Bgh lenta demasiado

#1

Buenas Noches, tengo mi netbook demasiado lenta me podrán ayudar, gracias

0 me gusta

#2

Hola

Realiza los siguientes pasos, , sin cambiar el orden

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware,

Manual Malwarebytes, para que sepas usarlo y configurarlo.

  • Realiza un Análisis Personalizado,marcando Todas las casillas de la derecha y de la Izquierda actualizando si te lo pide.
  • Pulsar en “Eliminar Seleccionados” para enviarlo a la cuarentena y Reinicias el sistema.
  • Para acceder posteriormente al informe del análisis : Informes >> Registro de análisis >> Pulsar en >> Exportar >> Copiar al Portapapeles, y lo pegas en tu respuesta

2) Descarga Adwcleaner en el escritorio.

  • Desactiva tu antivirus :arrow_forward:Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad.

  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • Si no encuentra nada, pulsamos “Omitir Reparación

  • El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"

Puedes mirar su manual >> Manual de Adwcleaner

3) Descarga Ccleaner

Instalalo y ejecútalo. En la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador. Clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad.

Pega los reportes de Malwarebytes, AdwCleaner y comentas como va el problema.


0 me gusta

#4
# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build:    11-26-2018
# Database: 2018-12-03.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    12-05-2018
# Duration: 00:00:28
# OS:       Windows 8.1 Single Language
# Cleaned:  0
# Failed:   1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Not Deleted   Blog

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1265 octets] - [05/12/2018 22:10:53]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 4/12/18
Hora del análisis: 13:13
Archivo de registro: 8e2469f4-f7df-11e8-ab81-18cf5e2c50a3.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.482
Versión del paquete de actualización: 1.0.8161
Licencia: Prueba

-Información del sistema-
SO: Windows 8.1
CPU: x64
Sistema de archivos: NTFS
Usuario: PCTULI\LOS

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 328332
Amenazas detectadas: 1
Amenazas en cuarentena: 0
Tiempo transcurrido: 15 hr, 36 min, 17 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 1
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, Sin acciones por parte del usuario, [255], [476595],1.0.8161

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Alguien me puede ayudar . gracias

0 me gusta

#5

El log de Malwarebytes pone que no se realizaron acciones por el usuario

Eliminarte lo que encontró??

Mira si esta en Cuarentena

Comentas ademas como va el pc

0 me gusta

#6

Sigue igual de lenta .

0 me gusta

#7
  • Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

  • En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.

