Buenas. Tengo muchas aplicaciones en segundo plano que no deseo que se abran al iniciar mi pc. Si ingreso al administrador de tareas y las cierro desde ahí, mi notebook funciona más rápido pero al encender mi pc vuelven. Algunas no sé qué son. Incluso tengo aplicaciones con nombres de programa que ya he desinstalado.
Sospecho que son malwares.
¿Cómo los elimino o cierro definitivamente?
Gracias por leer,
Geraldine.
Buenas @geraldine3110
Para revisar tu máquina, lo primero que debemos hacer es realizar una desinfeccion y para hacerlo sigue estos pasos, en el orden indicado y leyendo todo lo explicado. 
Desactiva temporalmente el Antivirus 
Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.
Vamos a descargar en TU ESCRITORIO(y NO en otro lugar 
) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :
Malwarebytes’ Anti-Malware + Manual. 
revisa en detalle el manual, para que sepas usarlo y configurarlo correctamente.
Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1] ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]
Ejecutas las herramientas de una en una y en el orden indicado :
CCleaner.-
Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.
Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).
Malwarebytes.-
Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.
Realiza un Análisis Completo.
Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.
En el apartado del manual Historial 
encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.
AdwCleaner.-
Ejecuta Adwcleaner.exe.
Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.
El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt
Junkware Removal Tool.-
Ejecuta JRT.exe.
Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.
Si en algún momento te pide Reiniciar hazlo.
Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
Copia y pega el contenido de JRT.txt en tu próxima respuesta.
Farbar Recovery Scan Tool.-
Ejecuta FRST.exe.
En el mensaje de la ventana del Disclaimer, pulsamos Yes
En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.
Poner los informes en tu próxima respuesta de :
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).
Y nos cuentas como funciona tu equipo en relación al problema planteado.
Saludos Javier.
Gracias por responderme, Javier. A la noche lo intentaré.
Tengo una duda.
¿Cuál de los tres es el análisis completo?
Hola.
El completo…seria el personalizado, para que selecciones todas las unidades que tengas en tu equipo, tanto discos internos/externos como pendrives usb. 
Saludos.
Tuve inconvenientes. Disculpas.
¡Empiezo ahora!
Bueno. Lamento decir que apagué internet abrí el CCleaner como administrador>install
Y se me cierra la instalación.
No sé si tiene que ver pero hace unos días antes de iniciar este foro usé MALWAREBYTES y ADVCLEANER. Los instalé, buscaron amenazas y los desinstale. Hoy hice todo lo que pediste hasta la opción en la que se cerró la instalación. Y no tengo antivirus habilitado hace unos días.
Hola.
Que versión de Windows tienes.??
No te dejo instalar/usar CCleaner y tampoco el resto de programas indicados.??
Empecé por ese por las instrucciones. Los otros dos programas que te mencioné, que los usé hace unos días, los ejecuté sin problemas.
Windows: Win10 Home Single Language.
Vale…pues usa aquellos programas que NO te den problemas, siguiendo los pasos/indicaciones que te di y pon los informes con los resultados.
Si algún programa no te dejara usarlo sigues con el siguiente programa y luego comentas cuales no pudiste usar.
Saludos.
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 12/3/19
Hora del análisis: 12:04
Archivo de registro: 1a0367c8-44d8-11e9-bb7d-000000000000.json
-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.538
Versión del paquete de actualización: 1.0.9630
Licencia: Gratis
-Información del sistema-
SO: Windows 10 (Build 17134.590)
CPU: x64
Sistema de archivos: NTFS
Usuario: HP360\Geral
-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 753592
Amenazas detectadas: 3
Amenazas en cuarentena: 3
Tiempo transcurrido: 10 hr, 45 min, 38 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 3
CrackTool.Agent, C:\USERS\GERAL\PICTURES\PS 64\ACTIVADOR\ACT.V0.9.2.RAR, En cuarentena, [6149], [445980],1.0.9630
CrackTool.Agent, C:\USERS\GERAL\PICTURES\PS 64\ACTIVADOR\ACT.V0.9.2\AMTEMU.V0.9.2-PAINTER.EXE, En cuarentena, [6149], [445980],1.0.9630
HackTool.Agent, C:\USERS\GERAL\PICTURES\PS 64\ACTIVADOR\AMTEMU.V0.9.1.WIN-PAINTER.ZIP, En cuarentena, [3945], [448498],1.0.9630
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by Geral (Administrator) on mi‚. 13/03/2019 at 1:05:51,64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 1
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on mi‚. 13/03/2019 at 1:19:18,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11.03.2019
Ran by Geral (administrator) on HP360 (13-03-2019 10:18:16)
Running from C:\Users\Geral\Desktop
Loaded Profiles: Geral (Available Profiles: defaultuser0 & Geral & omiii)
Platform: Windows 10 Home Single Language Version 1803 17134.590 (X64) Language: Español (México)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(SAMSUNG ELECTRONICS CO,.LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(SAMSUNG ELECTRONICS CO,.LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemAgent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Users\Geral\Desktop\JRT.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269120 2018-12-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [231640 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4426560 2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [709152 2018-03-22] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410960 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-662939426-3632563996-1299455624-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHJB.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-662939426-3632563996-1299455624-1001\...\RunOnce: [Application Restart #2] => C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe [369152 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-662939426-3632563996-1299455624-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2387408 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
HKU\S-1-5-21-662939426-3632563996-1299455624-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410960 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
HKU\S-1-5-21-662939426-3632563996-1299455624-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Fliqlo.scr [679936 2018-02-25] (ScreenTime Media) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-04] (Google LLC -> Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2017-11-08]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2016-12-01]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico () [File not signed]
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 200.49.130.47 200.42.4.207
Tcpip\..\Interfaces\{9d747658-1981-461b-b94c-acc5eb5ea21c}: [DhcpNameServer] 200.49.130.47 200.42.4.207
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-662939426-3632563996-1299455624-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:NewsFeed
HKU\S-1-5-21-662939426-3632563996-1299455624-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKU\S-1-5-21-662939426-3632563996-1299455624-1001 -> DefaultScope {F82D6A0A-7CA3-4C7D-B2CF-41F56D71DAC3} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-662939426-3632563996-1299455624-1001 -> {F82D6A0A-7CA3-4C7D-B2CF-41F56D71DAC3} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-09-22] (Hewlett-Packard Company -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-09-22] (Hewlett-Packard Company -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @cambridgesoft.com/Chem3D,version=12.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2010\Chem3D\npChem3DPlugin.dll [2010-08-05] (CambridgeSoft Corporation -> CambridgeSoft Corp.)
