All in one HP

Flor_Tren · 7 Agosto, 2019 17:51

Buenas a todos! Quería comentarles lo que me está pasando en la PC… resulta que hace poco empezó a funcionar demasiado lento, tanto que hay veces que la apagó con el botón porque no deja entrar ni al inicio. Ayer por la tarde parecía que andaba bien, de hecho fue un largo rato que anduvo fluidamente… había pasado el antivirus, el cleanmaster y creo que glarys o algo así que analizo y comprobó que había errores en el disco que al parece los reparó porque andaba mejor… luego se realentizo y ya volvió al inicio lento. Espero puedan ayudarme

JavierHF · 7 Agosto, 2019 21:20

Buenas @Flor_Tren bienvenido al Foro.

Lo primero que vamos a verificar es si tienes alguna infección en el equipo, para hacerlo sigue estos pasos, en el orden indicado y leyendo todo lo explicado.

Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar ) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :

CCleaner + Manual.
Malwarebytes’ Anti-Malware + Manual. revisa en detalle el manual, para que sepas usarlo y configurarlo correctamente.
AdwCleaner + Manual.
Junkware Removal Tool.
Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1] ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]

Ejecutas las herramientas de una en una y en el orden indicado :

CCleaner.-

Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.
Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.
Realiza un Análisis Completo.
Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.
En el apartado del manual Historial encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.

AdwCleaner.-

Ejecuta Adwcleaner.exe.
Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.
El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

Ejecuta JRT.exe.
Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.
Si en algún momento te pide Reiniciar hazlo.
Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

Ejecuta FRST.exe.
En el mensaje de la ventana del Disclaimer, pulsamos Yes
En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Poner los informes en tu próxima respuesta de :

Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado.

Saludos Javier.

Flor_Tren · 9 Agosto, 2019 01:24

Hola @JavierHF Gracias por la ayuda, al parecer no estaba tan contaminada, de a ratos le cuesta volver de la suspensión cuando se apaga la pantalla, y también le cuesta responder cuando desde el inicio la quiero apagar, espero no sea nada grave, fue empeorando desde hace poco que se apago con un corte de luz, acá copio los informes:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del evento de protección: 7/8/19
Hora del evento de protección: 17:28
Archivo de registro: e1d19cdc-b951-11e9-b47f-dcfe0709505c.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.11902
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.706)
CPU: x64
Sistema de archivos: NTFS
Usuario: System

-Detalles del malware bloqueado-
Archivo: 1
HackTool.KMS, C:\Users\diego\Desktop\KMSAUTO.1.5.3-PVP\KMSAuto Net.exe, En cuarentena, [8402], [538530],1.0.11902


(end)

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build:    07-23-2019
# Database: 2019-08-08.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    08-08-2019
# Duration: 00:00:16
# OS:       Windows 10 Home Single Language
# Scanned:  35455
# Detected: 37


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy             C:\Users\Public\Documents\Downloaded Installers
PUP.Optional.SlimCleanerPlus    C:\Users\diego\AppData\Local\slimware utilities inc

***** [ Files ] *****

PUP.Optional.Legacy             C:\Windows\System32\drivers\swdumon.sys

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.SlimCleanerPlus    HKLM\Software\Wow6432Node\SlimWare Utilities Inc

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.HPRegistrationService 
Preinstalled.HPSupportAssistant 
Preinstalled.HPTouchpointAnalyticsClient 
Preinstalled.HPWelcome          
Preinstalled.WildTangentGamesBundle 



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64 
Ran by diego (Administrator) on jue. 08/08/2019 at 21:34:05,76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 1 

Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\SWDUMon (Registry Key) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on jue. 08/08/2019 at 21:36:34,85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64 
Ran by diego (Administrator) on jue. 08/08/2019 at 21:34:05,76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 1 

Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\SWDUMon (Registry Key) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on jue. 08/08/2019 at 21:36:34,85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-08-2019 02
Ran by diego (08-08-2019 21:39:32)
Running from C:\Users\diego\Desktop
Windows 10 Home Single Language Version 1803 17134.706 (X64) (2018-05-19 12:08:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3864159795-4224723994-1547054730-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3864159795-4224723994-1547054730-503 - Limited - Disabled)
diego (S-1-5-21-3864159795-4224723994-1547054730-1001 - Administrator - Enabled) => C:\Users\diego
Invitado (S-1-5-21-3864159795-4224723994-1547054730-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3864159795-4224723994-1547054730-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4.4301 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4.4301 - CyberLink Corp.)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.2 - Dropbox, Inc.)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Glary Utilities 5.125 (HKLM-x32\...\Glary Utilities 5) (Version: 5.125.0.150 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.87 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HP Documentation (HKLM\...\HP_Documentation) (Version:  - HP)
HP ESU for Microsoft Windows 10 (HKLM-x32\...\{2CDA0D13-ED4D-4E66-B920-9AE696F9992E}) (Version: 1.1.1 - HP)
HP LaserJet Pro M11-M13 Series (HKLM\...\HP LaserJet Pro M11-M13 Series) (Version:  - )
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8305.5282 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.7.50.3 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{76272057-98E0-4DC4-AAC3-10C546C47195}) (Version: 14.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{D7D5F438-26EF-45AB-AB89-C476FBCF8584}) (Version: 12.10.49.21 - Hewlett-Packard Company)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5058 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Kingsoft PDF to Word SDK (2.0.1) (HKLM\...\{F0915BBA-A86F-4672-807D-30F38DFC2B44}) (Version: 2.0.1 - Zhuhai Kingsoft Office Software Co.,Ltd)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Paquete de controladores de Windows - Intel (MEIx64) System  (10/03/2017 11.7.0.1045) (HKLM\...\623E6BEBFE0E32D8AD88825BDC5B643D996BCA93) (Version: 10/03/2017 11.7.0.1045 - Intel)
Paquete de controladores de Windows - Intel Corporation (iaStorA) HDC  (04/10/2017 14.8.16.1063) (HKLM\...\1956B72D229BA5E262A8828A81DB9133B5F111B2) (Version: 04/10/2017 14.8.16.1063 - Intel Corporation)
Paquete de controladores de Windows - Intel Corporation (iaStorA) SCSIAdapter  (04/10/2017 14.8.16.1063) (HKLM\...\7B099E88B288543F1ED20B3C3332D4B1B2E6A621) (Version: 04/10/2017 14.8.16.1063 - Intel Corporation)
Productivity and Tools (10.2.0.6020) (HKLM-x32\...\Kingsoft Office) (Version: 10.2.0.6020 - Kingsoft Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10130.29089 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.24.1208.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8318 - Realtek Semiconductor Corp.)
Realtek PCI-E Wireless LAN Driver (HKLM-x32\...\InstallShield_{70714FB7-4084-4202-A599-2D5935DECB67}) (Version: Drv_3.00.0019 - REALTEK Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.59 - REALTEK Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.81460 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{61B90E2F-2DD9-4581-8856-C2441B61571A}) (Version: 1.7.0.0 - Microsoft Corporation) Hidden
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Complemento de teléfono de Microsoft -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-14] (Microsoft Corporation)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-06-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2018-09-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
OPERA meeting -> C:\Program Files\WindowsApps\InnotiimiDigitalServicesO.OPERAmeeting_1.3.0.13_neutral__5jmfga65hq73e [2017-07-21] (Innotiimi Digital Services OY)
The Weather Channel for HP -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforHP_2015.1108.1.0_x64__t3yemqpq4kp7p [2017-07-18] (The Weather Channel.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3864159795-4224723994-1547054730-1001_Classes\CLSID\{70239788-4DAE-49B8-9270-5D8614384B49}\InprocServer32 -> C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.6020\office6\addons\kpdf2wordshellext\kpdf2wordshellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} =>  -> No File
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-10] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} =>  -> No File
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-10] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-10] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers1_S-1-5-21-3864159795-4224723994-1547054730-1001: [kpdf2wordshellext] -> {70239788-4DAE-49B8-9270-5D8614384B49} => C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.6020\office6\addons\kpdf2wordshellext\kpdf2wordshellext64.dll [2018-04-17] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Linio.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=es_pe&pf=all&s=Linio&tp=dticon

==================== Loaded Modules (Whitelisted) ==============

2009-06-25 09:27 - 2009-06-25 09:27 - 000541184 _____ (Marvell Semiconductor, Inc.) [File not signed] C:\WINDOWS\System32\mvtcpmon.dll
2009-06-25 09:25 - 2009-06-25 09:25 - 000144896 _____ (OpenSLP) [File not signed] C:\WINDOWS\System32\slp64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 08:04 - 2019-01-04 16:36 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts


2018-05-03 11:24 - 2018-05-03 11:30 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3864159795-4224723994-1547054730-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\diego\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\r14wdjq4z_930x525.jpg
DNS Servers: 200.49.130.47 - 200.42.4.210
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Easybits Recovery"
HKLM\...\StartupApproved\Run32: => "cmsc"
HKU\S-1-5-21-3864159795-4224723994-1547054730-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_3232174298A952ACC21152FD3F421D4C"
HKU\S-1-5-21-3864159795-4224723994-1547054730-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3864159795-4224723994-1547054730-1001\...\StartupApproved\Run: => "GUDelayStartup"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{633DD15F-BFAA-4936-9D3D-7C076C8791D4}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{CACBE58F-137B-4AF4-A692-40D5639E7D30}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{02056DAF-F022-4110-B2BF-9C7C36A91763}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{D0DB56ED-2972-48C3-A728-8F184EBD7E60}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{898F3EDB-D94A-4DA5-8F1D-620477046045}] => (Allow) LPort=161
FirewallRules: [{8C94E9BE-00CE-499B-9042-92C817125F4B}] => (Allow) LPort=427
FirewallRules: [{15990873-D9AA-4331-9415-33E3A2A54FFD}] => (Allow) LPort=9100
FirewallRules: [{AB42ACC3-FC38-4931-9D63-B4E873AD660D}] => (Allow) C:\Program Files\HP\HP LaserJet Pro M11-M13 Series\wificonfig.exe (Hewlett-Packard Company -> Hewlett Packard)
FirewallRules: [{4B2876B6-8BC4-4706-92E8-3B9F95B7A3FB}] => (Allow) C:\Program Files\HP\HP LaserJet Pro M11-M13 Series\wificonfig.exe (Hewlett-Packard Company -> Hewlett Packard)
FirewallRules: [{7ADCC5A1-5503-4BC9-B084-DCA2E7B54591}] => (Allow) C:\windows\system32\ezSharedSvcHost.exe (Easybits AS -> Easybits)
FirewallRules: [{2D12C2BD-FB0E-4234-B925-856AEEB0C8D5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DAE3D2D6-52EF-4AC2-8D34-19E1FE73C689}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DCCDF606-9E05-472C-B24D-2CB8E205BDCE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E28B1E84-8152-4DA6-9A0C-3CFBB700E236}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{652CC713-29DD-4EC5-943C-D0F3C78C51E6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{8F7035B7-8364-4CD5-A479-8D8B3A100D24}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{CF5FD934-B880-4125-B0A9-50B993972B57}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{3C2E8C27-3558-42A4-85C9-5E4B87C7756D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{A2439CAF-F661-4F63-8F1D-3C412E4B7E33}] => (Allow) LPort=5432
FirewallRules: [{08C960DB-BEBD-42C5-BFB7-B911A3AEDBD4}] => (Allow) C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.6020\office6\wpscloudsvr.exe (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C9C21486-0A4D-4D42-9D97-388E28F823CE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{70CEDA35-CA15-4804-B83C-7899BF7BE7E4}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6D6A0FDC-384E-4C48-8DD8-19B8F2EE8F0A}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F668A349-DF04-4E52-8C9D-5E1F127702F0}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{996316FE-2DB5-4404-96C0-8244E61EA7E8}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

