Hola, Con windows 8.1 no puede finalizar el proceso de actualizaciones, dando el mensaje: No hemos podido completar las actualizaciones Deshaciendo cambios No apague el equipo El proceso se repite tantas veces como intente actualizar. He leido que apagando internet o desactivando el antivirus, pero necesitaba una orientacion, un saludo.rs
Hola
Prueba con este solucionador automático_:
https://support.microsoft.com/es-es/help/4027322/windows-update-troubleshooter
Lo ejecutas y reinicias el pc y compruebas de nuevo
Comentas
Hola He probado el solucionador automático y cuando ha terminado, el informe emitido decía que no había podido resolver el problema de las actualizaciones, no obstante he reiniciado y he visto que todavía están pendientes las actualizaciones como de podía predecir a la vista del informe emitido.
Descarga al Escritorio la siguiente utilidad, la ejecutas, pulsas boton Clean y reinicias el pc y compruebas
https://www.majorgeeks.com/files/details/windows_update_cache_cleaner.html
Hola,
Realizada la ultima instruccion y una vez reiniciando el equipo no se ha solucionado, ademas el informe de majorgeeks decía que no sw había encontrado nada en windows update, lamentablemente el problema persiste
Veamos primero que no tengas Malware que impida actualizar
Realiza los siguientes pasos, , sin cambiar el orden
1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware,
Manual Malwarebytes, para que sepas usarlo y configurarlo.
- Realiza un Análisis Personalizado,marcando Todas las casillas de la derecha y de la Izquierda actualizando si te lo pide.
- Pulsar en “Eliminar Seleccionados” para enviarlo a la cuarentena y Reinicias el sistema.
- Para acceder posteriormente al informe del análisis : Informes >> Registro de análisis >> Pulsar en >> Exportar >> Copiar al Portapapeles, y lo pegas en tu respuesta
2) Descarga Adwcleaner en el escritorio.
-
Desactiva tu antivirus
Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad. -
Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
-
Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.
-
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
-
Si no encuentra nada, pulsamos “Omitir Reparación”
-
El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"
Puedes mirar su manual >> Manual de Adwcleaner
3) Descarga Ccleaner
Instalalo y ejecútalo. En la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador. Clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad.
Pega los reportes de Malwarebytes, AdwCleaner y comentas como va el problema.
Hola, El problema persiste no ha podido completar las actualizaciones.
Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-12.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-14-2018
# Duration: 00:00:07
# OS: Windows 8.1
# Cleaned: 7
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
Deleted igjjkeeamkpihpncmmbgdkhdnjpcfmfb
***** [ Chromium URLs ] *****
Deleted Fissa
Deleted DAEMON Search
Deleted Softonic ES
Deleted Softonic ES
Deleted Softonic ES
Deleted Softonic ES
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1505 octets] - [14/10/2018 19:08:36]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 14/10/18
Hora del análisis: 18:48
Archivo de registro: f8045050-cfd0-11e8-a527-ac7ba1b50a5d.json
-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.463
Versión del paquete de actualización: 1.0.7345
Licencia: Prueba
-Información del sistema-
SO: Windows 8.1
CPU: x64
Sistema de archivos: NTFS
Usuario: asus\Usuario
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 251288
Amenazas detectadas: 42
Amenazas en cuarentena: 42
Tiempo transcurrido: 8 min, 29 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 42
PUP.Optional.Reimage, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\PREFERENCES, Sustituido, [1387], [541062],1.0.7345
PUP.Optional.Conduit, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [218], [454832],1.0.7345
PUP.Optional.Conduit, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [218], [454832],1.0.7345
Adware.Elex.ShrtCln, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [255], [454742],1.0.7345
Adware.Elex.ShrtCln, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [255], [454742],1.0.7345
PUP.Optional.Conduit, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [218], [454832],1.0.7345
PUP.Optional.Conduit, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [218], [454832],1.0.7345
PUP.Optional.Babylon, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [326], [455059],1.0.7345
PUP.Optional.Babylon, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [326], [455059],1.0.7345
PUP.Optional.SweetPage, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [362], [455284],1.0.7345
PUP.Optional.SweetPage, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [362], [455284],1.0.7345
PUP.Optional.Funmoods, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [286], [455240],1.0.7345
PUP.Optional.Funmoods, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [286], [455240],1.0.7345
PUP.Optional.Conduit, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [218], [454832],1.0.7345
PUP.Optional.Conduit, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [218], [454832],1.0.7345
PUP.Optional.Conduit, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [218], [454832],1.0.7345
PUP.Optional.ASK, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [2], [454827],1.0.7345
PUP.Optional.ASK, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [2], [454827],1.0.7345
PUP.Optional.Spigot, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [170], [454814],1.0.7345
PUP.Optional.Spigot, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [170], [454814],1.0.7345
PUP.Optional.Conduit, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [218], [454832],1.0.7345
PUP.Optional.Conduit, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [218], [454832],1.0.7345
Adware.Elex.ShrtCln, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [255], [454742],1.0.7345
PUP.Optional.Delta, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [280], [455070],1.0.7345
PUP.Optional.Delta, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [280], [455070],1.0.7345
PUP.Optional.Funmoods, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [286], [455240],1.0.7345
PUP.Optional.SweetIM, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [363], [455282],1.0.7345
PUP.Optional.SweetIM, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [363], [455282],1.0.7345
PUP.Optional.Conduit, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [218], [454832],1.0.7345
PUP.Optional.ASK, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [2], [454827],1.0.7345
PUP.Optional.ASK, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [2], [454827],1.0.7345
PUP.Optional.Conduit, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [218], [454832],1.0.7345
PUP.Optional.Conduit, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [218], [454832],1.0.7345
PUP.Optional.Delta, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [280], [455070],1.0.7345
PUP.Optional.SweetIM, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [363], [455282],1.0.7345
PUP.Optional.Delta, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [280], [455070],1.0.7345
PUP.Optional.Funmoods, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [286], [455240],1.0.7345
PUP.Optional.SweetIM, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [363], [455282],1.0.7345
PUP.Optional.ASK, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [2], [454829],1.0.7345
PUP.Optional.ASK, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [2], [454829],1.0.7345
Adware.Elex.ShrtCln, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [255], [454683],1.0.7345
Adware.Elex.ShrtCln, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [255], [454683],1.0.7345
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
Dos preguntas, A) Son necesarias las actualizaciones de windows. B) Me conviene cambiar a windows 10
Cordiales saludos.rs
He enviado la respuesta con los informes pero no estoy seguro si la habeis recibido
Si, son necesarias y mucho
Lo de Windows 10…pues tener el ultimo sistema siempre es mejor , claro
-
Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.
-
Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits)
¿Cómo saber si mi Windows es de 32 o 64 bits? -
Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.
-
En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.
-
Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.
En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST
Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.
Hola, con permiso
Se había quedado oculta tu respuesta, ya que habías puesto los “codes” entre (paréntesis) en lugar de [corchetes].