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=12.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2010\ChemDraw\npcdp32.dll [2010-08-05] (CambridgeSoft Corporation -> CambridgeSoft Corp.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://calendar.google.com/calendar/r/week"
CHR Profile: C:\Users\Geral\AppData\Local\Google\Chrome\User Data\Default [2019-03-12]
CHR Extension: (Presentaciones) - C:\Users\Geral\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Documentos) - C:\Users\Geral\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Geral\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Geral\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-25]
CHR Extension: (Geogebra Clásico) - C:\Users\Geral\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2017-09-07]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Geral\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-01-23]
CHR Extension: (Google Calendar) - C:\Users\Geral\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2018-01-26]
CHR Extension: (Hojas de cálculo) - C:\Users\Geral\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Botón Guardar de Pinterest) - C:\Users\Geral\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2019-03-05]
CHR Extension: (Honeysuckle) - C:\Users\Geral\AppData\Local\Google\Chrome\User Data\Default\Extensions\iplhdhfokhijhogcccokkeokchhooibk [2019-03-04]
CHR Extension: (HP Network Check Launcher) - C:\Users\Geral\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2018-08-30]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Geral\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-03-20]
CHR Extension: (Gmail) - C:\Users\Geral\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-25]
CHR Extension: (Chrome Media Router) - C:\Users\Geral\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-15]
CHR HKU\S-1-5-21-662939426-3632563996-1299455624-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [125656 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129928 2019-03-01] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-25] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-25] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1419424 2016-06-03] (Intel(R) Software -> Intel Corporation)
R2 ETDService; C:\WINDOWS\System32\ETDService.exe [237464 2018-12-08] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [461848 2016-08-05] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-04] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [356336 2016-09-23] (Intel(R) pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [887784 2015-09-03] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268160 2018-12-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 Samsung System Service; C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemService.exe [183384 2017-12-04] (SAMSUNG ELECTRONICS CO,.LTD. -> Samsung Electronics Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2019-01-12] (HP Inc. -> HP)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55792 2016-06-03] (Intel(R) Software -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52208 2016-06-03] (Intel(R) Software -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260080 2016-06-03] (Intel(R) Software -> Intel Corporation)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [34200 2018-12-08] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2019-01-12] (HP Inc. -> HP)
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [7400936 2016-09-23] (Intel(R) pGFX -> Intel Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-03-12] (Malwarebytes Corporation -> Malwarebytes)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [338368 2018-05-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [710664 2016-10-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [6320640 2018-04-11] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146200 2015-10-15] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 VirtualButtons; C:\WINDOWS\System32\drivers\VirtualButtons.sys [31280 2016-07-01] (Intel(R) Software -> Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-03-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [333792 2019-03-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62432 2019-03-05] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-03-13 10:18 - 2019-03-13 10:20 - 000024025 _____ C:\Users\Geral\Desktop\FRST.txt
2019-03-13 10:17 - 2019-03-13 10:18 - 000000000 ____D C:\FRST
2019-03-13 01:19 - 2019-03-13 01:19 - 000000689 _____ C:\Users\Geral\Desktop\JRT.txt
2019-03-13 01:00 - 2019-03-13 01:00 - 000001884 _____ C:\Users\Geral\Desktop\MalwAare.txt
2019-03-13 00:54 - 2019-03-13 00:54 - 000001947 _____ C:\Users\Geral\Desktop\Malware.txt
2019-03-12 11:54 - 2019-03-12 11:54 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-03-12 11:54 - 2019-03-12 11:54 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-03-12 11:54 - 2019-03-12 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-03-12 11:54 - 2019-03-12 11:54 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-03-12 11:54 - 2019-03-12 11:54 - 000000000 ____D C:\Program Files\Malwarebytes
2019-03-12 11:54 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-03-12 11:54 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-03-12 11:48 - 2019-03-12 11:48 - 001790024 _____ (Malwarebytes) C:\Users\Geral\Desktop\JRT.exe
2019-03-12 11:47 - 2019-03-12 11:47 - 002434560 _____ (Farbar) C:\Users\Geral\Desktop\FRST64.exe
2019-03-12 11:46 - 2019-03-12 11:46 - 007316688 _____ (Malwarebytes) C:\Users\Geral\Desktop\Adwcleaner.exe
2019-03-12 11:45 - 2019-03-12 11:46 - 019384632 _____ (Piriform Software Ltd) C:\Users\Geral\Desktop\Ccleaner.exe
2019-03-12 11:44 - 2019-03-12 11:45 - 062217464 _____ (Malwarebytes ) C:\Users\Geral\Desktop\Malware.exe
2019-03-12 11:44 - 2019-03-12 11:44 - 019384632 _____ (Piriform Software Ltd) C:\Users\Geral\Downloads\Ccleaner.exe
2019-03-12 11:43 - 2019-03-12 11:43 - 001790024 _____ (Malwarebytes) C:\Users\Geral\Downloads\JRT.exe
2019-03-12 11:16 - 2019-03-12 11:16 - 000001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CC 2019.lnk
2019-03-12 11:11 - 2019-03-12 11:12 - 000000000 ____D C:\Users\Geral\Downloads\ADOBE CC 2019
2019-03-11 19:44 - 2019-03-11 19:44 - 000002527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2019.lnk
2019-03-11 19:06 - 2019-03-11 19:06 - 000000000 ___HD C:\OneDriveTemp
2019-03-10 14:29 - 2019-03-10 14:33 - 001221700 _____ C:\WINDOWS\Minidump\031019-44562-01.dmp
2019-03-10 14:29 - 2019-03-10 14:29 - 542141029 _____ C:\WINDOWS\MEMORY.DMP
2019-03-06 19:46 - 2019-03-06 19:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-03-06 18:44 - 2019-03-06 18:44 - 001621214 _____ C:\Users\Geral\Desktop\Manifiesto comunista.pdf