0 me gusta

#8

BUENAS TARDES ANTES QUE NADA PERDON POR RESPONDER TARDE PERO POR PROBLEMAS PERSONALES NO PUDE SEGUIR.
PEGO LOS REPORTES

texto preformateado precedido por 4 espacios

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by LOS (administrator) on PCTULI (24-03-2019 14:42:45)
Running from C:\Users\LOS\Desktop
Loaded Profiles: LOS (Available Profiles: LOS)
Platform: Windows 8.1 Single Language (Update) (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() [File not signed] C:\Program Files\Thread\SYDpresent.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Netherlands B.V. -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(AVG Netherlands B.V. -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AVG Netherlands B.V. -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler64.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\System32\DptfPolicyLpmServiceHelper.exe [111488 2013-09-17] (Intel(R) Software -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [290064 2018-12-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2016-12-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ThreadPresent] => C:\Program Files\Thread\SYDpresent.exe [737280 2013-12-07] () [File not signed]
HKU\S-1-5-21-1436185858-3174122031-2001499232-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19554936 2018-11-28] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1436185858-3174122031-2001499232-1001\...\MountPoints2: {79023f05-8e9d-11e7-8268-18cf5e2c50a3} - "D:\LG_PC_Programs.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\Installer\chrmstp.exe [2018-12-04] (Google Inc -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\70.0.659.104\Installer\chrmstp.exe [2018-12-03] (AVG Technologies USA, Inc. -> AVG Technologies)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll [2016-12-17] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 200.49.130.51 200.42.4.198
Tcpip\..\Interfaces\{265F3060-AD2C-4FE8-8D93-EE88B23F0C15}: [DhcpNameServer] 200.49.130.51 200.42.4.198
Tcpip\..\Interfaces\{C6A2BA5D-A192-4254-8C15-8C987950F4B8}: [DhcpNameServer] 172.16.1.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1436185858-3174122031-2001499232-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem.msn.com
SearchScopes: HKLM -> DefaultScope {CDCC6F3C-EEE3-4C11-BA14-C2F09B2A6942} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {CDCC6F3C-EEE3-4C11-BA14-C2F09B2A6942} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1436185858-3174122031-2001499232-1001 -> DefaultScope {CDCC6F3C-EEE3-4C11-BA14-C2F09B2A6942} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-03-24] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-03] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-03] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-24] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-24] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-24] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-24] (Microsoft Corporation -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.11.2 -> C:\Windows\system32\npDeployJava1.dll [2014-10-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-10-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-03-04] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-03-04] (Google Inc -> Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\LOS\AppData\Local\Google\Chrome\User Data\Default [2019-03-24]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\LOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-02]
CHR Extension: (Chrome Media Router) - C:\Users\LOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-05]
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2018-12-03] (AVG Netherlands B.V. -> AVG Technologies)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [324048 2018-12-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\x64\aswidsagenta.exe [8237160 2018-12-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2018-12-03] (AVG Netherlands B.V. -> AVG Technologies)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129928 2019-03-06] (Microsoft Corporation -> Microsoft Corporation)
R2 DptfParticipantAcpiProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-09-17] (Intel(R) Software -> Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [150760 2013-09-17] (Intel(R) Software -> Intel Corporation)
S2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124904 2013-09-17] (Intel(R) Software -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 athr; C:\Windows\system32\DRIVERS\athw8x.sys [3680256 2013-06-18] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [201504 2018-12-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [231104 2018-12-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [202528 2018-12-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\System32\drivers\avgbloga.sys [346840 2018-12-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [59744 2018-12-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [46648 2018-12-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [42552 2018-12-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [163256 2019-03-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [112040 2018-12-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [87680 2018-12-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1028920 2018-12-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [469520 2018-12-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S2 avgStm; C:\Windows\System32\drivers\avgStm.sys [208712 2018-12-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [380704 2018-12-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 DptfDevAcpiProc; C:\Windows\system32\DRIVERS\DptfDevAcpiProc.sys [198808 2013-09-17] (Intel(R) Software -> Intel Corporation)