Un saludo
Hola, Estoy tratando de enviar los ficheros a Miguelgrado y me sale un mensaje que no entiendo, LO SENTIMOS los usuarios nuevos splo pueden mencionar a 2 usuarios a la vez en un post, No entiendo nada y no puedo responder a Miguelgrado, alguna instruccion?
Hola
Pones los reportes entre “codes”?, tienes que poner de esta forma, sin espacios entre el corchete y la palabra code:
[ code]
texto
[/code]
Un saludo
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
Ran by Usuario (administrator) on ASUS (14-10-2018 20:17:37)
Running from C:\Users\Usuario\Downloads
Loaded Profiles: Usuario (Available Profiles: Usuario)
Platform: Windows 8.1 (Update) (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmds.exe [177928 2018-09-16] (ESET)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3784512 2018-10-09] (Dropbox, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21888 2018-06-06] (Western Digital Technologies, Inc.)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\LogMeIn\GoToAssist Corporate\1280\G2AWinLogon_x64.dll (LogMeIn, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2311430587-937694226-3166817796-1001\...\Run: [appOnt] => C:\ProgramData\ESET\ESET NOD32 Antivirus\app\appOnt.exe [1390461 2015-11-09] ()
HKU\S-1-5-21-2311430587-937694226-3166817796-1001\...\Run: [uTorrent] => C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe [2148024 2018-02-24] (BitTorrent Inc.)
HKU\S-1-5-21-2311430587-937694226-3166817796-1001\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-2311430587-937694226-3166817796-1001\...\Run: [ApowersoftScreenRecorder] => C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe [2963792 2015-04-16] (Apowersoft)
HKU\S-1-5-21-2311430587-937694226-3166817796-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49803112 2018-09-21] (Skype Technologies S.A.)
HKU\S-1-5-21-2311430587-937694226-3166817796-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd)
HKU\S-1-5-21-2311430587-937694226-3166817796-1001\...\MountPoints2: {11fdca97-4722-11e8-82dd-ac7ba1b50a5d} - "E:\HiSuiteDownLoader.exe"
Startup: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-03-28]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{3FA516FD-E7BA-41B3-8413-261F541588F9}: [DhcpNameServer] 62.81.16.164 62.81.16.213
Tcpip\..\Interfaces\{8BF68FF4-B53D-491A-B8B3-804D93A684AB}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Internet Explorer:
==================
HKU\S-1-5-21-2311430587-937694226-3166817796-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-es/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-10-04] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-03-15] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-15] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-09-10] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: ptgg9y52.default
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\ptgg9y52.default [2018-10-14]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-09] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-15] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-09] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-10] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.com/","hxxp://www.google.com/","hxxps://www.google.com/?trackid=sp-006"
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2018-10-14]
CHR Extension: (Traductor de Google) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-03-28]
CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Flash Video Downloader) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2018-09-24]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-06]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-06]
CHR Extension: (Adblock Plus) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-09-11]
CHR Extension: (Hojas de cálculo) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-14]
CHR Extension: (Botón Guardar de Pinterest) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-09-24]
CHR Extension: (Player para ver Movistar+) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2018-09-09]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2018-03-28]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-06]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-20]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9680472 2018-09-26] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-06] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-06] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-10-09] (Dropbox, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2260144 2018-09-16] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2260144 2018-09-16] (ESET)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1401504 2016-09-23] (Intel Corporation)
S3 GoToAssist; C:\Program Files (x86)\LogMeIn\GoToAssist Corporate\1280\G2AC_Service.exe [316872 2018-10-03] (LogMeIn, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2016-10-06] () [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [528160 2018-06-04] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S3 WD Backup Drive Helper; C:\Windows\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B}
S3 WD Backup Snapshot; C:\Windows\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD}
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [64504 2016-09-23] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [52200 2016-10-06] (Intel Corporation)
S3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [50664 2016-10-06] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [141512 2018-09-16] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [212096 2016-10-13] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15872 2018-02-19] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [188824 2018-09-16] (ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [109864 2018-09-16] (ESET)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [268792 2016-09-23] (Intel Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-09-11] (Malwarebytes)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-10-06] (REALiX(tm))
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2016-10-06] ()
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [200232 2018-10-14] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [118584 2018-10-14] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [58400 2018-10-14] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [260384 2018-10-14] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [110424 2018-10-14] (Malwarebytes)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3520264 2016-10-06] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [67432 2018-03-15] (NVIDIA Corporation)
S3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [68112 2018-04-28] (NVIDIA Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [416472 2016-10-13] (Realsil Semiconductor Corporation)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2016-10-06] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
U0 aswVmm; no ImagePath
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 efavdrv; \??\C:\Windows\system32\drivers\efavdrv.sys [X]
S3 esihdrv; \??\C:\Users\Usuario\AppData\Local\Temp\esihdrv.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-14 20:17 - 2018-10-14 20:18 - 000018960 _____ C:\Users\Usuario\Downloads\FRST.txt
2018-10-14 20:14 - 2018-10-14 20:17 - 000000000 ____D C:\FRST
2018-10-14 20:13 - 2018-10-14 20:13 - 002414592 _____ (Farbar) C:\Users\Usuario\Downloads\FRST64.exe
2018-10-14 19:49 - 2018-10-14 19:57 - 000110424 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-10-14 19:49 - 2018-10-14 19:49 - 000118584 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-10-14 19:49 - 2018-10-14 19:49 - 000058400 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-10-14 19:48 - 2018-10-14 19:48 - 000260384 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-10-14 19:30 - 2018-10-14 19:30 - 000001561 _____ C:\Users\Usuario\Desktop\AdwCleaner[C00].txt
