Tengo instalado Adblock sin saber como ha sucedido. No se muestra en las extensiones de Edge ni de Chrome.He probado con todos los programas que recomendais aqui sin éxito. Saludos.
Malwarebytes ccleaner,Rkill Grinler Cclenaer y no tengo los reportes, pero sale que no hqy nada.
Bien… pues realiza estos pasos :
Desactiva temporalmente el Antivirus 
Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.
Descargar en TU ESCRITORIO(y NO en otro lugar 
)
- Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1] ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]
Farbar Recovery Scan Tool.-
-
Ejecuta FRST.exe.
-
En el mensaje de la ventana del Disclaimer, pulsamos Yes
-
En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
-
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.
Poner los dos informes en tu próxima respuesta.
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).
Saludos
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29.12.2018
Ran by USUARIO (30-12-2018 21:08:19)
Running from C:\Users\USUARIO\Downloads
Windows 10 Home Version 1809 17763.195 (X64) (2018-12-15 15:53:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-1504847527-2902537567-532818491-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1504847527-2902537567-532818491-503 - Limited - Disabled)
Invitado (S-1-5-21-1504847527-2902537567-532818491-501 - Limited - Disabled)
USUARIO (S-1-5-21-1504847527-2902537567-532818491-1001 - Administrator - Enabled) => C:\Users\USUARIO
WDAGUtilityAccount (S-1-5-21-1504847527-2902537567-532818491-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Kaspersky Internet Security (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Internet Security (Disabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20064 - Adobe Systems Incorporated)
Apple Application Support (32 bits) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Build-a-lot (HKLM-x32\...\WTA-a8863fc3-f58b-40ff-a758-56e9d9f34db6) (Version: 3.0.2.59 - WildTangent) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.3.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.6.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.15.23 - Canon Inc.)
Canon MX490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX490_series) (Version: 1.02 - Canon Inc.)
Canon MX490 series On-screen Manual (HKLM-x32\...\Canon MX490 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.0 - Canon Inc.)
Canon Utilidad de marcación rápida (HKLM-x32\...\Speed Dial Utility) (Version: 1.6.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Crazy Chicken Soccer (HKLM-x32\...\WTA-00c4b80d-e9fc-4a91-a159-82ac114db947) (Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.6.7428 - CyberLink Corp.)
Dropbox 25 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Eines de correcció del Microsoft Office 2013: català (HKLM-x32\...\{90150000-001F-0403-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM-x32\...\{90150000-001F-0456-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.11.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.21 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{81CA40FD-E11B-4DC1-AE33-A71EB044B8B7}) (Version: 1.1.275.0 - HP Inc.)
HP Orbit (HKLM-x32\...\{82b971c1-85fa-4c53-ada1-4ec6be0c0c8a}) (Version: 3.5.171.271 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{F322B446-B157-4257-B44F-4F22D41F8EDB}) (Version: 8.7.50.3 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{7759F11B-DF54-4726-9A01-61701580D786}) (Version: 12.10.49.21 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{9DD60999-A4F0-4333-9D00-E45C718EA6C1}) (Version: 1.4.30 - HP Inc.)
iCloud (HKLM\...\{28ABC5D7-AF47-4476-A6AA-C2DD822ED40F}) (Version: 7.9.0.9 - Apple Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11003.3588 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1068 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.9.1.1020 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{df682aff-4294-4ad1-aaa7-276931d5781f}) (Version: 1.49.166.0 - Intel Corporation) Hidden
iTunes (HKLM\...\{62D46C28-6A95-4201-9E81-D59912BA6004}) (Version: 12.9.2.6 - Apple Inc.)