S3 DptfDevDisplay; C:\Windows\System32\drivers\DptfDevDisplay.sys [70752 2013-09-17] (Intel(R) Software -> Intel Corporation)
S3 DptfDevDram; C:\Windows\System32\drivers\DptfDevDram.sys [145640 2013-09-17] (Intel(R) Software -> Intel Corporation)
S3 DptfDevFan; C:\Windows\System32\drivers\DptfDevFan.sys [50640 2013-09-17] (Intel(R) Software -> Intel Corporation)
S3 DptfDevGen; C:\Windows\System32\drivers\DptfDevGen.sys [78504 2013-09-17] (Intel(R) Software -> Intel Corporation)
S3 DptfDevPch; C:\Windows\System32\drivers\DptfDevPch.sys [116752 2013-09-17] (Intel(R) Software -> Intel Corporation)
S3 DptfDevPower; C:\Windows\System32\drivers\DptfDevPower.sys [71808 2013-09-17] (Intel(R) Software -> Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [493240 2013-09-17] (Intel(R) Software -> Intel Corporation)
R3 igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [4209152 2014-06-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [260480 2019-03-24] (Malwarebytes Corporation -> Malwarebytes)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-09] (Intel(R) Software -> Intel Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2945240 2014-03-10] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
R0 THREADACPI; C:\Windows\System32\drivers\THREADACPI.SYS [17192 2014-01-20] (Thread Technology Co., Ltd. -> Thread Technology Co., Ltd)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-24 14:42 - 2019-03-24 14:45 - 000017397 _____ C:\Users\LOS\Desktop\FRST.txt
2019-03-24 14:38 - 2019-03-24 14:38 - 002434048 _____ (Farbar) C:\Users\LOS\Desktop\FRST64.exe
2019-03-24 14:21 - 2019-03-24 14:21 - 000002481 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-03-24 14:21 - 2019-03-24 14:21 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-03-24 14:21 - 2019-03-24 14:21 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-03-24 14:21 - 2019-03-24 14:21 - 000002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-03-24 14:21 - 2019-03-24 14:21 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-03-24 14:21 - 2019-03-24 14:21 - 000002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-03-24 14:21 - 2019-03-24 14:21 - 000002389 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-03-24 14:21 - 2019-03-24 14:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2019-03-24 14:10 - 2019-03-24 14:10 - 000002374 _____ C:\Users\LOS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive para la Empresa.lnk
2019-03-04 23:20 - 2018-11-30 20:43 - 000835688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-03-04 23:20 - 2018-11-30 20:43 - 000179808 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-04 23:18 - 2019-03-24 14:21 - 000260480 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-24 14:42 - 2017-08-01 14:31 - 000000000 ____D C:\FRST
2019-03-24 14:41 - 2013-08-22 12:36 - 000000000 ____D C:\Windows\AppReadiness
2019-03-24 14:39 - 2017-06-05 01:43 - 000000000 ___DO C:\Users\LOS\OneDrive
2019-03-24 14:28 - 2013-08-22 12:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-24 14:26 - 2017-06-05 01:41 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1436185858-3174122031-2001499232-1001
2019-03-24 14:26 - 2014-03-18 07:04 - 001822472 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-24 14:26 - 2014-03-18 06:31 - 000806810 _____ C:\Windows\system32\perfh00A.dat
2019-03-24 14:26 - 2014-03-18 06:31 - 000165014 _____ C:\Windows\system32\perfc00A.dat
2019-03-24 14:26 - 2013-08-22 10:36 - 000000000 ____D C:\Windows\Inf
2019-03-24 14:24 - 2017-12-25 21:06 - 000020992 ___SH C:\Users\LOS\Desktop\Thumbs.db
2019-03-24 14:16 - 2014-10-03 05:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-03-24 14:15 - 2017-06-05 01:34 - 000000000 ____D C:\Users\LOS
2019-03-24 14:15 - 2013-08-22 11:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-24 14:14 - 2017-07-30 12:18 - 000000000 ____D C:\Program Files\CCleaner
2019-03-24 13:02 - 2018-12-04 17:16 - 000000000 ____D C:\Users\LOS\AppData\Local\CrashDumps
2019-03-24 12:42 - 2017-06-09 19:14 - 000003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F51301E8-4369-4B63-9588-6CE79F79D7BB}
2019-03-24 12:32 - 2013-08-22 12:36 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-24 12:24 - 2013-08-22 12:20 - 000000000 ____D C:\Windows\CbsTemp
2019-03-04 23:23 - 2018-12-02 23:47 - 000163256 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2019-03-04 23:22 - 2017-06-09 22:00 - 000003470 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-04 23:22 - 2017-06-09 22:00 - 000003342 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-04 23:14 - 2013-08-22 11:44 - 000476272 _____ C:\Windows\system32\FNTCACHE.DAT
2019-03-04 23:12 - 2013-08-22 10:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2019-03-04 23:03 - 2013-08-22 12:36 - 000000000 ___RD C:\Windows\ToastData