2018-10-14 19:24 - 2018-10-14 19:24 - 000000082 _____ C:\Users\Usuario\Documents\cc_20181014_192445.reg
2018-10-14 19:05 - 2018-10-14 19:09 - 000000000 ____D C:\AdwCleaner
2018-10-14 19:05 - 2018-10-14 19:05 - 007592144 _____ (Malwarebytes) C:\Users\Usuario\Downloads\Sin confirmar 90675.crdownload
2018-10-14 19:05 - 2018-10-14 19:05 - 007592144 _____ (Malwarebytes) C:\Users\Usuario\Downloads\adwcleaner_7.2.4.0 (1).exe
2018-10-14 18:46 - 2018-10-14 18:46 - 000200232 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-10-14 18:46 - 2018-10-14 18:46 - 000001883 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-10-14 18:46 - 2018-10-14 18:46 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbamtray
2018-10-14 18:46 - 2018-10-14 18:46 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbam
2018-10-14 18:46 - 2018-10-14 18:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-10-14 18:46 - 2018-09-11 13:18 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-10-14 18:45 - 2018-10-14 18:45 - 081176816 _____ (Malwarebytes ) C:\Users\Usuario\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.463-1.0.7197.exe
2018-10-14 17:25 - 2018-10-14 17:25 - 000396704 _____ C:\Users\Usuario\Downloads\WindowsUpdate_Cache_Cleaner (2).zip
2018-10-14 17:24 - 2018-10-14 17:24 - 000396704 _____ C:\Users\Usuario\Downloads\WindowsUpdate_Cache_Cleaner (1).zip
2018-10-14 17:23 - 2018-10-14 17:24 - 000396704 _____ C:\Users\Usuario\Downloads\WindowsUpdate_Cache_Cleaner.zip
2018-10-14 10:41 - 2018-10-14 10:42 - 000313366 _____ C:\Users\Usuario\Downloads\WindowsUpdate.diagcab
2018-10-12 16:40 - 2018-10-12 16:42 - 524288000 _____ C:\Users\Usuario\Downloads\Metodo_Marin_MM_esp_tiny.part1.rar
2018-10-12 13:12 - 2018-10-12 13:12 - 001767194 _____ C:\Users\Usuario\Downloads\Training Program for Chess Play - Victor Golenishchev.7z
2018-10-11 14:26 - 2018-10-02 19:59 - 000835152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-10-11 14:26 - 2018-10-02 19:59 - 000179792 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-10-11 11:16 - 2018-10-11 11:16 - 007939936 _____ C:\Users\Usuario\Downloads\Michael_de_la_Maza_-_Rapid_Chess_Improvement_-_A_Study_Plan_for_Adult_Players_(new_scan)-unlocked.pdf
2018-10-11 10:38 - 2018-10-11 10:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-10-10 06:29 - 2018-10-10 06:29 - 010356262 _____ C:\Users\Usuario\Downloads\Desarrolla la intuición en ajedrez - Manuel López Michelone - 2007.pdf
2018-10-09 13:53 - 2018-10-09 13:53 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-10-09 13:53 - 2018-10-09 13:53 - 000050232 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-10-09 13:53 - 2018-10-09 13:53 - 000050232 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-10-09 13:53 - 2018-10-09 13:53 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-10-09 09:57 - 2018-10-09 09:57 - 000006022 _____ C:\Users\Usuario\Downloads\PGN1-5.rar
2018-10-07 16:13 - 2018-10-07 16:14 - 128112283 _____ C:\Users\Usuario\Downloads\Every Russian Schoolboy Knows Minor Pieces Endings - Knight vs. Bishop - Part 1.7z
2018-10-04 09:52 - 2018-10-04 09:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2018-10-03 13:25 - 2018-10-03 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD Apps
2018-10-03 13:17 - 2018-10-03 13:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\GoToAssist Corporate
2018-10-03 13:17 - 2018-10-03 13:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\GoTo Opener
2018-10-03 13:17 - 2018-10-03 13:17 - 000000000 ____D C:\Program Files (x86)\LogMeIn
2018-10-02 17:54 - 2018-10-08 20:30 - 000000000 ____D C:\Users\Usuario\Downloads\SEMANA 1 RICARDO
2018-10-02 10:05 - 2018-10-03 13:25 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\WD Discovery
2018-10-01 18:03 - 2018-10-01 18:03 - 000121202 _____ C:\Users\Usuario\Downloads\pago.pdf
2018-09-29 11:35 - 2018-09-29 11:35 - 062518512 _____ (Skype Technologies S.A.) C:\Users\Usuario\Downloads\Skype-8.31.0.92.exe
2018-09-26 18:04 - 2018-09-26 18:04 - 000111308 _____ C:\Windows\system32\battery-report.html
2018-09-19 09:22 - 2018-09-19 09:22 - 000011412 _____ C:\Users\Usuario\Desktop\getreport.pdf
2018-09-18 21:51 - 2018-09-13 15:08 - 000000000 ____D C:\Users\Usuario\Downloads\Fajarowicz, Francesa Tactica clavada
2018-09-18 21:16 - 2018-09-18 21:16 - 000034467 _____ C:\Users\Usuario\Downloads\Fajarowicz, Francesa Tactica clavada.7z
2018-09-18 10:13 - 2018-09-18 10:13 - 000159862 _____ C:\Users\Usuario\Downloads\DNI Ricardo.pdf
2018-09-18 09:01 - 2018-09-18 09:01 - 007334535 _____ C:\Users\Usuario\Documents\Charles_Hertan_-_Power_Chess_for_Kids_-_Volume_2.epub
2018-09-18 09:01 - 2018-09-18 09:01 - 003943815 _____ C:\Users\Usuario\Documents\Charles_Hertan_-_Power_Chess_for_Kids_-_Volume_1.epub
2018-09-16 14:31 - 2018-10-04 09:52 - 000002523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Empresarial.lnk
2018-09-16 14:31 - 2018-10-04 09:52 - 000002474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-09-16 14:31 - 2018-10-04 09:52 - 000002382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-14 20:13 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2018-10-14 20:12 - 2016-10-06 17:51 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\ClassicShell
2018-10-14 19:56 - 2016-10-06 17:16 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2311430587-937694226-3166817796-1001
2018-10-14 19:51 - 2016-10-06 17:36 - 000001000 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-10-14 19:48 - 2016-10-06 17:30 - 000000000 ____D C:\ProgramData\NVIDIA
2018-10-14 19:48 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-10-14 19:48 - 2013-08-22 16:44 - 000538152 _____ C:\Windows\system32\FNTCACHE.DAT
2018-10-14 19:48 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2018-10-14 19:34 - 2016-10-06 17:36 - 000001004 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-10-14 19:32 - 2018-05-27 10:56 - 000000000 ____D C:\Users\Usuario\AppData\Local\CrashDumps
2018-10-14 19:23 - 2016-10-07 09:34 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\MPC-HC
2018-10-14 19:22 - 2016-10-26 17:39 - 000000000 ____D C:\Windows\Minidump
2018-10-14 19:18 - 2014-03-18 12:10 - 001822472 _____ C:\Windows\system32\PerfStringBackup.INI
2018-10-14 19:18 - 2014-03-18 11:31 - 000806698 _____ C:\Windows\system32\perfh00A.dat
2018-10-14 19:18 - 2014-03-18 11:31 - 000164584 _____ C:\Windows\system32\perfc00A.dat
2018-10-14 17:27 - 2016-10-06 17:35 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-10-14 17:20 - 2016-10-06 17:21 - 000003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{01261BA3-C4C1-4D51-AA6E-AE1C8788767A}
2018-10-14 10:45 - 2016-10-06 17:10 - 000000000 ____D C:\Users\Usuario
2018-10-14 10:44 - 2016-10-24 14:50 - 000000000 ____D C:\Users\Usuario\AppData\Local\ElevatedDiagnostics
2018-10-13 12:52 - 2017-11-21 19:52 - 000003168 _____ C:\Windows\System32\Tasks\HPCeeScheduleForUsuario
2018-10-13 12:52 - 2017-11-21 19:52 - 000000350 _____ C:\Windows\Tasks\HPCeeScheduleForUsuario.job
2018-10-13 07:26 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-10-11 13:32 - 2016-10-11 12:40 - 000000000 ____D C:\Windows\system32\MRT
2018-10-11 13:27 - 2016-10-11 12:39 - 136745976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-10-11 11:53 - 2017-10-09 11:51 - 000000000 ____D C:\Users\Usuario\Documents\TACTICA
2018-10-11 10:38 - 2016-10-06 17:36 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-10-11 10:32 - 2017-11-21 14:32 - 000057776 _____ C:\Users\Usuario\Downloads\Control de entrenamientos 2018.zip