2019-03-06 14:09 - 2019-03-06 14:09 - 000029275 _____ C:\Users\Geral\AppData\Local\recently-used.xbel
2019-03-05 05:41 - 2019-03-05 05:41 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-03-05 05:38 - 2019-03-07 13:37 - 000000000 ____D C:\ProgramData\AVAST Software
2019-03-05 05:16 - 2019-03-05 06:39 - 000000000 ____D C:\AdwCleaner
2019-03-04 15:28 - 2019-03-04 15:28 - 000000000 ____D C:\Users\Geral\AppData\Local\mbamtray
2019-03-04 15:28 - 2019-03-04 15:28 - 000000000 ____D C:\Users\Geral\AppData\Local\mbam
2019-03-04 14:10 - 2019-03-04 14:10 - 000000951 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2019-03-04 10:17 - 2019-03-04 10:17 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-03-04 10:17 - 2019-03-04 10:17 - 000047800 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-03-04 10:17 - 2019-03-04 10:17 - 000047800 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-03-04 10:17 - 2019-03-04 10:17 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-03-04 00:56 - 2019-03-04 00:56 - 000000000 ____D C:\Users\Geral\AppData\Local\Apple Computer
2019-03-03 18:13 - 2019-03-07 19:07 - 000001456 _____ C:\Users\Geral\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2019-03-03 17:55 - 2019-03-03 17:55 - 000000000 ____D C:\Users\Geral\AppData\Roaming\Apple Computer
2019-03-03 17:48 - 2019-03-03 17:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2019-03-03 17:47 - 2019-03-03 17:48 - 000000000 ____D C:\Program Files (x86)\QuickTime
2019-03-03 17:47 - 2019-03-03 17:47 - 000000000 ____D C:\ProgramData\Apple Computer
2019-03-03 17:44 - 2019-03-03 17:44 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2019-03-03 17:44 - 2019-03-03 17:44 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2019-03-03 17:44 - 2019-03-03 17:44 - 000000000 ____D C:\Users\Geral\AppData\Local\Apple
2019-03-03 17:44 - 2019-03-03 17:44 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2019-03-03 17:43 - 2019-03-03 17:43 - 000000000 ____D C:\Users\Geral\AppData\LocalLow\Apple Computer
2019-03-03 16:01 - 2019-03-03 16:02 - 132622918 _____ (The GIMP Team ) C:\Users\Geral\Downloads\gimp-2-10-0-64-bit.exe
2019-03-03 00:05 - 2019-03-03 00:05 - 000000628 _____ C:\Users\Geral\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Descargas.lnk
2019-03-02 23:34 - 2019-03-02 23:35 - 000034810 _____ C:\Users\Geral\Downloads\buka_bird.zip
2019-03-02 23:33 - 2019-03-02 23:33 - 000099399 _____ C:\Users\Geral\Downloads\cute_stitch.zip
2019-03-02 20:49 - 2019-03-02 20:49 - 000001218 _____ C:\Users\Geral\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IG.lnk
2019-02-27 20:34 - 2019-02-27 20:34 - 000001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2019.lnk
2019-02-27 20:10 - 2019-03-12 11:17 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-02-27 20:04 - 2019-02-27 20:04 - 000000000 ____D C:\Users\Public\Documents\Adobe
2019-02-27 20:00 - 2019-03-11 19:31 - 000001413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2019-02-27 19:35 - 2019-02-27 19:45 - 000000000 ___HD C:\temp
2019-02-26 17:07 - 2019-02-26 17:07 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign05e203efe166a89c
2019-02-26 16:59 - 2019-02-26 16:59 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign93606907c8766e98
2019-02-26 16:59 - 2019-02-26 16:59 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign053a37e11bb25f0b
2019-02-26 16:58 - 2019-02-26 16:58 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsignd015985b68551a22
2019-02-26 16:57 - 2019-02-26 16:57 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign9f309115cec88aaf
2019-02-26 16:57 - 2019-02-26 16:57 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign82ffde9f0b9fb484
2019-02-26 16:50 - 2019-02-26 16:50 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign70ff5e8283265acf
2019-02-26 16:49 - 2019-02-26 16:49 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign5ab4dd8245afa930
2019-02-26 16:49 - 2019-02-26 16:49 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign0782dee32f435322
2019-02-26 16:46 - 2019-03-03 17:20 - 000000000 ____D C:\Users\Geral\Documents\Adobe
2019-02-26 08:31 - 2019-02-26 16:32 - 000000000 ____D C:\Users\Geral\Documents\Optativas
2019-02-26 08:28 - 2019-03-09 16:42 - 000000000 ____D C:\Users\Geral\Documents\IG aguas
2019-02-21 16:27 - 2019-03-06 14:09 - 000000000 ____D C:\Users\Geral\AppData\Local\gtk-2.0
2019-02-21 16:18 - 2019-02-21 16:18 - 000000000 ____D C:\Users\Geral\AppData\Roaming\GIMP
2019-02-21 16:18 - 2019-02-21 16:18 - 000000000 ____D C:\Users\Geral\AppData\Local\GIMP
2019-02-21 16:18 - 2019-02-21 16:18 - 000000000 ____D C:\Users\Geral\.cache
2019-02-21 16:17 - 2019-03-06 14:10 - 000000000 ____D C:\Users\Geral\AppData\Local\babl-0.1
2019-02-21 16:17 - 2019-02-21 16:17 - 000000000 ____D C:\Users\Geral\AppData\Local\gegl-0.4
2019-02-21 15:57 - 2019-03-04 14:10 - 000000000 ____D C:\Program Files\GIMP 2
2019-02-20 16:55 - 2019-02-20 16:55 - 000000000 ____D C:\Users\Geral\Documents\Plantillas personalizadas de Office
2019-02-17 21:19 - 2019-02-06 04:54 - 004527584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-02-17 21:19 - 2019-02-06 04:30 - 004052992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-17 21:19 - 2019-02-06 03:52 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-17 21:19 - 2019-02-06 00:00 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-17 21:19 - 2019-02-06 00:00 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-17 21:19 - 2019-02-06 00:00 - 006572416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-17 21:19 - 2019-02-06 00:00 - 002421264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-17 21:19 - 2019-02-06 00:00 - 000945680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-17 21:19 - 2019-02-06 00:00 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-17 21:19 - 2019-02-05 23:59 - 001922064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-17 21:19 - 2019-02-05 23:52 - 022014464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-17 21:19 - 2019-02-05 23:41 - 025853952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-17 21:19 - 2019-02-05 23:37 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-17 21:19 - 2019-02-05 23:33 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-17 21:19 - 2019-02-05 23:27 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-17 21:19 - 2019-02-05 23:26 - 007599616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-17 21:19 - 2019-02-05 23:26 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-17 21:19 - 2019-02-05 23:24 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-17 21:19 - 2019-02-05 23:24 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-02-17 21:19 - 2019-02-05 23:22 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-17 