Juegos WildTangent (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.0.28 - WildTangent)
Kaspersky Internet Security (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
Magic Heroes: Save Our Park (HKLM-x32\...\WTA-da5c8d1b-ee29-446d-a001-b74948d08933) (Version: 3.0.2.59 - WildTangent) Hidden
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1504847527-2902537567-532818491-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 58.0.2 (x64 es-ES) (HKLM\...\Mozilla Firefox 58.0.2 (x64 es-ES)) (Version: 58.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla)
Nero 8 Micro (HKLM-x32\...\Nero8Lite_is1) (Version: 8.3.20.0 - UpdatePack.nl)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Polar Bowler 1st Frame (HKLM-x32\...\WTA-7c0e7e4b-55e8-4ba6-835f-abc22a21da12) (Version: 3.0.2.59 - WildTangent) Hidden
Ranch Rush 2 - Premium Edition (HKLM-x32\...\WTA-ecd1d994-f7cf-4992-a068-771897ca6e49) (Version: 2.2.0.97 - WildTangent) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.88 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.25.119.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8437 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.113 - REALTEK Semiconductor Corp.)
Registro de usuario de Canon MX490 series (HKLM-x32\...\Registro de usuario de Canon MX490 series) (Version: - â€Canon Inc.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM-x32\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Runefall (HKLM-x32\...\WTA-cca4c20e-9d07-4af1-9427-e8e20d1a4d4a) (Version: 3.0.2.126 - WildTangent) Hidden
Software para dispositivos de chipset Intel® (HKLM-x32\...\{9154f79b-8fb8-46ef-b7a6-95f136391303}) (Version: 10.1.17479.8054 - Intel(R) Corporation) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1026 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.69 - Synaptics Incorporated)
Trinklit Supreme (HKLM-x32\...\WTA-79e3512b-2020-4f2e-9079-b7d3be537b74) (Version: 2.2.0.98 - WildTangent) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WildTangent Games App para HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.1.1.14 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-12-07] (AO Kaspersky Lab)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\WINDOWS\system32\mscoree.dll [2018-09-15] (Microsoft Corporation)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-12-03] (Apple Inc.)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-12-07] (AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-12-07] (AO Kaspersky Lab)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki126951.inf_amd64_94804e3918169543\igfxDTCM.dll [2018-06-26] (Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-12-07] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {007E40DE-BDBB-4C04-B782-8A1C2B1B7BAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-06] (Google Inc.)
Task: {2102E0B4-6744-4BFA-924E-C1B5510A2BF9} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [2017-02-01] ()
Task: {2AA4E925-5437-4173-914A-4ACA0D6788E4} - System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Refresh Anti-Beacon immunization => C:\Program Files (x86)\Safer-Networking Ltd\Spybot Anti-Beacon\Spybot3AntiBeacon.exe [2018-10-24] (Safer-Networking Ltd.)
Task: {2C10D892-6D85-4A4D-8A86-044CBCB78FCB} - System32\Tasks\S-1-5-21-1504847527-2902537567-532818491-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-09-15] (Microsoft Corporation)
Task: {3FB9DF23-E682-4149-A2C2-673ED7C405C6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {40CE2C2C-B833-41E8-96CC-E5DE459685C1} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2018-06-26] (Realtek Semiconductor)
Task: {417306EF-553E-4B48-BF43-C3879E3F40D4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {4A5F2581-EDCA-4AE8-9126-BF9E4C241F62} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-12-10] (HP Inc.)
Task: {4BF45F29-88B3-4268-8B41-678D12DAED17} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {5993B051-A7B5-423F-A29E-EC8E35FCB793} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-12-10] (Piriform Software Ltd)
Task: {5C7E3B89-4518-49F7-9BBF-3B7101341F65} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2018-08-30] (HP Inc.)
Task: {61D062EC-FB75-431F-BF48-1D6CCC0A7DF0} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2018-05-04] (HP Inc.)
Task: {70CC8A31-B4C6-4544-BFBF-64D65B740050} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-12-10] (HP Inc.)
Task: {7370D6B1-37D7-44F7-8FD8-AF4FD9DAFA48} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-11-09] (HP Inc.)