2018-10-09 20:43 - 2016-10-06 17:39 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-09 13:26 - 2017-03-02 14:39 - 000004448 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-10-09 13:26 - 2017-03-02 14:39 - 000004296 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-10-09 13:26 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-10-09 13:26 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2018-10-09 12:26 - 2018-03-14 09:57 - 000004488 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-10-04 22:03 - 2017-06-29 17:40 - 000001021 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2018-10-04 22:03 - 2017-03-02 14:42 - 000003834 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1488458557
2018-10-04 22:03 - 2017-03-02 14:42 - 000000000 ____D C:\Program Files\Opera
2018-10-04 09:56 - 2013-08-22 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-04 09:52 - 2018-09-10 17:57 - 000002386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-10-04 09:52 - 2018-04-22 20:03 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-10-04 09:52 - 2018-04-22 20:03 - 000002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-10-04 09:52 - 2018-04-22 20:03 - 000002430 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-10-04 09:52 - 2018-04-22 20:03 - 000002428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-10-04 09:51 - 2018-04-22 19:57 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-10-04 09:43 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\registration
2018-10-03 22:06 - 2016-10-07 09:19 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\Adobe
2018-10-03 13:25 - 2018-03-03 10:10 - 000000000 ____D C:\Program Files (x86)\Western Digital
2018-10-03 13:25 - 2016-11-10 09:59 - 000000000 ____D C:\ProgramData\Package Cache
2018-09-29 11:36 - 2018-08-29 13:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-09-29 11:36 - 2016-10-06 17:36 - 000001322 _____ C:\Users\Public\Desktop\Skype.lnk
2018-09-27 09:07 - 2017-10-09 11:50 - 000000000 ____D C:\Users\Usuario\Documents\APERTURAS
2018-09-26 10:09 - 2016-11-21 11:31 - 000000000 ____D C:\Peshka
2018-09-23 16:15 - 2018-04-23 13:44 - 000003168 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2311430587-937694226-3166817796-1001
2018-09-23 16:15 - 2018-04-23 13:44 - 000002336 _____ C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive para la Empresa.lnk
2018-09-22 18:29 - 2016-10-06 17:36 - 000003976 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2018-09-22 18:29 - 2016-10-06 17:36 - 000003740 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2018-09-20 22:14 - 2016-10-06 17:40 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-09-20 08:52 - 2016-10-06 17:34 - 000002242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-17 12:17 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2018-09-16 10:41 - 2018-04-12 16:26 - 000109864 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2018-09-16 10:41 - 2016-06-23 14:31 - 000188824 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2018-09-16 10:41 - 2016-06-23 14:31 - 000141512 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
==================== Bamital & volsnap ======================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by Usuario (14-10-2018 20:18:34)
Running from C:\Users\Usuario\Downloads
Windows 8.1 (Update) (X64) (2016-10-06 15:10:21)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-2311430587-937694226-3166817796-500 - Administrator - Disabled)
Invitado (S-1-5-21-2311430587-937694226-3166817796-501 - Limited - Disabled)
Usuario (S-1-5-21-2311430587-937694226-3166817796-1001 - Administrator - Enabled) => C:\Users\Usuario
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Disabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Disabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2311430587-937694226-3166817796-1001\...\uTorrent) (Version: 3.5.3.44358 - BitTorrent Inc.)
7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.008.20074 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.8 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
AjedrezCapablanca (HKU\S-1-5-21-2311430587-937694226-3166817796-1001\...\e6f4ab4c625d269b) (Version: 1.2017.11.18 - AjedrezCapablanca)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6321 - CDBurnerXP)
Chess Endgames - Fundamental Knowledge version 2.0.4 (HKLM-x32\...\Chess Endgames - Fundamental Knowledge_is1) (Version: 2.0.4 - )
Chess Tactics, Level 1 version 2.0.4 (HKLM-x32\...\Chess Tactics, Level 1_is1) (Version: 2.0.4 - )
ChessApps (HKU\S-1-5-21-2311430587-937694226-3166817796-1001\...\61df1a94f20cffd0) (Version: 2.0.1.8 - ChessApps)
ChessBase 14 64-bit (HKLM\...\{EBB0000D-0537-4963-B15B-1EC49F939B01}) (Version: 14.0.0.0 - ChessBase)
ChessBase Reader 2017 (HKLM-x32\...\{A4796856-362B-4AC0-A090-81E0DD1E8918}) (Version: 14.7.0.0 - ChessBase)
Classic Shell (HKLM\...\{3CD73469-FE6C-470F-90DA-66F5ED549C6D}) (Version: 3.9.5 - IvoSoft)
Dropbox (HKLM-x32\...\Dropbox) (Version: 59.4.93 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 11.1.54.0 - ESET, spol. s r.o.)
Estudio para la mejora del producto HP ENVY 4500 series (HKLM\...\{7AB1C3CE-613B-4078-8FDA-DE70E8A917E7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Fritz 16 64-bit (HKLM\...\{632BEFB2-46EC-442D-A7C9-B0B02E593A6B}) (Version: 16.1.0.0 - ChessBase)
Google Chrome (HKLM-x32\...\{0CCF3C48-E676-36F2-B17B-B890488DEB34}) (Version: 69.0.3497.100 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{2C183CF0-3077-43D0-B001-F93AC5E68942}) (Version: 1.0.487 - LogMeIn, Inc.)
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 11.9.0.1280 - LogMeIn, Inc.)
Grabador de Pantalla Pro de Apowersoft V2.0.1 (HKLM-x32\...\{dc9006db-6b05-4f0f-833b-79ef3f284c24}_is1) (Version: 2.0.1 - APOWERSOFT LIMITED)
HP ENVY 4500 series Ayuda (HKLM-x32\...\{083DCC02-5EB2-48B0-8BFF-F2D367F5AFB7}) (Version: 30.0.0 - Hewlett Packard)
HP ENVY 4500 series Software básico del dispositivo (HKLM\...\{F1F56388-1766-41E4-BFBE-F23671D56574}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.6.18.11 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{7759F11B-DF54-4726-9A01-61701580D786}) (Version: 12.9.24.3 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
ICC for Windows 1.0 beta 9.6.29 (HKLM-x32\...\{CFF71C5A-D887-429C-A1F6-FD395C1823E8}_is1) (Version: 1.0 - Internet Chess Club, Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
K-Lite Codec Pack 12.4.2 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.4.2 - KLCP)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.10827.20138 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2311430587-937694226-3166817796-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 es-ES)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1 - Mozilla)
Mozilla Thunderbird 45.4.0 (x86 es-ES) (HKLM-x32\...\Mozilla Thunderbird 45.4.0 (x86 es-ES)) (Version: 45.4.0 - Mozilla)
Multilizer PDF Translator (Build 10.3.2) (HKLM-x32\...\Multilizer PDF Translator_is1) (Version: - Rex Partners)
NVIDIA Controlador de gráficos 359.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.46 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10827.20138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10827.20138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10827.20138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.10827.20138 - Microsoft Corporation) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{74BBCD30-EB17-4909-B59F-65E0DD2B7E95}) (Version: 4.12.9782 - Apache Software Foundation)
Opera Stable 56.0.3051.36 (HKLM-x32\...\Opera 56.0.3051.36) (Version: 56.0.3051.36 - Opera Software)
Panel de control de NVIDIA 359.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 359.46 - NVIDIA Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Peshka 2 (HKLM-x32\...\Peshka_is1) (Version: - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7882 - Realtek Semiconductor Corp.)