21:19 - 2019-02-05 23:22 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-17 21:19 - 2019-01-11 23:28 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-17 21:19 - 2019-01-09 14:40 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-02-17 21:19 - 2019-01-09 14:35 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-02-17 21:19 - 2019-01-09 06:55 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-02-17 21:19 - 2019-01-09 02:43 - 000607376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-17 21:19 - 2019-01-09 02:43 - 000287640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-02-17 21:19 - 2019-01-09 02:39 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-02-17 21:19 - 2019-01-09 02:39 - 000789696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-17 21:19 - 2019-01-09 02:39 - 000349656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-17 21:19 - 2019-01-09 02:29 - 002500096 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-02-17 21:19 - 2019-01-09 02:22 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-02-17 21:19 - 2019-01-09 02:21 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-02-17 21:19 - 2019-01-08 00:06 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-17 21:18 - 2019-02-06 04:53 - 001634704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-17 21:18 - 2019-02-06 04:35 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-17 21:18 - 2019-02-06 04:32 - 003648512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-17 21:18 - 2019-02-06 04:30 - 001662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-17 21:18 - 2019-02-06 04:30 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-17 21:18 - 2019-02-06 04:11 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-17 21:18 - 2019-02-06 03:57 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-17 21:18 - 2019-02-06 03:52 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-17 21:18 - 2019-02-06 03:52 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-17 21:18 - 2019-02-06 00:01 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-17 21:18 - 2019-02-06 00:01 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-17 21:18 - 2019-02-06 00:01 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-17 21:18 - 2019-02-06 00:01 - 000720480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-17 21:18 - 2019-02-06 00:01 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-02-17 21:18 - 2019-02-06 00:01 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-17 21:18 - 2019-02-06 00:01 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-02-17 21:18 - 2019-02-06 00:01 - 000033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-17 21:18 - 2019-02-06 00:00 - 002719760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-17 21:18 - 2019-02-06 00:00 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-17 21:18 - 2019-02-06 00:00 - 001257904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-17 21:18 - 2019-02-06 00:00 - 001140680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-17 21:18 - 2019-02-06 00:00 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-02-17 21:18 - 2019-02-06 00:00 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-02-17 21:18 - 2019-02-06 00:00 - 000899728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-17 21:18 - 2019-02-06 00:00 - 000466960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-17 21:18 - 2019-02-06 00:00 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-17 21:18 - 2019-02-06 00:00 - 000038792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-17 21:18 - 2019-02-05 23:59 - 001457248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-17 21:18 - 2019-02-05 23:59 - 000983128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-17 21:18 - 2019-02-05 23:59 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-17 21:18 - 2019-02-05 23:45 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-17 21:18 - 2019-02-05 23:42 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-17 21:18 - 2019-02-05 23:41 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-02-17 21:18 - 2019-02-05 23:40 - 005792256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-17 21:18 - 2019-02-05 23:40 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-17 21:18 - 2019-02-05 23:38 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-17 21:18 - 2019-02-05 23:38 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-02-17 21:18 - 2019-02-05 23:37 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-17 21:18 - 2019-02-05 23:29 - 004865536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-17 21:18 - 2019-02-05 23:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-17 21:18 - 2019-02-05 23:28 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-17 21:18 - 2019-02-05 23:27 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-17 21:18 - 2019-02-05 23:27 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-17 21:18 - 2019-02-05 23:27 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-17 21:18 - 2019-02-05 23:26 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-02-17 21:18 - 2019-02-05 23:26 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-17 21:18 - 2019-02-05 23:25 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-17 21:18 - 2019-02-05 23:25 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-17 21:18 - 2019-02-05 23:23 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-17 21:18 - 2019-01-12 05:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-17 21:18 - 2019-01-09 15:08 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-02-17 21:18 - 2019-01-09 14:57 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-17 21:18 - 2019-01-09 14:42 - 004716032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-17 21:18 - 2019-01-09 14:41 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-02-17 21:18 - 2019-01-09 14:36 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-02-17 21:18 - 2019-01-09 07:14 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-02-17 21:18 - 2019-01-09 06:55 - 011919872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-02-17 21:18 - 2019-01-09 05:55 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-02-17 21:18 - 2019-01-09 05:48 - 000527368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-02-17 21:18 - 2019-01-09 02:59 - 000611848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-17 21:18 - 2019-01-09 02:44 - 000078688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-02-17 21:18 - 2019-01-09 02:43 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-02-17 21:18 - 2019-01-09 02:43 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-02-17 21:18 - 2019-01-09 02:43 - 002253480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-02-17 21:18 - 2019-01-09 02:43 - 001981280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-02-17 21:18 - 2019-01-09 02:43 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-17 21:18 - 2019-01-09 02:43 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-02-17 21:18 - 2019-01-09 02:43 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-02-17 21:18 - 2019-01-09 02:43 - 000127744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-02-17 21:18 - 2019-01-09 02:43 - 000071456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