Task: {7507AE5B-E225-496E-AE06-C9E19A8487B5} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-12-01] (AVG Technologies CZ, s.r.o.)
Task: {7E1B769C-9C77-48D7-8500-5E97512CA137} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-11-06] (Dropbox, Inc.)
Task: {7F1802E9-6D4F-4C3C-A356-90ECE442E814} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {9CA4EB23-DEB9-4042-BF56-8DE64B145D6D} - System32\Tasks\SUPERAntiSpyware Scheduled Task fbbce90b-66b7-4f34-843a-368b114dd85d => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {9DC34CBE-29D5-4426-A8C6-520C7BFBE10F} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-11-28] (DropboxOEM)
Task: {A3341A34-E927-4398-8A87-8F58F0521464} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-12-10] (Piriform Ltd)
Task: {B371A6AF-B7B1-4733-AC3F-7DD395F7D718} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-11-08] (HP Inc.)
Task: {B5B4A7C5-7862-44E3-B869-62E204B2B1B1} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {C52BF6F2-603F-45A9-80C1-1E5662CFB170} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-06] (Google Inc.)
Task: {C6D1F7E0-981D-4372-B5C3-1AC0B82DD333} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-11-06] (Dropbox, Inc.)
Task: {D01EBBB3-1333-437E-8CED-D4652627AEEE} - System32\Tasks\HPCeeScheduleForUSUARIO => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-06-24] (HP Inc.)
Task: {D57A189B-059D-4CFD-8B2A-B395349BDE86} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [2017-02-02] (HP Inc.)
Task: {E1D179BB-523D-4E6E-8BDC-480FD6F20B60} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {E39F8E32-F4B6-44B2-B8AF-D84A6CFEB7B8} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-09-15] ()
Task: {F3964F65-CA38-42F5-B884-25F26B27EFE1} - System32\Tasks\SUPERAntiSpyware Scheduled Task f7309e69-6b65-4b3a-9a25-39a3b69eda88 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {F4AAABCB-B89B-4693-87D1-8476C0C0A297} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {FFD60AB4-2FE4-4044-8AB9-BDEBAC3D9807} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForUSUARIO.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task f7309e69-6b65-4b3a-9a25-39a3b69eda88.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task fbbce90b-66b7-4f34-843a-368b114dd85d.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-12-08 01:48 - 2017-12-08 01:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-01-05 00:13 - 2018-01-05 00:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-12-30 11:42 - 2018-09-12 17:57 - 002785784 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-12-30 11:42 - 2018-09-12 11:35 - 002701064 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000834088 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-02-01 10:50 - 2017-02-01 10:50 - 000459264 _____ () C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
2018-09-15 08:28 - 2018-09-15 08:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-15 15:39 - 2018-12-15 15:39 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 001740288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-12-10 11:09 - 2018-12-10 11:09 - 000103560 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
2018-12-22 15:19 - 2018-12-22 15:19 - 000156672 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\b90d3680ecf3c61407951fcd983fb01e\BRIDGECommon.ni.dll
2018-12-22 15:20 - 2018-12-22 15:20 - 000329728 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\f1390e4c690cc3e505469276beb76992\CleanStartController.ni.dll
2018-12-22 15:20 - 2018-12-22 15:20 - 000116736 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\b1d587f7dcbb25d0a2bf00b7b0f4a021\BridgeExtension.ni.dll
2018-12-22 15:20 - 2018-12-22 15:20 - 000070656 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NativeInterop\b0dba68cb34f5ed558a9182c74edb81d\NativeInterop.ni.dll
2017-12-03 11:18 - 2017-12-03 11:18 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2018-12-30 12:14 - 000001052 _____ C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 incoming.telemetry.mozilla.org
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-1504847527-2902537567-532818491-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\HP Backgrounds\backgroundDefault.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AvgUi"
HKLM\...\StartupApproved\Run: => "Ashampoo WinOptimizer Live-Tuner2"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "Argente Utilities"
HKU\S-1-5-21-1504847527-2902537567-532818491-1001\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.0.lnk"
HKU\S-1-5-21-1504847527-2902537567-532818491-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1504847527-2902537567-532818491-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"
HKU\S-1-5-21-1504847527-2902537567-532818491-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1504847527-2902537567-532818491-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-1504847527-2902537567-532818491-1001\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-1504847527-2902537567-532818491-1001\...\StartupApproved\Run: => "Glary Memory Optimizer"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D63FE5A2-6B89-4B92-8E9D-840202D256B2}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
FirewallRules: [{1523848C-0396-41C3-9E25-8D70CC1E46D3}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
FirewallRules: [{21D6E5DB-7BE3-418D-AA81-9B4D39B5548F}] => (Allow) LPort=13148
FirewallRules: [{2B054506-2A4E-4CD5-953F-EE00ADDCEAFA}] => (Allow) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe (HP Inc.)