Skype versión 8.31 (HKLM-x32\...\Skype_is1) (Version: 8.31 - Skype Technologies S.A.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WD Backup (HKLM-x32\...\{0a788274-32cc-4280-b02e-a8df90d8f73f}) (Version: 1.9.6731.39035 - Western Digital Technologies, Inc.)
WD Backup (HKLM-x32\...\{97FC345F-0D8B-4CF2-8207-AC8C79325495}) (Version: 1.9.6731.39035 - Western Digital Technologies, Inc) Hidden
WD Drive Utilities (HKLM-x32\...\{27c7215d-df19-4095-8f6a-eba55cab35be}) (Version: 2.0.0.25 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{F413FB4C-7CFF-4737-BCC3-5EE43BFB3721}) (Version: 2.0.0.25 - Western Digital Technologies, Inc.) Hidden
WinDjView 2.1 (HKLM\...\WinDjView) (Version: 2.1 - Andrew Zhezherun)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
HKU\S-1-5-21-2311430587-937694226-3166817796-1001\...\ChromeHTML: -> <==== ATTENTION
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-09-16] (ESET)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-09-16] (ESET)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-10-01] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-02-15] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-09-16] (ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {047CBEB7-5AF4-4C14-994E-4C1EDE0229A5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2018-08-30] (HP Inc.)
Task: {085CE4C2-9889-406F-9ECF-242CAC260A9C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-06] (Google Inc.)
Task: {0E1A9F37-06B2-4879-AB88-E8D0A9A34DEA} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-06] (Dropbox, Inc.)
Task: {17B5384E-7E98-47FD-8EBE-D403225332FD} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-04] (Microsoft Corporation)
Task: {28CF3E34-D930-4E58-8572-FD5E9A193386} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {3592CDF3-B98E-4570-9A4D-8BB4941B0972} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {383A7543-3E49-4B70-97B6-998338657861} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-05-20] (NVIDIA Corporation)
Task: {428F0C3A-63CF-4A66-9059-8F6286AF16F9} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {4EDE9294-E199-4083-B516-A71EEC6B22C5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-06] (Dropbox, Inc.)
Task: {5081503D-4170-41B6-ACA6-8CC2E637B567} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {549472D8-8715-4BBA-A30A-170415562CC0} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-04] (Microsoft Corporation)
Task: {5B744D38-7398-4AFE-A072-EFBC6A1C5C6A} - System32\Tasks\HPCeeScheduleForUsuario => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {5CF3ED3C-A7B2-46E6-9F00-BFEAD8AFEA83} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_pepper.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {5D84F7C0-D623-485B-8ACA-1CAC54F08775} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {64F2597B-02EC-4878-B6E1-AD87C789549B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-09-06] (HP Inc.)
Task: {695FD9B5-BB44-4AAD-9295-576CC627A1D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd)
Task: {6B515103-CB39-4072-8EA8-2125B535A397} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {7464B936-0FA5-4B76-A47B-559BA611A3CC} - System32\Tasks\AutoPico Daily Restart => C:\Users\Usuario\Desktop\Activador [Argument = auto pico\AutoPico.exe /silent]
Task: {76FE8789-6A76-4029-B63D-9BDFCF2E3210} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {77E8811F-BDC9-4737-9294-E40E5D1DE8C2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-26] (Microsoft Corporation)
Task: {7E2B0BCB-277B-4C76-8240-A6807CD0E5DF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-10-04] (Microsoft Corporation)
Task: {864F80EE-1904-4808-ABBE-FF00AFE8FEFA} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-21] ()
Task: {8F31B41C-2A24-48E8-9A5D-CA0E71A3D6B5} - System32\Tasks\Opera scheduled Autoupdate 1488458557 => C:\Program Files\Opera\launcher.exe [2018-10-02] (Opera Software)
Task: {8FE74B6D-B8A4-497A-8465-F54C6064589D} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-10-13] (Realtek Semiconductor)
Task: {96357C92-A893-4F92-85DB-7E4D0950AE26} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-08-21] (HP Inc.)
Task: {9B32C7FA-B984-4BBB-BEE1-E26F5077465D} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {B0F2D55D-8000-4DCB-8F64-C5E7DD37501A} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-10-13] (Realtek Semiconductor)
Task: {B40861AA-36C2-4844-9529-EFF10F3ADF82} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {B79D3061-F555-497C-8669-D5A995152A41} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {B7E663E7-D13C-4CFE-BA38-D1FE3FD5FED2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-06] (Google Inc.)