2019-02-17 21:18 - 2019-01-09 02:42 - 001035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-17 21:18 - 2019-01-09 02:42 - 000092704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-02-17 21:18 - 2019-01-09 02:40 - 002765336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-17 21:18 - 2019-01-09 02:40 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-02-17 21:18 - 2019-01-09 02:40 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-02-17 21:18 - 2019-01-09 02:40 - 000226104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-17 21:18 - 2019-01-09 02:40 - 000090872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-02-17 21:18 - 2019-01-09 02:39 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-17 21:18 - 2019-01-09 02:39 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-17 21:18 - 2019-01-09 02:39 - 001943128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-17 21:18 - 2019-01-09 02:39 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-02-17 21:18 - 2019-01-09 02:39 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-02-17 21:18 - 2019-01-09 02:39 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-02-17 21:18 - 2019-01-09 02:39 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-17 21:18 - 2019-01-09 02:39 - 000164192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-02-17 21:18 - 2019-01-09 02:39 - 000085472 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
2019-02-17 21:18 - 2019-01-09 02:33 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-17 21:18 - 2019-01-09 02:32 - 013878272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-02-17 21:18 - 2019-01-09 02:29 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-02-17 21:18 - 2019-01-09 02:27 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-02-17 21:18 - 2019-01-09 02:27 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-17 21:18 - 2019-01-09 02:27 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-17 21:18 - 2019-01-09 02:26 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-02-17 21:18 - 2019-01-09 02:26 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-17 21:18 - 2019-01-09 02:26 - 002966016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-02-17 21:18 - 2019-01-09 02:25 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-17 21:18 - 2019-01-09 02:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-02-17 21:18 - 2019-01-09 02:24 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-02-17 21:18 - 2019-01-09 02:23 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-17 21:18 - 2019-01-09 02:23 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-02-17 21:18 - 2019-01-09 02:23 - 001189888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-17 21:18 - 2019-01-09 02:23 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-17 21:18 - 2019-01-09 02:23 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-02-17 21:18 - 2019-01-09 02:23 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-02-17 21:18 - 2019-01-09 02:23 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-02-17 21:18 - 2019-01-09 02:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-17 21:18 - 2019-01-09 02:22 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-17 21:18 - 2019-01-09 02:22 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-17 21:18 - 2019-01-09 02:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-02-17 21:18 - 2019-01-09 02:22 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-02-17 21:18 - 2019-01-09 02:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-17 21:18 - 2019-01-09 02:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-02-17 21:18 - 2019-01-09 02:21 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-17 21:18 - 2019-01-09 02:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-17 21:18 - 2019-01-09 02:20 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-17 21:18 - 2019-01-09 02:20 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-17 21:18 - 2019-01-09 02:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-17 21:18 - 2019-01-09 02:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-02-17 21:18 - 2019-01-09 02:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-17 21:18 - 2019-01-09 02:19 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-02-17 21:18 - 2019-01-09 02:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-02-17 21:18 - 2019-01-09 01:34 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-02-17 21:18 - 2019-01-09 01:34 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-02-17 21:18 - 2019-01-08 06:08 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-17 21:18 - 2019-01-08 00:06 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-17 21:17 - 2019-02-05 23:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-02-17 21:17 - 2019-02-05 23:21 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-17 21:17 - 2019-02-05 22:04 - 000001314 _____ C:\WINDOWS\system32\tcbres.wim
2019-02-17 21:17 - 2019-01-09 14:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-02-17 21:17 - 2019-01-09 02:24 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-02-17 21:17 - 2019-01-09 02:23 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-02-17 21:17 - 2019-01-09 02:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-02-17 21:17 - 2019-01-09 02:18 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2019-02-17 21:17 - 2019-01-08 00:06 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-03-13 10:16 - 2018-06-10 13:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-13 01:08 - 2018-04-11 20:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-13 00:58 - 2017-08-25 09:33 - 000000000 __SHD C:\Users\Geral\IntelGraphicsProfiles
2019-03-13 00:57 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-13 00:57 - 2017-08-25 09:30 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-03-13 00:56 - 2018-06-10 13:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-12 11:54 - 2018-04-11 20:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-03-12 11:37 - 2019-01-14 19:33 - 000000000 ____D C:\Users\Geral\AppData\Local\Spotify
2019-03-12 11:31 - 2019-01-14 19:32 - 000000000 ____D C:\Users\Geral\AppData\Roaming\Spotify