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-12-04 13:00

==================== End of FRST.txt ============================
0 me gusta

#9

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019 Ran by LOS (24-03-2019 14:46:51) Running from C:\Users\LOS\Desktop Windows 8.1 Single Language (Update) (X64) (2017-06-05 04:34:39) Boot Mode: Normal ==========================================================

==================== Accounts: =============================

Administrador (S-1-5-21-1436185858-3174122031-2001499232-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-1436185858-3174122031-2001499232-1003 - Limited - Enabled)
Invitado (S-1-5-21-1436185858-3174122031-2001499232-501 - Limited - Disabled)
LOS (S-1-5-21-1436185858-3174122031-2001499232-1001 - Administrator - Enabled) => C:\Users\LOS

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Disabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Disabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Connect 9 Add-in (HKU\S-1-5-21-1436185858-3174122031-2001499232-1001\...\Adobe Connect 9 Add-in) (Version: 11.9.979.366 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
Adobe® Flash® Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.1.2.3P - Adobe Systems Incorporated)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 18.8.3071 - AVG Technologies)
AVG Secure Browser (HKLM-x32\...\AVG Secure Browser) (Version: 70.0.659.104 - AVG Technologies)
AVG Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.155.333 - AVG Technologies) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.50 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Galería de fotos (HKLM-x32\...\{8F7FECEC-088F-431D-A5FB-2B59E1E69943}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.10.0.2208 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3366 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Java 7 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417011FF}) (Version: 7.0.110 - Oracle)
LG United Mobile Drivers (HKLM-x32\...\{2D5218EB-6992-46E3-8ECE-76C79AB955CE}) (Version: 3.13.2.0 - LG Electronics)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office Profesional 2016 - es-es (HKLM\...\ProfessionalRetail - es-es) (Version: 16.0.11328.20158 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1436185858-3174122031-2001499232-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{13F3CEA5-9E2C-4C4E-9F0F-D0DB389CF4A9}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Thread Firmware Extension Device App (HKLM-x32\...\{982D1E1F-C094-4E46-B56B-EFA155FC9414}) (Version: 1.05.1004 - Thread Technology Co.,Ltd.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShA64.dll [2018-12-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2014-06-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShA64.dll [2018-12-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1726F307-02FE-4A5D-9699-FEA496AFE86C} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {5F7BEF05-6B92-4521-B22C-D2AF47433053} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {6B94B8F5-B514-4F5B-8F3E-C50A5D218D51} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe (AVG Netherlands B.V. -> AVG Technologies)
Task: {722A4B5C-FD5D-4141-8AAA-7E93DCA5DCE4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7827FC31-2413-4C16-B73F-399A9B975648} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {78CA13D6-CC1D-4AD1-8264-F803D04F818F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {8B4E32E7-56B3-4FA0-B49F-EF72213C62A9} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {92E618C7-611C-4EE2-B421-5C38A1DDB9D8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {932E6840-4FB4-447F-B7F0-21F5E2E33712} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {9BAF8376-2B9E-414A-A965-C30D75D282D4} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe (AVG Netherlands B.V. -> AVG Technologies)
Task: {9E96B80A-4D29-42C6-8A73-E3E5F93A3DA1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {AAE24342-7F49-4436-868D-76635DF619D8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {F591D7B6-4377-4486-80E2-C8480C480C4E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {FB73B51F-4992-440D-B89B-241982380189} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2013-07-01 20:08 - 2013-07-01 20:08 - 000733696 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
2014-10-03 11:41 - 2013-12-07 12:24 - 000737280 _____ () [File not signed] C:\Program Files\Thread\SYDpresent.exe
2018-12-02 23:57 - 2018-12-02 23:57 - 000019752 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-heap-l1-1-0.dll
2018-12-02 23:57 - 2018-12-02 23:57 - 000023336 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-runtime-l1-1-0.dll
2018-12-02 23:57 - 2018-12-02 23:57 - 000024880 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-string-l1-1-0.dll
2018-12-02 23:57 - 2018-12-02 23:57 - 000024880 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-stdio-l1-1-0.dll
2018-12-02 23:57 - 2018-12-02 23:57 - 000019248 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-locale-l1-1-0.dll
2018-12-02 23:57 - 2018-12-02 23:57 - 000027952 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-math-l1-1-0.dll
2018-12-02 23:57 - 2018-12-02 23:57 - 000026928 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-multibyte-l1-1-0.dll
2018-12-02 23:57 - 2018-12-02 23:57 - 000022832 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-convert-l1-1-0.dll
2018-12-02 23:57 - 2018-12-02 23:57 - 000021296 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-time-l1-1-0.dll
2018-12-02 23:57 - 2018-12-02 23:57 - 000020784 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-filesystem-l1-1-0.dll