Task: {BCB854D3-951F-4D73-ABF3-FC7924FBF147} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-10-04] (Microsoft Corporation)
Task: {C50DBF2F-0F3E-4ED2-8146-6DBFBA3D7DD7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-26] (Microsoft Corporation)
Task: {CA726E9F-51C8-48F5-8C4D-80235AFE20ED} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-10] (Piriform Ltd)
Task: {CCCB2765-7BA8-4150-A47D-18F211C95B54} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {D1B4A856-F15E-4045-8782-083B416F7C66} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2311430587-937694226-3166817796-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [2018-01-19] (Mega Limited)
Task: {DA6A4770-4F53-4D54-A7D6-3AE035A67BE0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {E559BAFD-7AE3-4082-A72D-AA356E3A8369} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {E71EBA37-A04D-4E98-8354-DDD1CF1A2B3F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-10-04] (Microsoft Corporation)
Task: {F2648A2C-C5EC-4434-BDD1-A73A961F2E54} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {FE23FBF5-9EC7-4F07-98F4-1FC6CC1DB036} - System32\Tasks\Driver Booster SkipUAC (Usuario) => C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DriverBooster.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForUsuario.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-10-06 17:17 - 2016-02-15 09:26 - 000133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-10-14 18:46 - 2018-09-12 11:35 - 002701064 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-10-14 18:46 - 2018-09-12 17:57 - 002785784 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-10-31 21:45 - 2017-11-17 10:05 - 000598528 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2018-09-20 08:52 - 2018-09-15 10:26 - 005110616 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libglesv2.dll
2018-09-20 08:52 - 2018-09-15 10:26 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Usuario\Desktop\Imagen (2).jpg:3or4kl4x13tuuug3Byamue2s4b [95]
AlternateDataStreams: C:\Users\Usuario\Desktop\Imagen (2).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2017-03-02 18:46 - 000000826 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2311430587-937694226-3166817796-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Usuario\Desktop\RUTA D. QUIJOTE\P_20180517_124540.jpg
DNS Servers: 80.58.61.250 - 80.58.61.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "WDDiscovery"
HKLM\...\StartupApproved\Run32: => "WDDriveAgent"
HKLM\...\StartupApproved\Run32: => "WDAppManager"
HKU\S-1-5-21-2311430587-937694226-3166817796-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-2311430587-937694226-3166817796-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2311430587-937694226-3166817796-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2311430587-937694226-3166817796-1001\...\StartupApproved\Run: => "appOnt"
HKU\S-1-5-21-2311430587-937694226-3166817796-1001\...\StartupApproved\Run: => "HP ENVY 4500 series (NET)"
HKU\S-1-5-21-2311430587-937694226-3166817796-1001\...\StartupApproved\Run: => "ApowersoftScreenRecorder"
HKU\S-1-5-21-2311430587-937694226-3166817796-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2311430587-937694226-3166817796-1001\...\StartupApproved\Run: => "Skype for Desktop"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{379316DC-BC69-4F69-97DC-62FAD30B47F0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C5C4B69E-16D3-414A-A401-26A76AB791E8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{02A2792A-666B-4D72-8CFB-791761ACC4FD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8C7A90BF-991E-4304-9049-7FDEAEA62A27}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{46DA609D-6ED3-458B-A91F-7B7C90E4D3D6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6C1F074D-67F7-4A32-9FFA-68D0561A49A7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{AC9484B9-076A-4B0D-9BFC-459EE1042EBB}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{039FF078-1CD2-4E51-A939-D55EC548A206}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{3DD3D449-CF55-4E9B-ACCD-A538B7545948}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{9B164FAC-F255-4FB7-A102-418177FC2CC2}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{CB7FE932-FB7A-47D9-9B5C-B6F399DBA9D3}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{7B42957E-A0D1-426F-B723-B3DCC3C7A195}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{448D5607-0440-4F10-B4FC-0CBAD83B2119}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{603CB0FE-B422-49A9-A8E8-7BF2F7E5CA2F}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D83FCD29-E6DC-41E7-956E-7F52CE09699B}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9ACC42CB-DE46-421D-B00B-7DD6CC25898D}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1AFBE23C-6248-4AFD-9D9D-5B3753E68593}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8D1AC306-7DFD-43DC-B1CC-07187C03E95A}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A250E70E-1F93-495A-A490-B27793B5213F}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe
FirewallRules: [{9AD7E3F1-3B42-43F1-98E2-2ADF77B0835B}] => (Allow) LPort=5357
FirewallRules: [{17A969CD-7814-427A-ACEE-83FAF8DC618F}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{586B7A46-6DBF-4337-A56D-5AF910F6C9D1}] => (Allow) C:\Program Files (x86)\Multilizer\MultilizerPDFTranslator\PDFTRanslationWizard.exe
FirewallRules: [{C6625DA2-CD03-447E-A5AF-17913EB54DD1}] => (Allow) C:\Program Files (x86)\Multilizer\MultilizerPDFTranslator\PDFTRanslationWizard.exe
FirewallRules: [{7CE36219-A449-436E-A3A7-A95378C2428C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{213B7638-7C6E-45F2-945C-F48A74FE365F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{89970986-DA3A-4E11-8CAB-9DFA1834F11D}] => (Allow) C:\Users\Usuario\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{6126ED9D-059E-4638-B27A-1016F21AC482}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{7E3BE60F-9320-4682-A2F7-C59EA257F81B}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{532FFF99-23C4-43EA-96D3-C0A769680228}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{E7F619CB-85AB-4ECC-BB35-E0173111E11D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{0F2FA95D-23E9-459B-952F-1F84C1B478B5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{38E3B311-9434-4FB4-9F87-7AE7AA4FC0DF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{15F55163-0421-4DC7-B0F3-B6ED73DE638B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{2E8228F8-621B-4A0D-8780-0EA4F7541695}] => (Allow) C:\Program Files\Opera\55.0.2994.61\opera.exe
FirewallRules: [{277E112F-8A3C-49D7-A2CC-7A0C4F63AACE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{47406C39-3343-4A2F-8446-AFB3A0A59FDB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{A7DE02A4-DE14-4106-8F55-1F16814705A8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{6E210839-D8D4-4315-B2F9-5370F83F6EF2}] => (Allow) C:\Program Files\Opera\56.0.3051.36\opera.exe
FirewallRules: [{DA0A61E8-C80A-43AB-8A8C-8B8E2A30C775}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Restore Points =========================
07-10-2018 11:34:34 Punto de control programado
11-10-2018 13:22:12 Windows Update
14-10-2018 17:26:39 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/14/2018 07:49:12 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
DPTF Build Version: 8.1.10605.221
DPTF Build Date: Oct 23 2015 12:24:15
Source File: ..\..\..\Sources\Manager\WIPolicyCreateAll.cpp @ line 59
Executing Function: WIPolicyCreateAll::execute
Message: Unhandled exception caught during execution of work item
Policy File Name: DptfPolicyPassive.dll
Framework Event: PolicyCreate [27]
Exception Function: PolicyManager::createPolicy
Exception Text:
DPTF Build Version: 8.1.10605.221
DPTF Build Date: Oct 23 2015 12:24:15
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_THERMAL_RELATIONSHIP_TABLE [91]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Error: (10/14/2018 07:49:07 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
DPTF Build Version: 8.1.10605.221
DPTF Build Date: Oct 23 2015 12:24:15
Source File: ..\..\..\Sources\Manager\WIPolicyCreateAll.cpp @ line 59
Executing Function: WIPolicyCreateAll::execute
Message: Unhandled exception caught during execution of work item
Policy File Name: DptfPolicyActive.dll
Framework Event: PolicyCreate [27]
Exception Function: PolicyManager::createPolicy
Exception Text:
DPTF Build Version: 8.1.10605.221
DPTF Build Date: Oct 23 2015 12:24:15
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Error: (10/14/2018 07:47:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamservice.exe, versión: 3.2.0.704, marca de tiempo: 0x5b9acf90