2019-03-12 11:20 - 2017-09-02 16:25 - 000000000 ____D C:\Users\Geral\AppData\Roaming\WhatsApp
2019-03-12 11:17 - 2018-06-10 13:21 - 000000000 ____D C:\Users\Geral\AppData\Roaming\Adobe
2019-03-12 11:17 - 2017-08-27 22:10 - 000000000 ____D C:\ProgramData\Adobe
2019-03-12 11:17 - 2017-08-27 22:07 - 000000000 ____D C:\Users\Geral\AppData\Local\Adobe
2019-03-12 11:16 - 2019-01-03 17:48 - 000000000 ____D C:\Program Files\Adobe
2019-03-12 10:56 - 2018-12-22 14:56 - 000000000 ___RD C:\Users\Geral\Creative Cloud Files
2019-03-12 10:36 - 2018-04-11 20:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-12 10:31 - 2017-08-25 09:37 - 000000000 ___RD C:\Users\Geral\OneDrive
2019-03-11 19:31 - 2017-08-27 22:11 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-03-11 19:16 - 2017-11-11 15:25 - 000000000 ___HD C:\Users\Geral\MicrosoftEdgeBackups
2019-03-11 13:40 - 2018-06-10 13:21 - 000000000 ____D C:\Users\Geral
2019-03-10 14:29 - 2018-09-27 08:21 - 000000000 ____D C:\WINDOWS\Minidump
2019-03-10 14:29 - 2018-03-17 08:04 - 000000344 _____ C:\WINDOWS\Tasks\HPCeeScheduleForGeral.job
2019-03-09 22:11 - 2018-07-05 22:51 - 000000000 ____D C:\Users\Geral\AppData\Local\CrashDumps
2019-03-09 17:08 - 2018-06-10 13:54 - 000003236 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForGeral
2019-03-09 15:56 - 2018-04-11 20:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-03-09 15:55 - 2018-04-11 20:36 - 000000000 ____D C:\WINDOWS\INF
2019-03-09 15:54 - 2017-10-30 17:53 - 000000000 ____D C:\Program Files\Microsoft Office
2019-03-08 20:46 - 2017-09-02 16:25 - 000000000 ____D C:\Users\Geral\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2019-03-08 20:46 - 2017-09-02 16:25 - 000000000 ____D C:\Users\Geral\AppData\Local\WhatsApp
2019-03-07 13:37 - 2018-06-10 13:14 - 000602944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-03-07 13:36 - 2018-04-11 18:04 - 001835008 _____ C:\WINDOWS\system32\config\BBI
2019-03-06 21:59 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-03-06 19:48 - 2016-10-14 15:50 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-03-06 11:07 - 2017-11-11 14:51 - 000000000 ____D C:\Users\Geral\AppData\Local\Packages
2019-03-06 08:21 - 2018-06-10 13:54 - 000003356 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-662939426-3632563996-1299455624-1001
2019-03-06 08:21 - 2018-06-10 13:21 - 000002406 _____ C:\Users\Geral\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-05 11:23 - 2017-08-25 10:22 - 000000000 ____D C:\Users\Geral\AppData\Roaming\PhotoScape
2019-03-05 07:53 - 2018-02-26 20:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-03-05 05:49 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-03-05 05:44 - 2018-09-11 16:23 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-03-05 05:37 - 2017-10-01 07:48 - 000592616 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-03-05 05:09 - 2018-09-14 09:21 - 000000000 ____D C:\Users\omiii\AppData\Local\AVG
2019-03-05 05:09 - 2018-06-01 09:04 - 000000000 ____D C:\Users\Geral\AppData\Local\Avg
2019-03-05 05:09 - 2018-06-01 08:59 - 000000000 ____D C:\ProgramData\AVG
2019-03-05 05:08 - 2018-09-14 09:18 - 000000000 ____D C:\Users\omiii
2019-03-05 05:08 - 2018-06-10 13:21 - 000000000 ____D C:\Users\defaultuser0
2019-03-04 21:41 - 2017-08-25 09:43 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-04 15:09 - 2016-10-14 15:50 - 000000990 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2019-03-04 01:31 - 2018-12-22 21:17 - 000002862 _____ C:\WINDOWS\System32\Tasks\[email protected]
2019-03-04 01:31 - 2018-06-10 13:54 - 000003504 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2019-03-04 01:31 - 2018-06-10 13:54 - 000003484 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-04 01:31 - 2018-06-10 13:54 - 000003260 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-03 21:54 - 2016-10-14 15:48 - 000000000 ____D C:\Program Files\HPCommRecovery
2019-03-03 21:26 - 2016-10-14 15:47 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-03-01 11:29 - 2017-08-26 13:28 - 000000000 ____D C:\Program Files\rempl
2019-02-28 12:26 - 2018-06-12 17:31 - 000000000 ____D C:\Users\Geral\AppData\Local\D3DSCache
2019-02-27 19:59 - 2016-10-14 15:48 - 000000000 ____D C:\ProgramData\Package Cache
2019-02-27 18:49 - 2018-12-31 12:18 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-02-27 11:45 - 2018-06-10 13:54 - 000004220 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C91FDBAD-5846-4D60-AA10-E9595DC339C0}
2019-02-27 11:24 - 2018-02-08 08:56 - 000000000 ____D C:\Users\Geral\Downloads\GYM
2019-02-26 18:07 - 2018-06-10 13:21 - 000000000 ____D C:\Users\Geral\AppData\Local\Google
2019-02-24 13:27 - 2018-06-10 13:20 - 001967070 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-24 13:27 - 2018-04-12 13:18 - 000858170 _____ C:\WINDOWS\system32\perfh00A.dat
2019-02-24 13:27 - 2018-04-12 13:18 - 000188376 _____ C:\WINDOWS\system32\perfc00A.dat
2019-02-19 08:25 - 2018-04-11 20:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-19 08:25 - 2018-04-11 20:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-19 08:25 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-19 08:25 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-19 08:24 - 2018-04-11 20:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-02-19 08:24 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-17 21:37 - 2018-04-11 20:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-14 13:14 - 2017-08-25 22:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-13 21:31 - 2017-08-25 22:05 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-13 20:47 - 2016-10-14 15:50 - 000000986 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2019-02-13 19:36 - 2018-06-10 13:54 - 000003820 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
==================== Files in the root of some directories =======
2019-03-03 18:13 - 2019-03-07 19:07 - 000001456 _____ () C:\Users\Geral\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2017-08-25 09:34 - 2019-03-13 07:19 - 006203962 _____ () C:\Users\Geral\AppData\Local\BTServer.log
2017-09-02 09:50 - 2018-08-05 10:28 - 000000173 _____ () C:\Users\Geral\AppData\Local\msmathematics.qat.Geral
2018-12-22 14:09 - 2018-12-22 14:09 - 000000410 _____ () C:\Users\Geral\AppData\Local\oobelibMkey.log
2019-03-06 14:09 - 2019-03-06 14:09 - 000029275 _____ () C:\Users\Geral\AppData\Local\recently-used.xbel
2018-12-29 20:58 - 2018-12-29 20:58 - 000000000 _____ () C:\Users\Geral\AppData\Local\{85FB2A34-D850-4B29-80B3-A55D34E91CAA}
2018-12-29 20:58 - 2018-12-29 20:58 - 000000000 _____ () C:\Users\Geral\AppData\Local\{C4FBED46-1B59-4CC1-9C62-3FA552839788}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-06-10 13:14
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11.03.2019