2018-12-02 23:57 - 2018-12-02 23:57 - 000019248 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-environment-l1-1-0.dll
2018-12-02 23:57 - 2018-12-02 23:57 - 000019248 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_6bbcfeb7d72790b2\api-ms-win-crt-utility-l1-1-0.dll
2014-10-03 11:41 - 2013-10-25 11:38 - 001396224 _____ () [File not signed] C:\Program Files\Thread\ImageList.dll
2018-12-02 23:56 - 2018-12-02 23:56 - 000022832 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-runtime-l1-1-0.dll
2018-12-02 23:56 - 2018-12-02 23:56 - 000024368 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-string-l1-1-0.dll
2018-12-02 23:56 - 2018-12-02 23:56 - 000024368 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-stdio-l1-1-0.dll
2018-12-02 23:56 - 2018-12-02 23:56 - 000019248 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-heap-l1-1-0.dll
2018-12-02 23:56 - 2018-12-02 23:56 - 000022320 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-convert-l1-1-0.dll
2018-12-02 23:56 - 2018-12-02 23:56 - 000018736 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-locale-l1-1-0.dll
2018-12-02 23:56 - 2018-12-02 23:56 - 000020784 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-time-l1-1-0.dll
2018-12-02 23:56 - 2018-12-02 23:56 - 000020272 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-filesystem-l1-1-0.dll
2018-12-02 23:56 - 2018-12-02 23:56 - 000018736 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-utility-l1-1-0.dll
2018-12-02 23:56 - 2018-12-02 23:56 - 000028968 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-math-l1-1-0.dll
2018-12-02 23:56 - 2018-12-02 23:56 - 000026416 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-multibyte-l1-1-0.dll
2018-12-02 23:56 - 2018-12-02 23:56 - 000018736 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\api-ms-win-crt-environment-l1-1-0.dll
2018-12-02 23:56 - 2018-12-02 23:56 - 001142064 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_avg.vc140.crt_f92d94485545da78_14.0.25325.0_none_b36a358eeba3b9b8\ucrtbase.DLL
2018-12-03 22:55 - 2018-10-18 08:44 - 003127808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2018-12-03 22:55 - 2018-10-18 08:44 - 004719104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2018-12-03 22:55 - 2018-10-18 08:44 - 000445440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2018-12-03 22:55 - 2018-10-18 08:44 - 005231616 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2018-12-03 22:55 - 2018-10-18 08:44 - 003043328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2018-12-03 22:55 - 2018-10-18 08:44 - 002277376 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2018-12-03 22:55 - 2018-10-18 08:44 - 005108224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2018-12-03 22:55 - 2018-10-18 08:44 - 001187840 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2018-12-03 22:55 - 2018-10-18 08:44 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2018-12-03 22:55 - 2018-10-18 08:44 - 000026624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2018-12-03 22:55 - 2018-10-18 08:44 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2018-12-03 22:55 - 2018-10-18 08:44 - 000262656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2018-12-03 22:55 - 2018-10-18 08:44 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2018-12-03 22:55 - 2018-10-18 08:44 - 000730624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-12-03 22:55 - 2018-10-18 08:44 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-12-03 22:55 - 2018-10-18 08:44 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2018-12-03 22:55 - 2018-10-18 08:44 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2018-12-03 22:55 - 2018-10-18 08:44 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2018-12-03 22:55 - 2018-10-18 08:44 - 000102400 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 10:25 - 2019-03-04 22:51 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-1436185858-3174122031-2001499232-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\WEB\WALLPAPER\WALLPAPER.JPG
DNS Servers: 200.49.130.51 - 200.42.4.198
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2ACEC7E5-7C0E-4E2F-A065-EC223E122F64}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E3D710D5-022D-4991-A72E-1054A3B5D1FA}] => (Allow) LPort=2869
FirewallRules: [{0E515FB9-07D2-495E-AFDA-D37E1FDFDA0A}] => (Allow) LPort=1900
FirewallRules: [{6C168144-E269-41AC-AD10-3A9B742C284E}] => (Allow) C:\Users\LOS\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{4E795148-3537-44FF-8C45-C097A3510A2E}] => (Allow) C:\Users\LOS\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{AC232115-4CF4-4982-B1F5-E2F1FCBBEB39}] => (Allow) C:\Users\LOS\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{F8175581-A782-456E-91DD-820A80D36EC5}] => (Allow) C:\Users\LOS\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{F94F7CB1-399E-4771-B486-C0D9D701FB4D}] => (Allow) C:\Users\LOS\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{25B9C44E-F6FA-40D4-A0B0-52A8C59767C7}] => (Allow) C:\Users\LOS\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{8037117B-455A-4EDB-A417-4CF3F8069038}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{AABFF2B7-B860-49E8-9BA4-DBFE5A1731B4}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{A68865DD-7308-4C54-B97A-095A058AF76A}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, Inc. -> AVG Technologies)
FirewallRules: [{77EF5ADD-09FA-4EAD-8D03-C3557FDF44F3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{F491C3B9-BBEE-4479-A54D-B4C70447EB46}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3AABEA37-1DE2-420B-8DB1-858ED3172E54}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C77AE8F7-E727-4043-B2BC-61D6E8764870}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)