Nombre del módulo con errores: SelfProtectionSdk.dll, versión: 3.0.0.360, marca de tiempo: 0x5b995ba2
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000014e2a9
Identificador del proceso con errores: 0x858
Hora de inicio de la aplicación con errores: 0x01d463e51dfdd905
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Ruta de acceso del módulo con errores: C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
Identificador del informe: 33a73611-cfd9-11e8-8343-ac7ba1b50a5d
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (10/14/2018 07:41:56 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
DPTF Build Version: 8.1.10605.221
DPTF Build Date: Oct 23 2015 12:24:15
Source File: ..\..\..\Sources\Manager\WIPolicyCreateAll.cpp @ line 59
Executing Function: WIPolicyCreateAll::execute
Message: Unhandled exception caught during execution of work item
Policy File Name: DptfPolicyPassive.dll
Framework Event: PolicyCreate [27]
Exception Function: PolicyManager::createPolicy
Exception Text:
DPTF Build Version: 8.1.10605.221
DPTF Build Date: Oct 23 2015 12:24:15
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_THERMAL_RELATIONSHIP_TABLE [91]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Error: (10/14/2018 07:41:54 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
DPTF Build Version: 8.1.10605.221
DPTF Build Date: Oct 23 2015 12:24:15
Source File: ..\..\..\Sources\Manager\WIPolicyCreateAll.cpp @ line 59
Executing Function: WIPolicyCreateAll::execute
Message: Unhandled exception caught during execution of work item
Policy File Name: DptfPolicyActive.dll
Framework Event: PolicyCreate [27]
Exception Function: PolicyManager::createPolicy
Exception Text:
DPTF Build Version: 8.1.10605.221
DPTF Build Date: Oct 23 2015 12:24:15
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Error: (10/14/2018 07:32:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamtray.exe, versión: 3.1.0.1614, marca de tiempo: 0x5b9bcc06
Nombre del módulo con errores: KERNELBASE.dll, versión: 6.3.9600.18895, marca de tiempo: 0x5a4b127e
Código de excepción: 0xc0000142
Desplazamiento de errores: 0x0009d4e2
Identificador del proceso con errores: 0x127c
Hora de inicio de la aplicación con errores: 0x01d463e3c78d1fa7
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Ruta de acceso del módulo con errores: KERNELBASE.dll
Identificador del informe: 0e747e4f-cfd7-11e8-8342-ac7ba1b50a5d
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (10/14/2018 07:11:44 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
DPTF Build Version: 8.1.10605.221
DPTF Build Date: Oct 23 2015 12:24:15
Source File: ..\..\..\Sources\Manager\WIPolicyCreateAll.cpp @ line 59
Executing Function: WIPolicyCreateAll::execute
Message: Unhandled exception caught during execution of work item
Policy File Name: DptfPolicyPassive.dll
Framework Event: PolicyCreate [27]
Exception Function: PolicyManager::createPolicy
Exception Text:
DPTF Build Version: 8.1.10605.221
DPTF Build Date: Oct 23 2015 12:24:15
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_THERMAL_RELATIONSHIP_TABLE [91]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Error: (10/14/2018 07:11:39 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
DPTF Build Version: 8.1.10605.221
DPTF Build Date: Oct 23 2015 12:24:15
Source File: ..\..\..\Sources\Manager\WIPolicyCreateAll.cpp @ line 59
Executing Function: WIPolicyCreateAll::execute
Message: Unhandled exception caught during execution of work item
Policy File Name: DptfPolicyActive.dll
Framework Event: PolicyCreate [27]
Exception Function: PolicyManager::createPolicy
Exception Text:
DPTF Build Version: 8.1.10605.221
DPTF Build Date: Oct 23 2015 12:24:15
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
System errors:
=============
Error: (10/14/2018 08:13:27 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x800f0922: 2018-10 Paquete acumulativo actualizac. de calidad y seguridad para .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 para Windows 8.1 y Server 2012 R2 para x64 (KB4459924).
Error: (10/14/2018 07:52:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x800f0922: 2018 (10) Paquete acumulativo de actualizaciones de calidad mensual de seguridad para Windows 8.1 para sistemas basados en x64 (KB4462926).
Error: (10/14/2018 07:50:36 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {752073A1-23F2-4396-85F0-8FDB879ED0ED} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (10/14/2018 07:45:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {752073A1-23F2-4396-85F0-8FDB879ED0ED} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (10/14/2018 07:43:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {752073A1-23F2-4396-85F0-8FDB879ED0ED} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (10/14/2018 07:39:52 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: El servicio WerSvc no se pudo iniciarse como NT AUTHORITY\SYSTEM con la contraseña configurada actualmente debido al siguiente error:
Solicitud no compatible.
Para asegurarse de que el servicio esté correctamente configurado, use el complemento Servicios en Microsoft Management Console (MMC).
Error: (10/14/2018 07:39:52 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: El servicio WerSvc no se pudo iniciarse como NT AUTHORITY\SYSTEM con la contraseña configurada actualmente debido al siguiente error:
Solicitud no compatible.
Para asegurarse de que el servicio esté correctamente configurado, use el complemento Servicios en Microsoft Management Console (MMC).
Error: (10/14/2018 07:09:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio HP Touchpoint Analytics se terminó de manera inesperada. Esto ha sucedido 1 veces.
Windows Defender:
===================================
Date: 2017-08-02 20:30:24.134
Description:
Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Gendows&threatid=2147646077&enterprise=0
Nombre: HackTool:Win32/Gendows
Id.: 2147646077
Gravedad: Media
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\KMService.exe;process:_pid:1832,ProcessStart:131460441744295350
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Windows\KMService.exe
Versión de firma: AV: 1.231.2078.0, AS: 1.231.2078.0, NIS: 116.65.0.0
Versión de motor: AM: 1.1.13202.0, NIS: 2.1.12706.0
Date: 2016-11-26 17:29:11.117
Description:
Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Gendows&threatid=2147646077&enterprise=0
Nombre: HackTool:Win32/Gendows
Id.: 2147646077
Gravedad: Media
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\KMService.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
Versión de firma: AV: 1.231.2078.0, AS: 1.231.2078.0, NIS: 116.65.0.0
Versión de motor: AM: 1.1.13202.0, NIS: 2.1.12706.0
Date: 2016-11-16 11:21:59.243
Description:
Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Gendows&threatid=2147646077&enterprise=0
Nombre: HackTool:Win32/Gendows
Id.: 2147646077
Gravedad: Media
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\KMService.exe;process:_pid:2348,ProcessStart:131237649704621232
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Windows\KMService.exe
Versión de firma: AV: 1.231.2078.0, AS: 1.231.2078.0, NIS: 116.65.0.0
Versión de motor: AM: 1.1.13202.0, NIS: 2.1.12706.0
Date: 2016-11-16 11:12:57.294
Description:
Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Gendows&threatid=2147646077&enterprise=0
Nombre: HackTool:Win32/Gendows
Id.: 2147646077
Gravedad: Media
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\KMService.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\ESET\ESET Internet Security\ekrn.exe
Versión de firma: AV: 1.231.2078.0, AS: 1.231.2078.0, NIS: 116.65.0.0
Versión de motor: AM: 1.1.13202.0, NIS: 2.1.12706.0
Date: 2016-11-26 17:31:18.278
Description:
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 1.233.665.0
Versión de firma anterior: 1.231.2078.0
Origen de actualización: Carpeta de actualizaciones de firmas
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 1.1.13303.0
Versión de motor anterior: 1.1.13202.0
Código de error: 0x80004004
Descripción del error: Operación anulada
Date: 2016-11-26 17:31:18.278
Description:
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 1.233.665.0
Versión de firma anterior: 1.231.2078.0
Origen de actualización: Carpeta de actualizaciones de firmas
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 1.1.13303.0
Versión de motor anterior: 1.1.13202.0
Código de error: 0x80004004
Descripción del error: Operación anulada
Date: 2016-11-26 17:31:18.231
Description:
Windows Defender encontró un error al intentar actualizar el motor.