23-07-2019 10:18:46 Punto de control programado
30-07-2019 12:40:54 Punto de control programado
06-08-2019 19:04:46 Removed Avast Driver Updater
08-08-2019 21:34:09 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/08/2019 09:33:28 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Windows Defender status to SECURITY_PRODUCT_STATE_OFF.

Error: (08/08/2019 09:33:14 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Windows Defender status to SECURITY_PRODUCT_STATE_ON.

Error: (08/08/2019 08:22:39 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido.
.


Operación:
   Ejecutando operación asincrónica

Contexto:
   Estado actual: DoSnapshotSet

Error: (08/08/2019 08:22:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddWin32ServiceFiles: Unable to back up image of service %1!s! Update Servicio (avastm) since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.
.

Error: (08/08/2019 08:22:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddWin32ServiceFiles: Unable to back up image of service %1!s! Update Servicio (avast) since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.
.

Error: (08/08/2019 08:09:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamtray.exe, versión: 3.1.0.1838, marca de tiempo: 0x5d13b12f
Nombre del módulo con errores: Qt5Core.dll, versión: 5.11.1.0, marca de tiempo: 0x5cba0161
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0018dc19
Identificador del proceso con errores: 0x2770
Hora de inicio de la aplicación con errores: 0x01d54e3e4230f7f5
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Identificador del informe: 5a8b8fd2-9faa-4086-8038-b51af2ccf175
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (08/07/2019 04:04:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: WLANExt.exe, versión: 10.0.17134.1, marca de tiempo: 0x37c688c7
Nombre del módulo con errores: Rtlihvs.dll, versión: 704.10.727.2017, marca de tiempo: 0x597edaff
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000079db2
Identificador del proceso con errores: 0x980
Hora de inicio de la aplicación con errores: 0x01d54d52df2fd6ed
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\WLANExt.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\system32\Rtlihvs.dll
Identificador del informe: fbb76bc2-953b-4844-8aa8-83c10c60108b
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


System errors:
=============
Error: (08/08/2019 09:31:32 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: El servicio SNMP detectó un error al tener acceso a la clave del Registro SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (08/08/2019 09:31:07 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 124) (User: NT AUTHORITY)
Description: 03225747456

Error: (08/08/2019 09:31:07 PM) (Source: Microsoft-Windows-Hyper-V-Hypervisor) (EventID: 41) (User: NT AUTHORITY)
Description: Hypervisor launch failed; Either VMX not present or not enabled in BIOS.

Error: (08/08/2019 09:30:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\WINDOWS\system32\Rtlihvs.dll

Error: (08/08/2019 09:30:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\WINDOWS\system32\Rtlihvs.dll

Error: (08/08/2019 09:30:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\WINDOWS\system32\Rtlihvs.dll

Error: (08/08/2019 08:23:27 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: El servicio SNMP detectó un error al tener acceso a la clave del Registro SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (08/08/2019 08:22:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Microsoft Office Click-to-Run Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.


Windows Defender:
===================================
Date: 2019-05-23 10:28:22.065
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {CAA6C65D-FD33-48C2-9433-A24DC4C74DA7}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-05-23 10:24:21.968
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {0A4E0F09-087A-4BEC-A416-018C92061AC4}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-05-23 10:22:15.089
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {D5F024E2-4732-4099-B55A-2C1248FB62D1}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-04-29 16:26:08.244
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {1E071827-E254-4AEC-B401-FD5D0E758C01}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-04-29 16:17:44.194
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {A2CB562C-902D-4D12-9C5E-BD9A6812C261}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-06-05 17:16:29.153
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Supervisión de comportamiento
Código de error: 0x80508023
Descripción del error: The program could not find the malware and other potentially unwanted software on this device. 
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2019-06-05 13:11:42.684
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.295.49.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16000.6
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulta Ayuda y soporte técnico. 

Date: 2019-06-03 16:13:11.531
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.291.1757.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual: 
Versión de motor anterior: 1.1.15800.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-06-03 16:13:11.530
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.291.1757.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual: 
Versión de motor anterior: 1.1.15800.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-06-03 16:13:11.530
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.291.1757.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual: 
Versión de motor anterior: 1.1.15800.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

==================== Memory info =========================== 

BIOS: AMI A0.05 09/07/2015
Motherboard: HP 2B3C
Processor: Intel(R) Pentium(R) CPU G3250T @ 2.80GHz
Percentage of memory in use: 54%
Total physical RAM: 4011.42 MB
Available physical RAM: 1806.86 MB
Total Virtual: 4715.42 MB
Available Virtual: 2676.2 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:910.74 GB) (Free:838.05 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:19.46 GB) (Free:19.37 GB) NTFS

\\?\Volume{f8292918-c67b-42d2-ac2b-25838024d1d4}\ (WINRE) (Fixed) (Total:0.84 GB) (Free:0.43 GB) NTFS
\\?\Volume{0c69fcaa-73d2-4443-be17-bfd397517b6b}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.27 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: C2AC653D)

Partition: GPT.

