mas fluidamente. a dejarla sin actividad un buen rato, para ver si se solucionó el tema del congelamientpost inactividad y te cuento. Gracias Saludos Claudia

Hola Javier, esta funcionando bastante mejor. Gracias

Hola @liccid.

Una pregunta, dijiste que de antivirus tenias instalado el BitDefendeer, pero… además de ese YO veo otro antivirus instalado en tu equipo :

AV: Panda Dome (Disabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}
AS: Panda Dome (Disabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}

El tener más de un antivirus instalado en TU equipo es otro de los motivos que hacen que un equipo se ralentice y además es muy conflictivo :arrow_right: ¿Por qué no es bueno usar dos antivirus a la vez?

Entiendo que el antivirus de Panda lo tendrias anteriormente instalado e intentaste quitarlo pero se quedaron bastantes restos y elementos funcionando. :thinking:

Confirmame para que te de mas indicaciones.

Saludos.

Hola, si es así, lo utilicé para hacer un control de infecciones con un antivirus que no fuera el que uso habitualmente. Me indicas cómo eliminarlo del todo? Gracias Saludos

Hola.

Perfecto. :+1:

Entonces debes utilizar la :arrow_right: Herramientas de desinstalación de Antivirus, AntiSpyware y Firewall, especifica para desinstalarlo correctamente.

En el caso de Panda verás que existen DOS herramientas, úsalas las DOS, cuando uses la primera debes REINICIAR el equipo y luego usar la segunda y volver a REINICIAR.

Cuando termines los pasos nos comentas los resultados y como sigue TU equipo en relación al problema planteado.

Saludos.

Hola Javier, ya hice todo. La PC anda bastante mejor. Muchas gracias. Saludos

1 me gusta

rfecto, :+1: nos alegra que todo vaya bien, ahora vamos eliminar las herramientas usadas.

Sigue estos pasos :

  • Descarga :arrow_forward: DelFix.exe en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Marca todas las casillas.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), copia y pega ese informe en tu próxima respuesta.

Y nos comentas como sigue el problema inicialmente planteado. :face_with_monocle:

Saludos.

# DelFix v1.013 - Logfile created 30/07/2019 at 19:43:57
# Updated 17/04/2016 by Xplode
# Username : CLAUDIA - CLAUDIA-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #106 [Punto de control programado | 07/19/2019 14:01:17]
Deleted : RP #107 [JRT Pre-Junkware Removal | 07/23/2019 00:54:22]
Deleted : RP #108 [JRT Pre-Junkware Removal | 07/23/2019 01:24:43]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########

Te mando el informe .La PC anda bastante mejor. Gracias por el tiempo dedicado. Saludos

Perfecto. :clap:

Y ahora para que optimices lo mejor posible tu equipo, sigue estos pasos :arrow_right: Liberar espacios en Discos y Particiones , los primeros pasos que se explican en él que son validos para tu Windows 7.

Al terminarlos REINICIAS el equipo y comentas resultados.

Saludos.

1 me gusta

Hecho!!! PC está funcionando mucho mejor. Muchas gracias !!!

Excelente… :clap: Nos alegra ver que YA están tus problemas arreglados. :+1:


Para cualquier otro problema, no dudes en volver a postear., ya sabes dónde estamos. :+1:

Tema Solucionado.

Saludos, Javier.

1 me gusta