Nueva versión de motor: 1.1.13303.0
Versión de motor anterior: 1.1.13202.0
Usuario: NT AUTHORITY\SYSTEM
Código de error: 0x80004004
Descripción del error: Operación anulada
Date: 2016-11-16 11:11:34.874
Description:
Windows Defender encontró un error al intentar cargar firmas e intentará revertirlas a un conjunto de firmas conocidas.
Firmas intentadas: Actual
Código de error: 0x80073aba
Descripción del error: El recurso es demasiado antiguo para ser compatible.
Versión de firma: 1.155.266.0;1.155.266.0
Versión de motor: 1.1.9700.0
Date: 2016-10-13 13:13:07.543
Description:
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.155.266.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.9700.0
Código de error: 0x8024001e
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 35%
Total physical RAM: 8075.05 MB
Available physical RAM: 5226.45 MB
Total Virtual: 9355.05 MB
Available Virtual: 6401.7 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931 GB) (Free:579.66 GB) NTFS
\\?\Volume{981c71fd-530a-4059-a7fd-8961e41bd41c}\ (Recuperación) (Fixed) (Total:0.29 GB) (Free:0.05 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: FAE7D78D)
Partition: GPT.
========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 0A90C0D2)
Partition: GPT.
==================== End of Addition.txt ============================Primero corta y pega en el Escritorio el Frst.exe, que se indicaba bien, que lo ejecutase desde esa ubicación
Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :
-
Para hacerlo descarga Delfix en tu escritorio.
-
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")
-
Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
En el equipo con los demas programas cerrados:
Inicio >>> Ejecutar >>>Escribes notepad.exe.
Ahora copia y pega estos archivos dentro del Notepad:
Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
U0 aswVmm; no ImagePath
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 efavdrv; \??\C:\Windows\system32\drivers\efavdrv.sys [X]
S3 esihdrv; \??\C:\Users\Usuario\AppData\Local\Temp\esihdrv.sys [X] <==== ATTENTION
AlternateDataStreams: C:\Users\Usuario\Desktop\Imagen (2).jpg:3or4kl4x13tuuug3Byamue2s4b [95]
AlternateDataStreams: C:\Users\Usuario\Desktop\Imagen (2).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
END
Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<
Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.
-
Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro?, para trabajar desde ese modo de windows.
-
Ejecutas Frst.exe.
-
Presionas el botón Fix y aguardas a que termine.
-
La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
Lo pegas en tu próxima respuesta, comentado como va el problema
Buenos dias, Estoy realizando sus instrucciones y tengo una duda: voy a la altura de iniciar windows en modo seguro, tengo que reiniciar el equipo antes de iniciar windows en modo seguro y yo solo tengo operativa la opcion reiniciar y actualizar , estan juntas las dos, doy esa opcion?, la otra duda que tengo es que en el caso que sea esa la opcion, cuando tengo que dar F8 (en que momento de la operacion de reinicio), perdonar el latazo pero quiero estar seguro de seguir las instrucciones perfectamente, Esèro vuestros comentarios un saludo.rs
Eso es porque tienes actualizaciones pendientes y por eso no te sale la opción de reiniciar solamente y te sale lo de actualizar.
La tecla F8 le das a reiniciar y nada más que la pantalla se apague y empiece el PC a iniciarse mantén la pulsada todo el tiempo hasta que te salgan las opciones avanzadas de arranque
Hola, Estoy atascado porque no soy capaz de arrancar wind. en modo seguro,ya que no me sale el menú de opciones avanzadas, yo creo que no habilito la tecla F8 porque fallo en algo, te explico lo que hago siguiendo las instrucciones del manual : Primero presiono el simbolo de w y copio bcdedit /set bootmenupolicy Legacy en la parte inferior izda pulsando a continuacion enter lo que se supone debería habilitar la tecla F8, pero lo unico que se produce es una pantalla negra que aparece y desaparece rapidamente, cuando reinicio no sale el menú de opciones avanzadas porque he debido fallar en la habilitacion de f8. Lo veo sencillo pero algo no hago bien
No te preocupes por ahora realiza el procedimiento en modo normal reinicias el PC y compruebas cómo va el tema de las actualizaciones
Hola relizado el procedimiento la situacion es: Ahora no me aparece la opcion de actualizar y reiniciar, por lo que me he ido al windows update y he visto que había varias actulizaciones pendientes las he marcado y he dado la instrucción de instalarlas todas pero despues de un rato razonable no había ningún progreso con 0% de instalación (necesitará mucho mas?) y no hacer ninguna tarea en el portatil?) Adjunto el informe
Fix result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by Usuario (15-10-2018 10:44:04) Run:1
Running from C:\Users\Usuario\Desktop
Loaded Profiles: Usuario (Available Profiles: Usuario)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
U0 aswVmm; no ImagePath
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 efavdrv; \??\C:\Windows\system32\drivers\efavdrv.sys [X]
S3 esihdrv; \??\C:\Users\Usuario\AppData\Local\Temp\esihdrv.sys [X] <==== ATTENTION
AlternateDataStreams: C:\Users\Usuario\Desktop\Imagen (2).jpg:3or4kl4x13tuuug3Byamue2s4b [95]
AlternateDataStreams: C:\Users\Usuario\Desktop\Imagen (2).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
END
*****************
Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\System\CurrentControlSet\Services\aswVmm => removed successfully
aswVmm => service removed successfully
HKLM\System\CurrentControlSet\Services\dbx => removed successfully
dbx => service removed successfully
HKLM\System\CurrentControlSet\Services\efavdrv => removed successfully
efavdrv => service removed successfully
HKLM\System\CurrentControlSet\Services\esihdrv => removed successfully
esihdrv => service removed successfully
C:\Users\Usuario\Desktop\Imagen (2).jpg => ":3or4kl4x13tuuug3Byamue2s4b" ADS could not remove.
C:\Users\Usuario\Desktop\Imagen (2).jpg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2311430587-937694226-3166817796-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2311430587-937694226-3166817796-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= End of CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
No se puede realizar ninguna operaci¢n en Conexi¢n de rea local* 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
Adaptador de LAN inal mbrica Conexi¢n de rea local* 2:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de Ethernet Conexi¢n de red Bluetooth:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de Ethernet Ethernet:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . : home
Adaptador de LAN inal mbrica Wi-Fi:
Sufijo DNS espec¡fico para la conexi¢n. . :
V¡nculo: direcci¢n IPv6 local. . . : fe80::11eb:742c:aa0c:4400%3
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.35
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : 192.168.1.1
Adaptador de t£nel isatap.{8BF68FF4-B53D-491A-B8B3-804D93A684AB}:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
========= End of CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
0 out of 0 jobs canceled.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14109981 B
Java, Flash, Steam htmlcache => 1503 B
Windows/system/drivers => 5234193 B
Edge => 0 B
Chrome => 297507476 B
Firefox => 11966319 B
Opera => 128000 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile32 => 0 B
LocalService => 28222 B
NetworkService => 0 B
Usuario => 113335298 B
RecycleBin => 0 B
EmptyTemp: => 429.8 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 10:46:37 ====