==================== Restore Points =========================

02-12-2018 23:00:26 Windows Update
05-12-2018 20:49:52 Instalador de Módulos de Windows
22-12-2018 16:22:12 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/24/2019 02:32:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa LiveComm.exe, versión 17.5.9600.20911, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador de proceso: 35c

Hora de inicio: 01d4e266bf555459

Hora de finalización: 4294967295

Ruta de acceso de la aplicación: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Identificador de informe: b50f1ca8-4e5a-11e9-8281-18cf5e2c50a3

Nombre completo de paquete con errores: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Identificador de aplicación relativa del paquete con errores: ppleae38af2e007f4358a809ac99a64a67c1

Error: (03/24/2019 02:30:05 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (03/24/2019 02:24:30 PM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyLpmServiceHelper
WinMain:  CreateSharedMemory() failed.
Session ID = 1

Error: (03/24/2019 02:24:30 PM) (Source: DptfEvent) (EventID: 3) (User: )
Description: DptfPolicyLpmServiceHelper
CreateSharedMemory:  WaitForSingleObject() with g_pkeLpmSharedMemoryCreated failed
Last error = [0x00000102]
Session ID = 1

Error: (03/24/2019 02:20:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa LiveComm.exe, versión 17.5.9600.20911, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador de proceso: 4a8

Hora de inicio: 01d4e26530096c3a

Hora de finalización: 4294967295

Ruta de acceso de la aplicación: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Identificador de informe: 282a34dc-4e59-11e9-8281-18cf5e2c50a3

Nombre completo de paquete con errores: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Identificador de aplicación relativa del paquete con errores: ppleae38af2e007f4358a809ac99a64a67c1

Error: (03/24/2019 01:02:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa explorer.exe, versión 6.3.9600.18460, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador de proceso: 108c