Ran by Geral (13-03-2019 10:22:24)
Running from C:\Users\Geral\Desktop
Windows 10 Home Single Language Version 1803 17134.590 (X64) (2018-06-10 16:56:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-662939426-3632563996-1299455624-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-662939426-3632563996-1299455624-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-662939426-3632563996-1299455624-1000 - Limited - Disabled) => C:\Users\defaultuser0
Geral (S-1-5-21-662939426-3632563996-1299455624-1001 - Administrator - Enabled) => C:\Users\Geral
HomeGroupUser$ (S-1-5-21-662939426-3632563996-1299455624-1003 - Limited - Enabled)
Invitado (S-1-5-21-662939426-3632563996-1299455624-501 - Limited - Disabled)
omiii (S-1-5-21-662939426-3632563996-1299455624-1005 - Limited - Enabled) => C:\Users\omiii
WDAGUtilityAccount (S-1-5-21-662939426-3632563996-1299455624-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
adobe (HKLM\...\{248F5CCE-4CD7-4350-9D3A-398E363923CC}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.8.1.435 - Adobe Systems Incorporated)
Adobe Illustrator CC 2019 (HKLM-x32\...\ILST_23_0_2) (Version: 23.0.2 - Adobe Systems Incorporated)
Adobe InDesign CC 2019 (HKLM-x32\...\IDSN_14_0_1) (Version: 14.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_3) (Version: 20.0.3 - Adobe Systems Incorporated)
AIO_Scan (HKLM-x32\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
CambridgeSoft Activation Client (HKLM-x32\...\{E773E0B9-6ABE-4F9E-816C-56B2DD8613B9}) (Version: 12.0 - CambridgeSoft Corporation)
CambridgeSoft ChemDraw Ultra 12.0 (HKLM-x32\...\{48DEAAF2-8276-4BBD-B7B6-91E454938476}) (Version: 12.0 - CambridgeSoft Corporation)
Chemistry Add-In for Microsoft Word 3.0.17 Release 4 (HKLM-x32\...\{3A8BF945-A4A0-4AA1-8499-487527A43C75}) (Version: 3.0.17.6639 - Chem4Word)
Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_NS_LP_DocCD (HKLM-x32\...\{C5C00116-FFD7-465e-8316-6055F320E7E5}) (Version: 90.0.222.000 - Hewlett-Packard) Hidden
DJ_AIO_ProductContext (HKLM-x32\...\{D7CDAC3E-0962-41D6-829D-6AB524120B43}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
DJ_AIO_Software (HKLM-x32\...\{F2C4B91A-250C-4A68-94EB-9643151F892B}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden
DJ_AIO_Software_min (HKLM-x32\...\{EED759C0-F201-4422-86FA-264075B882ED}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 68.4.102 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
EPSON TX133 TX135 Series Printer Uninstall (HKLM\...\EPSON TX133 TX135 Series) (Version: - SEIKO EPSON Corporation)
F4100 (HKLM-x32\...\{5C3AF724-B144-4AC1-B2CB-FB6D447116F1}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
F4100_Help (HKLM-x32\...\{A6B90148-02C5-4fd3-8D7A-EF2386835CB9}) (Version: 90.0.222.000 - Hewlett-Packard) Hidden
Fliqlo Protector de pantalla (HKLM-x32\...\Fliqlo) (Version: - )
GIMP 2.10.0 (HKLM\...\GIMP-2_is1) (Version: 2.10.0 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP 3D DriveGuard (HKLM-x32\...\{8F183B2E-D21D-4070-8132-DD39C3CBFA5C}) (Version: 6.0.41.1 - HP)
HP Audio Switch (HKLM-x32\...\{439BB4C2-432F-474A-9EAE-D933E4772FDC}) (Version: 1.0.137.0 - HP Inc.)
HP Deskjet All-In-One Software (HKLM\...\{2CB8566A-8EA6-417A-BAB1-1B10A88C79BB}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP JumpStart Bridge (HKLM-x32\...\{9B252E0D-7B31-48A6-B01E-B5CCBA286E8E}) (Version: 1.1.0.168 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{B90CB0DE-2E60-41C4-9857-466EB98192BF}) (Version: 1.1.158.0 - HP Inc.)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8357.5639 - HP Inc.)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{30514137-FB26-4E1A-A3B4-5B48680F3ECE}) (Version: 8.7.50.3 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{E692D769-1717-4D0A-B2D1-05E9B443357D}) (Version: 12.10.49.21 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{5D308D1F-E37B-431A-8D35-67D16287467D}) (Version: 1.4.28 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{d9719db8-d532-496c-9f2b-eeb1f69f7d89}) (Version: 10.1.1.34 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10608.329 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4509 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1094 - Intel Corporation)
Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.0.21 - Intel Corporation)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.11328.20146 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-662939426-3632563996-1299455624-1001\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.11328.20146 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Paquete de controladores de Windows - Intel Corporation (iagpioe) System (05/21/2015 604.10120.2652.361) (HKLM\...\AF9226384B030787C4D0F761A23F48F7649D6D17) (Version: 05/21/2015 604.10120.2652.361 - Intel Corporation)
Paquete de controladores de Windows - Intel Corporation (iai2ce) System (06/30/2015 604.10146.2643.2818) (HKLM\...\42CFE5B10021C15BFC08687E1D339C8BB3D32DDA) (Version: 06/30/2015 604.10146.2643.2818 - Intel Corporation)
Paquete de controladores de Windows - Intel Corporation (iauarte) System (05/21/2015 604.10120.2653.391) (HKLM\...\1D4FF76A05A14FF5BA3636A41E0AB237F3A55E14) (Version: 05/21/2015 604.10120.2653.391 - Intel Corporation)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.59 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.29095 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8564 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.76 - REALTEK Semiconductor Corp.)
Samsung Flow Driver (HKLM-x32\...\Samsung Flow Driver) (Version: 2.1.5.0 - Samsung Electronics Co., Ltd.)
Samsung System Agent (HKLM-x32\...\{88B7B54A-CAA8-4297-8158-4953C7DDC30C}) (Version: 1.0.51 - Samsung Electronics Co., Ltd.) Hidden
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-662939426-3632563996-1299455624-1001\...\Spotify) (Version: 1.1.1.348.g9064793a - Spotify AB)
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
WhatsApp (HKU\S-1-5-21-662939426-3632563996-1299455624-1001\...\WhatsApp) (Version: 0.3.2386 - WhatsApp)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-662939426-3632563996-1299455624-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-662939426-3632563996-1299455624-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-3351692307C1} -> [Creative Cloud Files] => C:\Users\Geral\Creative Cloud Files [2018-12-22 14:56]
CustomCLSID: HKU\S-1-5-21-662939426-3632563996-1299455624-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Geral\Dropbox [2017-08-25 10:00]
CustomCLSID: HKU\S-1-5-21-662939426-3632563996-1299455624-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09C34E04-E2BC-4CDA-9091-0586566C3723} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (HP Inc. -> HP Inc.)