==================== End of Addition.txt ============================

JavierHF · 9 Agosto, 2019 14:13

Ho´la.

Tenias que haber empezado explicando esa incidencia que además puede ser el mayor responsable de los problemas que comentaste inicialmente.

Aparte necesito que NOS pongas el informe de FRST.txt que NO pusiste, para poder valorar todos los datos correctamente, gracias.

Saludos.

Flor_Tren · 9 Agosto, 2019 15:11

Es verdad! No se como omití ese gran detalle, que en realidad me da miedo que este mal el disco rígido o algo de eso, al ser all in one no es tan fácil cambiarle algún componente… Ahora copio el informe FRST.txt (se ve que copie dos veces el mismo informe)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-08-2019 02
Ran by diego (administrator) on DESKTOP-4CMG7I7 (HP 20-r102la) (08-08-2019 21:38:02)
Running from C:\Users\diego\Desktop
Loaded Profiles: diego (Available Profiles: diego & DefaultAppPool)
Platform: Windows 10 Home Single Language Version 1803 17134.706 (X64) Language: Español (México)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Easybits AS -> Easybits) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.13\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.13\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3864159795-4224723994-1547054730-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3864159795-4224723994-1547054730-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2019-08-04] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-3864159795-4224723994-1547054730-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3864159795-4224723994-1547054730-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-3864159795-4224723994-1547054730-1001\...\Policies\Explorer: [NoLogoff] 0
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.87\Installer\chrmstp.exe [2019-08-06] (Google LLC -> Google LLC)
BootExecute: autocheck autochk *  
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1C857654-01D2-4509-B4D2-0FC3DCF93CC7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {1DD4735B-21E7-4C3C-8E37-1C04B15E99D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {1FB4D2FF-47F3-4829-9AE6-0BA0324D374D} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [511344 2015-06-19] (Dropbox, Inc -> )
Task: {22800F49-F6F0-46B9-B8CA-B49F35A4F88C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2F5D7051-DC41-4D68-B491-B9738AAF9924} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-01-18] (Google Inc -> Google Inc.)
Task: {3E9950C9-7E67-4BBF-B58D-0DCD9B514902} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4AE82C2F-CB25-40BC-9946-C9F6BD294B0C} - System32\Tasks\HPCeeScheduleFordiego => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [96568 2015-06-16] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {57E57F1F-E3F4-4A55-A543-809CEC05924F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
Task: {5840EC51-CD63-45A1-92E7-1793C66BC57F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {6DC39236-1048-4E29-ACEA-7993FDBFA618} - System32\Tasks\WpsUpdateTask_diego => C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.6020\wtoolex\wpsupdate.exe [648320 2018-04-17] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {70CC0B2C-070B-4BE0-9BBB-E28BF518FC70} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {7487B7DD-4C17-444C-A9BC-84A0B5CA2172} - System32\Tasks\WpsExternal_diego_20180405084945 => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe [1257600 2018-04-17] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {7BA9D793-93C8-4958-B018-A52D97B750D2} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9240512 2017-12-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {7CF01F2D-8618-484B-959A-8D826DCF0B4C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {92CF314A-3DE1-4CDC-97BE-C865F2A064AC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [124280 2018-08-30] (HP Inc. -> HP Inc.)
Task: {9D121139-0C76-4622-8B19-91519688ADFC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2049928 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {A3078CAD-A8C1-4CCF-AB24-9A0FC7567663} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-01-18] (Google Inc -> Google Inc.)
Task: {BDCA8925-D052-4627-881E-FF2537BFFC8B} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {C4AFB72D-1BC7-4255-A405-31E9E401DC6A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {D0253DAB-2C6F-4192-A018-B382807C51B7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D052DFB7-CF0B-4A86-994E-85785A8E9D02} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleFordiego.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 200.49.130.47 200.42.4.210 200.42.4.210
Tcpip\..\Interfaces\{2d1e2bdc-7907-4f80-9b03-11f2dd6a8f20}: [DhcpNameServer] 200.49.130.47 200.42.4.210 200.42.4.210

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-3864159795-4224723994-1547054730-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-3864159795-4224723994-1547054730-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => No File
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 5icpn7tz.default
FF ProfilePath: C:\Users\diego\AppData\Roaming\Mozilla\Firefox\Profiles\5icpn7tz.default [2019-08-08]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\diego\AppData\Roaming\Mozilla\Firefox\Profiles\5icpn7tz.default\Extensions\[email protected] [2019-02-11]
FF Extension: (Avast Online Security) - C:\Users\diego\AppData\Roaming\Mozilla\Firefox\Profiles\5icpn7tz.default\Extensions\[email protected] [2018-10-10]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.13\npGoogleUpdate3.dll [2019-08-06] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.13\npGoogleUpdate3.dll [2019-08-06] (Google Inc -> Google LLC)