FirewallRules: [{A415673C-A250-4D35-BD83-0148E90B84EA}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{93FA69A3-A7AA-4F10-AFDC-F817710CEC3D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{1AB4A33E-CF55-4540-9CB5-880B941C24EB}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{38D4407A-F954-4A9F-A89B-81AB2C6D2C8F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{94375637-0614-4D33-BDCD-75AFCDBCCE06}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{4F360844-A337-44F0-8AC2-B8C13CCAA317}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{30739B6F-0FAE-4591-9266-5F2D1C661801}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{EB8321B2-679D-4DDE-AC78-DE4C991F4A1D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{504699CB-BC58-4705-8E62-57BCD82F56CC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{B8A21279-2C5C-4BF3-A746-4C5CEB70F784}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{8298EA6F-926B-499E-A1B4-0E03EE8A3B3B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp.)
FirewallRules: [{8F989CDA-FE5C-481A-8CDD-6916147A0CAE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp.)
FirewallRules: [{0FC0C0FD-171C-4B94-B380-D4298D242221}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{89A1C12D-79E1-423C-971D-A08F09AAFDCC}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{5CDE87AA-4309-4173-BFD5-269DBB05AE12}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{16FFBAFC-A70A-4F81-AD7E-2EFC5EA2C03B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{F9185AD8-53C6-44BA-A044-4ABBFE8B0920}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{721434B1-E88E-432F-B33F-FDA677399834}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{ECC5ED4C-C55E-4DC0-95CF-2734D122E5BF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
==================== Restore Points =========================
15-12-2018 17:25:54 punt i pilota
20-12-2018 12:31:32 Windows Update
23-12-2018 13:02:00 AA11
28-12-2018 12:00:35 Removed Google Chrome
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/30/2018 08:52:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: MicrosoftEdgeSH.exe, versión: 11.0.17763.1, marca de tiempo: 0x1244354f
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000000008c
Identificador del proceso con errores: 0x22a4
Hora de inicio de la aplicación con errores: 0x01d4a0793c4a24b9
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\MicrosoftEdgeSH.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: 971bcc1f-3915-4318-a0f8-4e831f4a6311
Nombre completo del paquete con errores: Microsoft.MicrosoftEdge_44.17763.1.0_neutral__8wekyb3d8bbwe
Identificador de aplicación relativa del paquete con errores: MicrosoftEdge
Error: (12/30/2018 12:25:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: MicrosoftEdgeSH.exe, versión: 11.0.17763.1, marca de tiempo: 0x1244354f
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000000008c
Identificador del proceso con errores: 0x1e2c
Hora de inicio de la aplicación con errores: 0x01d4a03258a7172d
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\MicrosoftEdgeSH.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: f80b0595-107f-4aee-80b7-fc114c343497
Nombre completo del paquete con errores: Microsoft.MicrosoftEdge_44.17763.1.0_neutral__8wekyb3d8bbwe
Identificador de aplicación relativa del paquete con errores: MicrosoftEdge
Error: (12/30/2018 12:12:12 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.