Hora de inicio: 01d4e254cd219bc3

Hora de finalización: 0

Ruta de acceso de la aplicación: C:\Windows\explorer.exe

Identificador de informe: 43f73e8e-4e48-11e9-8280-18cf5e2c50a3

Nombre completo de paquete con errores: 

Identificador de aplicación relativa del paquete con errores:

Error: (03/24/2019 01:02:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa explorer.exe, versión 6.3.9600.18460, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador de proceso: 11b0

Hora de inicio: 01d4e25506b8600e

Hora de finalización: 0

Ruta de acceso de la aplicación: C:\Windows\explorer.exe

Identificador de informe: 4c5455f7-4e48-11e9-8280-18cf5e2c50a3

Nombre completo de paquete con errores: 

Identificador de aplicación relativa del paquete con errores:

Error: (03/24/2019 12:21:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: explorer.exe, versión: 6.3.9600.18460, marca de tiempo: 0x57c1b8c1
Nombre del módulo con errores: twinui.appcore.dll, versión: 6.3.9600.18423, marca de tiempo: 0x5793b4e5
Código de excepción: 0x80270233
Desplazamiento de errores: 0x000000000008c5fb
Identificador del proceso con errores: 0x152c
Hora de inicio de la aplicación con errores: 0x01d4e255262c1e9f
Ruta de acceso de la aplicación con errores: C:\Windows\explorer.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\twinui.appcore.dll
Identificador del informe: 712f00c8-4e48-11e9-8280-18cf5e2c50a3
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


System errors:
=============
Error: (03/24/2019 02:19:11 PM) (Source: DCOM) (EventID: 10016) (User: PCTULI)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 y APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 al usuario PCTULI\LOS con SID (S-1-5-21-1436185858-3174122031-2001499232-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (03/24/2019 02:19:11 PM) (Source: DCOM) (EventID: 10016) (User: PCTULI)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 y APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 al usuario PCTULI\LOS con SID (S-1-5-21-1436185858-3174122031-2001499232-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (03/24/2019 02:19:11 PM) (Source: DCOM) (EventID: 10016) (User: PCTULI)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 y APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 al usuario PCTULI\LOS con SID (S-1-5-21-1436185858-3174122031-2001499232-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (03/24/2019 02:19:11 PM) (Source: DCOM) (EventID: 10016) (User: PCTULI)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 y APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 al usuario PCTULI\LOS con SID (S-1-5-21-1436185858-3174122031-2001499232-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (03/24/2019 02:19:11 PM) (Source: DCOM) (EventID: 10016) (User: PCTULI)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 y APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 al usuario PCTULI\LOS con SID (S-1-5-21-1436185858-3174122031-2001499232-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (03/24/2019 02:18:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Servicio de Windows Defender no pudo iniciarse debido al siguiente error: 
Windows no puede comprobar la firma digital en este archivo. Un cambio reciente en el hardware o en el software podría haber instalado un archivo con una firma incorrecta o dañada, o podría también tratarse de un software malintencionado proveniente de un origen desconocido.

Error: (03/24/2019 02:18:37 PM) (Source: DCOM) (EventID: 10010) (User: PCTULI)
Description: El servidor {1B1F472E-3221-4826-97DB-2C2324D389AE} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (03/24/2019 02:14:52 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN no se pudo iniciar.