Chrome: 
=======
CHR Profile: C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default [2019-08-08]
CHR Extension: (Presentaciones) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-03]
CHR Extension: (Documentos) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-03]
CHR Extension: (Google Drive) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-05-03]
CHR Extension: (YouTube) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-03]
CHR Extension: (Avast Passwords) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2019-06-05]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-05]
CHR Extension: (Hojas de cálculo) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-03]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Avast Online Security) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-22]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-03]
CHR Extension: (Gmail) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-05]
CHR Extension: (Chrome Media Router) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-06]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11469920 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
R2 HPSIService; C:\windows\system32\HPSIsvc.exe [128272 2016-03-31] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-27] (HP Inc. -> HP Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370560 2018-09-19] (Intel Corporation -> Intel Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324544 2017-12-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [52736 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R2 SNMP; C:\WINDOWS\SysWOW64\snmp.exe [46592 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-07-26] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\WPS Office\wpscloudsvr.exe [220288 2018-04-17] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37320 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [209256 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [263224 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [206056 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61688 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-18] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279336 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42504 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [168896 2019-07-31] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-07-31] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477288 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225816 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [387688 2019-08-06] (AVAST Software s.r.o. -> AVAST Software)
S3 clwvd6; C:\WINDOWS\system32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corp. -> CyberLink Corporation)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [28936 2019-08-06] (Glarysoft LTD -> Glarysoft Ltd)
S3 ksapi64; C:\WINDOWS\system32\drivers\ksapi64.sys [89776 2018-12-15] (Beijing Kingsoft Security software Co.,Ltd -> Kingsoft Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [29192 2016-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 PrjFlt; C:\WINDOWS\system32\drivers\prjflt.sys [195600 2018-12-08] (Microsoft Windows -> Microsoft Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [301784 2015-06-01] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1024848 2018-01-19] (Realtek Semiconductor Corp. -> Realtek )
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [7904088 2018-04-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
R0 VMSNPXY; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [36768 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [47496 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [337632 2019-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-08 21:38 - 2019-08-08 21:39 - 000023168 _____ C:\Users\diego\Desktop\FRST.txt
2019-08-08 21:37 - 2019-08-08 21:38 - 000000000 ____D C:\FRST
2019-08-08 21:36 - 2019-08-08 21:36 - 000000643 _____ C:\Users\diego\Desktop\JRT.txt
2019-08-08 20:17 - 2019-08-08 20:22 - 000000000 ____D C:\AdwCleaner
2019-08-08 20:15 - 2019-08-08 20:15 - 000000657 _____ C:\Users\diego\Desktop\MBAM.txt
2019-08-08 20:13 - 2019-08-08 20:13 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2019-08-08 20:13 - 2019-08-08 20:13 - 000000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2019-08-08 20:08 - 2019-08-08 20:08 - 000180802 _____ C:\Users\diego\Desktop\cc_20190808_200756.reg
2019-08-08 20:08 - 2019-08-08 20:08 - 000000786 _____ C:\Users\diego\Desktop\cc_20190808_200821.reg
2019-08-08 20:05 - 2019-08-08 20:05 - 000000910 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-08-08 19:57 - 2019-08-08 19:58 - 002096640 _____ (Farbar) C:\Users\diego\Desktop\FRST64.exe
2019-08-08 19:53 - 2019-08-08 19:55 - 007623880 _____ (Malwarebytes) C:\Users\diego\Desktop\adwcleaner_7.4.exe
2019-08-08 19:53 - 2019-08-08 19:53 - 001790024 _____ (Malwarebytes) C:\Users\diego\Desktop\JRT.exe
2019-08-07 17:29 - 2019-08-07 17:31 - 000000000 ____D C:\Users\diego\AppData\Local\MSfree Inc
2019-08-07 17:09 - 2019-08-07 17:09 - 000002729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2019-08-07 17:09 - 2019-08-07 17:09 - 000002662 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive para la Empresa.lnk
2019-08-07 17:09 - 2019-08-07 17:09 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2019-08-07 17:09 - 2019-08-07 17:09 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Empresarial 2016.lnk
2019-08-07 17:09 - 2019-08-07 17:09 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2019-08-07 17:09 - 2019-08-07 17:09 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-08-07 17:09 - 2019-08-07 17:09 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2019-08-07 17:09 - 2019-08-07 17:09 - 000002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2019-08-07 17:09 - 2019-08-07 17:09 - 000002628 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2019-08-07 17:09 - 2019-08-07 17:09 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office 2016
2019-08-07 17:03 - 2019-08-07 17:03 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2019-08-07 17:03 - 2019-08-07 17:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-08-07 17:02 - 2019-08-07 17:02 - 000000000 ____D C:\WINDOWS\PCHEALTH
2019-08-07 17:02 - 2019-08-07 17:02 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2019-08-07 17:02 - 2019-08-07 17:02 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2019-08-07 17:01 - 2019-08-07 17:04 - 000000000 ____D C:\WINDOWS\SHELLNEW
2019-08-07 17:00 - 2019-08-07 17:00 - 000000000 ____D C:\Users\diego\AppData\Local\Microsoft Help
2019-08-07 17:00 - 2019-08-07 17:00 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2019-08-07 17:00 - 2019-08-07 17:00 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2019-08-07 16:59 - 2019-08-07 16:59 - 000000000 __RHD C:\MSOCache
2019-08-07 16:51 - 2019-08-07 16:51 - 000000000 ____D C:\Users\diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-08-07 16:51 - 2019-08-07 16:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-08-07 16:51 - 2019-08-07 16:51 - 000000000 ____D C:\Program Files\WinRAR
2019-08-07 16:48 - 2019-08-07 16:49 - 003231576 _____ (Alexander Roshal) C:\Users\diego\Downloads\winrar-x64-571es.exe
2019-08-07 16:25 - 2019-08-07 16:26 - 000000000 ___RD C:\Users\diego\Desktop\Documentos
2019-08-07 15:36 - 2019-08-08 21:31 - 000212992 _____ C:\WINDOWS\system32\ClickToRun_Pipeline16
2019-08-07 15:36 - 2019-08-07 15:36 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-08-07 15:32 - 2019-08-07 15:32 - 000000000 ___HD C:\$WINDOWS.~BT
2019-08-07 15:31 - 2019-08-08 19:59 - 000000000 ___RD C:\Users\diego\Desktop\Antivirus
2019-08-07 15:24 - 2019-08-07 15:24 - 000000000 ____D C:\Users\diego\AppData\Local\mbamtray
2019-08-07 15:24 - 2019-08-07 15:24 - 000000000 ____D C:\Users\diego\AppData\Local\mbam
2019-08-07 15:23 - 2019-08-07 15:23 - 000001959 _____ C:\Users\diego\Desktop\Malwarebytes.lnk
2019-08-07 15:23 - 2019-08-07 15:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-08-07 15:23 - 2019-08-07 15:23 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-08-07 15:23 - 2019-08-07 15:23 - 000000000 ____D C:\Program Files\Malwarebytes
2019-08-07 15:23 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-08-07 15:23 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-08-06 18:31 - 2019-08-06 18:31 - 000000080 ___SH C:\bootTel.dat
2019-08-06 18:26 - 2019-08-06 18:26 - 000000000 ____D C:\ProgramData\GlarySoft
2019-08-06 17:06 - 2019-08-06 19:27 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2019-08-06 17:06 - 2019-08-06 17:07 - 000000000 ____D C:\Users\diego\AppData\Roaming\GlarySoft
2019-08-06 17:06 - 2019-08-06 17:06 - 000028936 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2019-08-06 17:06 - 2019-08-06 17:06 - 000001172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2019-08-06 17:06 - 2019-08-06 17:06 - 000000000 ____D C:\Users\diego\AppData\Roaming\DiskDefrag
2019-08-06 17:06 - 2019-08-06 17:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2019-08-06 16:39 - 2019-08-06 16:39 - 000000000 ____D C:\WINDOWS\pss
2019-08-06 16:32 - 2019-08-06 16:49 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-08-06 15:25 - 2019-08-06 18:11 - 000000000 ____D C:\WINDOWS\Minidump
2019-07-26 18:55 - 2019-07-26 18:55 - 000013680 _____ C:\Users\diego\Downloads\Mov julio.xlsx
2019-07-23 17:01 - 2019-08-08 20:05 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-07-23 17:01 - 2019-08-08 20:05 - 000002238 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-07-23 17:01 - 2019-07-23 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-07-23 17:01 - 2019-07-23 17:01 - 000000000 ____D C:\Program Files\CCleaner
2019-07-22 17:23 - 2019-07-31 19:40 - 000168896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-07-22 17:23 - 2019-07-22 17:23 - 000363400 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-07-22 17:23 - 2019-07-22 17:23 - 000225816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-07-22 15:55 - 2019-07-22 15:55 - 000000000 ____D C:\Users\TEMP\AppData\Local\VirtualStore
2019-07-22 15:50 - 2019-07-22 15:54 - 000000000 ____D C:\Users\TEMP
2019-07-15 14:01 - 2019-07-18 12:45 - 000000000 _____ C:\WINDOWS\system32\last.dump