Error: (12/30/2018 11:48:27 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.
Error: (12/30/2018 11:45:59 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.
Error: (12/30/2018 11:43:02 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.
Error: (12/30/2018 11:02:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: MicrosoftEdgeSH.exe, versión: 11.0.17763.1, marca de tiempo: 0x1244354f
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000000008c
Identificador del proceso con errores: 0x321c
Hora de inicio de la aplicación con errores: 0x01d4a026cee77cee
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\MicrosoftEdgeSH.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: bebaf1cb-6207-458a-8d5b-aa9db2c3b053
Nombre completo del paquete con errores: Microsoft.MicrosoftEdge_44.17763.1.0_neutral__8wekyb3d8bbwe
Identificador de aplicación relativa del paquete con errores: MicrosoftEdge
Error: (12/29/2018 05:20:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: MicrosoftEdgeSH.exe, versión: 11.0.17763.1, marca de tiempo: 0x1244354f
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000000008c
Identificador del proceso con errores: 0x1918
Hora de inicio de la aplicación con errores: 0x01d49f925c403655
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\MicrosoftEdgeSH.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: 3851439e-18b8-4299-ae93-82333e97e19b
Nombre completo del paquete con errores: Microsoft.MicrosoftEdge_44.17763.1.0_neutral__8wekyb3d8bbwe
Identificador de aplicación relativa del paquete con errores: MicrosoftEdge
System errors:
=============
Error: (12/30/2018 08:58:29 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-S3943RGA)
Description: La configuración de permisos especÃfico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
y APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
al usuario LAPTOP-S3943RGA\USUARIO con SID (S-1-5-21-1504847527-2902537567-532818491-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (12/30/2018 08:40:59 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-S3943RGA)
Description: La configuración de permisos especÃfico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
y APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
al usuario LAPTOP-S3943RGA\USUARIO con SID (S-1-5-21-1504847527-2902537567-532818491-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (12/30/2018 08:37:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos especÃfico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
y APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (12/30/2018 08:37:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos especÃfico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
y APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (12/30/2018 12:12:19 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-S3943RGA)
Description: La configuración de permisos especÃfico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
y APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
al usuario LAPTOP-S3943RGA\USUARIO con SID (S-1-5-21-1504847527-2902537567-532818491-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (12/30/2018 12:10:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos especÃfico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
y APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (12/30/2018 12:10:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos especÃfico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
y APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (12/30/2018 12:07:56 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1115" al intentar iniciar el servicio SecurityHealthService con argumentos "No disponible" para ejecutar el servidor:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}
CodeIntegrity:
===================================
Date: 2018-12-30 20:52:46.475
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-12-30 12:41:54.698
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-12-30 12:38:18.949
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-12-30 12:38:02.315
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-12-30 12:33:43.469
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-12-30 12:33:25.655
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-12-30 12:32:17.543
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-12-30 12:32:07.235
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 33%
Total physical RAM: 8108.91 MB
Available physical RAM: 5366.41 MB
Total Virtual: 9388.91 MB
Available Virtual: 6742.15 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:449.89 GB) (Free:393.25 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:14.64 GB) (Free:1.02 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: () (Removable) (Total:14.43 GB) (Free:1.41 GB) FAT32
\\?\Volume{f95756bd-0adf-4fe4-9d15-954b2281d543}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.39 GB) NTFS
\\?\Volume{9486a5e2-e6bd-4fcf-af36-af070666f57f}\ () (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 5D765FF6)
Partition: GPT.
========================================================
Disk: 1 (Protective MBR) (Size: 14.4 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
Hola.
Ademas del informe de Addition debes ponernos el de FRST para que podamos valorarlos y darte nuevos pasos.
El informe de FRST.txt debes tenerlo en la misma ubicación en el que estaba el de Addition.txt.
Saludos.