Ruta de acceso del módulo: C:\Windows\system32\Rtlihvs.dll
Código de error: 126


Windows Defender:
===================================
Date: 2017-06-12 20:44:18.964
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.245.700.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.13804.0
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

CodeIntegrity:
===================================

Date: 2019-03-24 14:18:49.695
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-03-04 23:17:48.386
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-03-04 23:07:35.677
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-12-05 22:21:34.392
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-12-04 12:34:17.662
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-12-03 22:53:46.864
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-12-03 22:23:03.095
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info =========================== 

Processor: Intel(R) Celeron(R) CPU N2807 @ 1.58GHz
Percentage of memory in use: 81%
Total physical RAM: 1906.91 MB
Available physical RAM: 354.43 MB
Total Virtual: 3570.91 MB
Available Virtual: 1431.36 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:450.6 GB) (Free:399.47 GB) NTFS

\\?\Volume{8c7d2b22-c005-42cf-b149-f3b1e8493332}\ (Recovery image) (Fixed) (Total:14.65 GB) (Free:5.21 GB) NTFS
\\?\Volume{c728792e-d72e-465a-8e3a-4fc9df32a059}\ (Windows RE tools) (Fixed) (Total:0.29 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: AE90653A)

Partition: GPT.

==================== End of Addition.txt ============================
0 me gusta

#10

Aguardo los comentarios. gracias

0 me gusta

#11

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

HKU\S-1-5-21-1436185858-3174122031-2001499232-1001\...\MountPoints2: {79023f05-8e9d-11e7-8268-18cf5e2c50a3} - "D:\LG_PC_Programs.exe" 
SearchScopes: HKLM -> DefaultScope {CDCC6F3C-EEE3-4C11-BA14-C2F09B2A6942} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {CDCC6F3C-EEE3-4C11-BA14-C2F09B2A6942} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1436185858-3174122031-2001499232-1001 -> DefaultScope {CDCC6F3C-EEE3-4C11-BA14-C2F09B2A6942} URL = 
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro (Aplicable a Windows 10)?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)

  • Ejecutas Frst.exe.

  • Presionas el botón Fix y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el problema

0 me gusta

#12
Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by LOS (24-03-2019 23:48:56) Run:1
Running from C:\Users\LOS\Desktop
Loaded Profiles: LOS (Available Profiles: LOS)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:

HKU\S-1-5-21-1436185858-3174122031-2001499232-1001\...\MountPoints2: {79023f05-8e9d-11e7-8268-18cf5e2c50a3} - "D:\LG_PC_Programs.exe" 
SearchScopes: HKLM -> DefaultScope {CDCC6F3C-EEE3-4C11-BA14-C2F09B2A6942} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {CDCC6F3C-EEE3-4C11-BA14-C2F09B2A6942} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1436185858-3174122031-2001499232-1001 -> DefaultScope {CDCC6F3C-EEE3-4C11-BA14-C2F09B2A6942} URL = 
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKU\S-1-5-21-1436185858-3174122031-2001499232-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{79023f05-8e9d-11e7-8268-18cf5e2c50a3} => removed successfully
HKLM\Software\Classes\CLSID\{79023f05-8e9d-11e7-8268-18cf5e2c50a3} => not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-21-1436185858-3174122031-2001499232-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1436185858-3174122031-2001499232-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1436185858-3174122031-2001499232-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 35231640 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 116080802 B
Edge => 0 B
Chrome => 56079912 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 18402 B
NetworkService => 0 B
LOS => 113624918 B

RecycleBin => 0 B
EmptyTemp: => 306.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 23:49:56 ====
0 me gusta

#13

Captura

Por lo que veo el Disco dice al 100 % . Serà algo referido a esto el problema ?

0 me gusta

#14

Según el administrador de tares que me pones, que proceso esta usando tanto Disco?

0 me gusta

#15

No hay algo que lo haga llegar al 100 % , te pomgo dos imagenes distintas que cambiaron en menos de 1 minuto

0 me gusta

#16

Hola. Pegue el reporte , como sigo ???

0 me gusta

#17

Perdón no había visto tu respuesta

Ese uso del 100% es constante o es por periodos?

0 me gusta

#18

Comienza de a poco y luego se pone constante

0 me gusta

#19

Realizar un inicio limpio de tu sistema y comenta cómo funciona en ese mofo

https://support.microsoft.com/es-es/help/929135/how-to-perform-a-clean-boot-in-windows

0 me gusta