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-08 21:33 - 2018-10-10 18:30 - 000000000 ____D C:\Users\diego\AppData\Local\AVAST Software
2019-08-08 21:32 - 2018-04-11 20:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-08 21:31 - 2018-10-01 10:44 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleFordiego.job
2019-08-08 21:31 - 2018-05-19 09:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-08 21:31 - 2017-07-21 20:27 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-08-08 21:31 - 2017-07-14 22:17 - 000000000 __SHD C:\Users\diego\IntelGraphicsProfiles
2019-08-08 21:30 - 2018-05-19 08:52 - 000000000 ____D C:\Users\diego
2019-08-08 21:30 - 2018-04-11 18:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-08-08 21:26 - 2018-10-10 18:27 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-08-08 20:22 - 2017-07-14 22:19 - 000000000 ____D C:\Users\diego\AppData\Roaming\Hewlett-Packard
2019-08-08 20:22 - 2017-07-14 22:19 - 000000000 ____D C:\Users\diego\AppData\Local\Hewlett-Packard
2019-08-08 20:22 - 2015-11-27 06:33 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-08-08 20:22 - 2015-11-27 06:33 - 000000000 ____D C:\Program Files\Hewlett-Packard
2019-08-08 20:22 - 2015-11-27 06:32 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2019-08-08 20:10 - 2018-04-11 20:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-08-08 20:09 - 2018-10-11 08:23 - 000000000 ____D C:\Users\diego\AppData\Local\CrashDumps
2019-08-08 20:07 - 2018-04-11 20:36 - 000000000 ____D C:\WINDOWS\INF
2019-08-08 20:05 - 2019-01-18 09:56 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-08-08 20:05 - 2019-01-18 09:56 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-08-08 20:05 - 2019-01-03 12:04 - 000002280 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2019-08-08 20:05 - 2018-10-10 18:27 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-08-08 20:05 - 2018-10-01 10:44 - 000002802 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleFordiego
2019-08-08 20:05 - 2018-05-19 09:07 - 000003362 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B73CEF21-2F96-49DF-922E-D12A1C67C75C}
2019-08-08 20:05 - 2018-05-19 09:07 - 000002942 _____ C:\WINDOWS\System32\Tasks\WpsExternal_diego_20180405084945
2019-08-08 20:05 - 2018-05-19 09:07 - 000002670 _____ C:\WINDOWS\System32\Tasks\WpsUpdateTask_diego
2019-08-08 20:05 - 2018-05-19 09:07 - 000002172 _____ C:\WINDOWS\System32\Tasks\DropboxOEM
2019-08-08 19:46 - 2018-05-19 08:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-07 17:38 - 2018-05-19 08:48 - 000426736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-08-07 17:25 - 2018-05-17 09:57 - 000000000 ___DC C:\WINDOWS\Panther
2019-08-07 17:23 - 2018-04-11 20:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-08-07 17:02 - 2017-08-29 11:35 - 000000000 ____D C:\Program Files\Microsoft Office
2019-08-07 17:01 - 2018-04-11 20:38 - 000000000 ____D C:\Program Files\Common Files\system
2019-08-07 17:01 - 2015-07-10 08:04 - 000000199 _____ C:\WINDOWS\win.ini
2019-08-07 17:00 - 2015-11-27 06:34 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-08-07 16:50 - 2017-07-18 10:37 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-08-07 16:47 - 2017-07-18 10:37 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-08-07 16:21 - 2017-08-03 10:10 - 000000436 _____ C:\Users\diego\Desktop\Este equipo.lnk
2019-08-07 16:02 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-08-07 15:23 - 2018-04-11 20:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-08-07 15:22 - 2017-07-18 10:36 - 000000000 ____D C:\Program Files\rempl
2019-08-06 20:10 - 2017-09-02 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2019-08-06 18:47 - 2018-10-10 18:19 - 000000000 ____D C:\ProgramData\AVAST Software
2019-08-06 18:37 - 2019-01-18 09:57 - 000002382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-06 18:37 - 2019-01-18 09:57 - 000002341 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-06 18:36 - 2018-05-03 19:15 - 000000000 ____D C:\Users\diego\AppData\Local\Google
2019-08-06 16:26 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-06 14:51 - 2018-10-10 18:26 - 000387688 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-07-31 19:40 - 2018-10-10 18:26 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-07-29 16:26 - 2017-12-06 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2019-07-23 17:07 - 2017-07-27 10:45 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-07-23 15:52 - 2017-07-14 16:35 - 000000000 ____D C:\Users\diego\AppData\Roaming\Kingsoft
2019-07-23 15:52 - 2015-11-27 06:49 - 000000000 ____D C:\ProgramData\Kingsoft
2019-07-22 18:37 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-07-22 17:23 - 2019-02-22 09:26 - 000279336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-07-22 17:23 - 2019-01-18 10:00 - 000263224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-07-22 17:23 - 2019-01-18 09:46 - 000206056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-07-22 17:23 - 2019-01-18 09:46 - 000061688 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-07-22 17:23 - 2019-01-18 09:46 - 000037320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-07-22 17:23 - 2018-10-10 18:26 - 000477288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-07-22 17:23 - 2018-10-10 18:26 - 000209256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-07-22 17:23 - 2018-10-10 18:26 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-07-22 17:23 - 2018-10-10 18:26 - 000088160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-07-22 17:23 - 2018-10-10 18:26 - 000042504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-07-22 15:51 - 2015-07-16 11:00 - 000000000 __RHD C:\Users\Public\AccountPictures

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

JavierHF · 9 Agosto, 2019 15:50

Hola.

Pues entonces… pasemos a verificar como tienes el disco duro de tu equipo, para hacerlo sigue el 3er. MÉTODO: descrito en esta Faq de ayuda ¿Cómo usar CHKDSK para realizar una comprobación del disco?, que es válida también para un Windows 10.

Una vez terminado el proceso, que puede/debe durar bastante rato, debes poner el informe que se habrá guardado por parte de Windows y que tienes que encontrar siguiendo estos pasos ¿Cuándo y cómo usar el visor de eventos (eventvwr.msc)?

Fíjate bien en como es el informe que viene en ese tema, para que busques algo similar y NO pongas cualquier otra cosa.

Nos pones el informe y comentas como sigue el problema del equipo.

Saludos.

Flor_Tren · 12 Agosto, 2019 21:12

Buenas tardes @JavierHF disculpa que me demore en responder. Hoy hice la comprobación, tardó bastante rato, estuvo mucho en 10% y después me pidió reiniciar e inició bien, al parecer entró rápidamente al chrome, no se como seguirá mas adelante. A continuación pego los dos informes que aparecen de windows error reporting, son de un segundo de diferencia pero por las dudas copio los dos…

Saludos!

Nombre de registro:Application
Origen:        Windows Error Reporting
Fecha:         12/8/2019 5:58:58 p. m.
Id. del evento:1001
Categoría de la tarea:Ninguno
Nivel:         Información
Palabras clave:Clásico
Usuario:       No disponible
Equipo:        DESKTOP-4CMG7I7
Descripción:
Depósito con errores , tipo 0
Nombre de evento: StoreAgentAcquireLicenseFailure1
Respuesta: No disponible
Identificador de archivo CAB: 0

Firma del problema:
P1: Update;Update;ScanForUpdates
P2: 80080005
P3: 17134
P4: 706
P5: Windows.Desktop
P6: 6
P7: 
P8: 
P9: 
P10: 

Archivos adjuntos:
\\?\C:\WINDOWS\TEMP\FailureReportMetadata_7540.txt
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERA247.tmp.WERInternalMetadata.xml
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERA277.tmp.xml
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERA27A.tmp.csv
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERA2AA.tmp.txt

Es posible que estos archivos estén disponibles aquí:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_Update;Update;Sc_2aeb81cca0138caa22cac278bc459992fc90b8_00000000_cab_18a0a2b4

Símbolo de análisis: 
Nueva búsqueda de una solución: 0
Identificador de informe: 326a50bb-094b-4965-a809-61bfb4233921
Estado del informe: 4
Depósito con algoritmo hash: 
GUID de CAB: 0
XML de evento:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Windows Error Reporting" />
    <EventID Qualifiers="0">1001</EventID>
    <Level>4</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2019-08-12T20:58:58.160402700Z" />
    <EventRecordID>67255</EventRecordID>
    <Channel>Application</Channel>
    <Computer>DESKTOP-4CMG7I7</Computer>
    <Security />
  </System>
  <EventData>
    <Data>
    </Data>
    <Data>0</Data>
    <Data>StoreAgentAcquireLicenseFailure1</Data>
    <Data>No disponible</Data>
    <Data>0</Data>
    <Data>Update;Update;ScanForUpdates</Data>
    <Data>80080005</Data>
    <Data>17134</Data>
    <Data>706</Data>
    <Data>Windows.Desktop</Data>
    <Data>6</Data>
    <Data>
    </Data>
    <Data>
    </Data>
    <Data>
    </Data>
    <Data>
    </Data>
    <Data>
\\?\C:\WINDOWS\TEMP\FailureReportMetadata_7540.txt
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERA247.tmp.WERInternalMetadata.xml
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERA277.tmp.xml
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERA27A.tmp.csv
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERA2AA.tmp.txt</Data>
    <Data>C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_Update;Update;Sc_2aeb81cca0138caa22cac278bc459992fc90b8_00000000_cab_18a0a2b4</Data>
    <Data>
    </Data>
    <Data>0</Data>
    <Data>326a50bb-094b-4965-a809-61bfb4233921</Data>
    <Data>4</Data>
    <Data>
    </Data>
    <Data>0</Data>
  </EventData>
</Event>

Nombre de registro:Application
Origen:        Windows Error Reporting
Fecha:         12/8/2019 5:58:59 p. m.
Id. del evento:1001
Categoría de la tarea:Ninguno
Nivel:         Información
Palabras clave:Clásico
Usuario:       No disponible
Equipo:        DESKTOP-4CMG7I7
Descripción:
Depósito con errores 1975902734915530867, tipo 5
Nombre de evento: StoreAgentAcquireLicenseFailure1
Respuesta: No disponible
Identificador de archivo CAB: 0

Firma del problema:
P1: Update;Update;ScanForUpdates
P2: 80080005
P3: 17134
P4: 706
P5: Windows.Desktop
P6: 6
P7: 
P8: 
P9: 
P10: 

Archivos adjuntos:
\\?\C:\WINDOWS\TEMP\FailureReportMetadata_7540.txt
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERA247.tmp.WERInternalMetadata.xml
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERA277.tmp.xml
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERA27A.tmp.csv
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERA2AA.tmp.txt

Es posible que estos archivos estén disponibles aquí:
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_Update;Update;Sc_2aeb81cca0138caa22cac278bc459992fc90b8_00000000_0f8ca8ee

Símbolo de análisis: 
Nueva búsqueda de una solución: 0
Identificador de informe: 326a50bb-094b-4965-a809-61bfb4233921
Estado del informe: 268435456
Depósito con algoritmo hash: 0a0d79e02d2788319b6bd111915cf073
GUID de CAB: 0
XML de evento:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Windows Error Reporting" />
    <EventID Qualifiers="0">1001</EventID>
    <Level>4</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2019-08-12T20:58:59.807217900Z" />
    <EventRecordID>67256</EventRecordID>
    <Channel>Application</Channel>
    <Computer>DESKTOP-4CMG7I7</Computer>
    <Security />
  </System>
  <EventData>
    <Data>1975902734915530867</Data>
    <Data>5</Data>
    <Data>StoreAgentAcquireLicenseFailure1</Data>
    <Data>No disponible</Data>
    <Data>0</Data>
    <Data>Update;Update;ScanForUpdates</Data>
    <Data>80080005</Data>
    <Data>17134</Data>
    <Data>706</Data>
    <Data>Windows.Desktop</Data>
    <Data>6</Data>
    <Data>
    </Data>
    <Data>
    </Data>
    <Data>
    </Data>
    <Data>
    </Data>
    <Data>
\\?\C:\WINDOWS\TEMP\FailureReportMetadata_7540.txt
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERA247.tmp.WERInternalMetadata.xml
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERA277.tmp.xml
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERA27A.tmp.csv
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERA2AA.tmp.txt</Data>
    <Data>C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_Update;Update;Sc_2aeb81cca0138caa22cac278bc459992fc90b8_00000000_0f8ca8ee</Data>
    <Data>
    </Data>
    <Data>0</Data>
    <Data>326a50bb-094b-4965-a809-61bfb4233921</Data>
    <Data>268435456</Data>
    <Data>0a0d79e02d2788319b6bd111915cf073</Data>
    <Data>0</Data>
  </EventData>
</Event>

JavierHF · 12 Agosto, 2019 23:06

Hola.

Ninguno d esos informes corresponde con el que existe de ejemplo en el tema que te puse anteriormente y que debería servirte para comparar el contenido y no poner cualquier otro.

Buscalo y comparalo para verificar los contenidos y te darás cuenta que nada tienen que ver.

Localiza el que debes poner pàra que podamos valorarlo adecuadamente.

Saludos.