Task: {1A642B7C-4C07-4336-967B-6AB9FD152875} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {36DEE241-56FE-41BC-B23D-3053E8A3ECE4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {4143DEE5-8454-460B-AAD8-F9E09E94916B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {4AB805FE-454D-4F2E-89BB-839485E7F2B7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {4EC9C9BA-46AD-4091-AF20-B2AD9F03CBF7} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {4F501F33-6A71-4D62-9084-117C0FE7B267} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe (HP Inc. -> HP Inc.)
Task: {52BEE754-0B17-49DB-A342-9636DCFD33E6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
Task: {535499E4-2499-4D31-80A2-A64EAAABC5BA} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe (HP Inc. -> )
Task: {54C4809C-E496-4F7A-8A72-3BC26760A393} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {60B5A7A5-55F4-4CC3-9881-3C9AF35A909F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe (HP Inc. -> HP Inc.)
Task: {63BFF29E-2BB9-4589-B59D-4D59E2810C35} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {7C49ED3A-D541-4FC4-A888-043F96B66D02} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {81B52969-245D-4A57-9D04-900E61BC727A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {84CB1E23-87F4-4747-8077-2B04C3F7712C} - System32\Tasks\{025B6188-453F-4E03-8871-B841E7EABAC2} => C:\windows\system32\pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {85EF1E91-EAA0-4D9A-816F-12490B26597B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {90BEF8FE-CB97-44F0-BFB5-5C94458E4D0C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (HP Inc. -> HP Inc.)
Task: {94F7BF01-94B7-4849-97F7-E2550DACE31A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {96A748A7-A2B3-40C5-B3D2-C766793EFEB9} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {9ED062F2-B142-4A88-852F-BD73360129AE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe (HP Inc. -> HP Inc.)
Task: {A9139C19-AA1D-4D8B-9299-EEBA60DA9CBD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {B09458E6-A592-4974-837E-A9436C88AEED} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {B4E55FDC-B2A9-4524-9EF1-5E70F729B7E6} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe (HP Inc. -> HP Inc.)
Task: {C70693C3-8FA9-453F-B92B-E7127657C7B9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe (HP Inc. -> HP Inc.)
Task: {C9E2E21A-E4D2-4106-BC87-91A2CCF34D58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {CA7287DA-9D07-4900-9188-45CFDAB79506} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {CB229342-979F-48C0-9E85-15BA191594BE} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {CE661FBB-FB69-459A-830F-3184AA6C50A5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {D0E0CF02-1AF3-406D-9314-9CE6ACA7486F} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe (HP Inc. -> )
Task: {DDCD90B0-88F1-4AE7-AC0B-18173FE38835} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {DF2C992E-535B-4803-ADB3-4306A1355698} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {FCB73186-0E49-48A6-98CD-0941718E6724} - System32\Tasks\HPCeeScheduleForGeral => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe (Hewlett-Packard Company -> HP Development Company, L.P.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForGeral.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-03-12 11:54 - 2019-02-01 10:56 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-03-12 11:54 - 2019-02-01 10:56 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-03-12 11:54 - 2019-02-01 10:56 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-03-12 11:54 - 2019-02-01 10:56 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-03-12 11:54 - 2019-02-01 10:56 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-03-12 11:54 - 2019-02-01 10:56 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-03-12 11:54 - 2019-02-01 10:55 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-03-12 11:54 - 2019-02-01 10:56 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-03-12 11:54 - 2019-02-01 10:56 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-03-12 11:54 - 2019-02-01 10:56 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-03-12 11:54 - 2019-02-01 10:56 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-03-12 11:54 - 2019-02-01 10:56 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-03-12 11:54 - 2019-02-01 10:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-03-12 11:54 - 2019-02-01 10:56 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-03-12 11:54 - 2019-02-01 10:56 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-03-12 11:54 - 2019-02-01 10:56 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-03-12 11:54 - 2019-02-01 10:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-03-12 11:54 - 2019-02-01 10:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-03-12 11:54 - 2019-02-01 10:56 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-02-22 10:52 - 2019-02-22 10:52 - 000116224 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\HPJumpStartBridge\184519d1f9e7a53c8273d456fa7fd108\HPJumpStartBridge.ni.exe
2019-02-22 10:48 - 2019-02-22 10:48 - 000134656 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\c3b5258f89e702cf9a51c14b65e35673\BRIDGECommon.ni.dll
2019-02-22 10:52 - 2019-02-22 10:52 - 000112128 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\a8af3a0dc06f76fb932ccfcdd2a00a09\BridgeExtension.ni.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 08:47 - 2018-12-22 21:27 - 000000830 _____ C:\WINDOWS\system32\drivers\etc\hosts
2018-05-11 22:34 - 2018-05-11 22:34 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-21-662939426-3632563996-1299455624-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Geral\Pictures\Travelling wallpapers\anders-jilden-36589-unsplash.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\StartupFolder: => "HP JumpStart Launch.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-662939426-3632563996-1299455624-1001\...\StartupApproved\StartupFolder: => "HP Orbit.lnk"
HKU\S-1-5-21-662939426-3632563996-1299455624-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-662939426-3632563996-1299455624-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-662939426-3632563996-1299455624-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{32A48586-E3AB-4CB2-8C89-74C66D8DA4C9}] => (Allow) C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemAgent.exe (SAMSUNG ELECTRONICS CO,.LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [TCP Query User{2BFBD246-9973-49CE-9404-F1F15EAC7566}C:\users\geral\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\geral\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{BAFE8852-230A-411A-878D-6D8255C349E7}C:\users\geral\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\geral\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{C88EC7D0-56B5-4997-92BB-9F40330EBCE8}C:\users\geral\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\geral\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{442D9AC1-FB20-40C4-B8C8-BC8375A9C887}C:\users\geral\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\geral\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DBAF907C-5962-4CE5-A7C6-71A9B8BCAC62}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9F5D59AF-36AE-4DCF-A1F7-8ED94BBA7F6B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0F3383C3-6B58-4531-9E37-771E6CB803BC}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe () [File not signed]
FirewallRules: [{A5164241-7A39-4D63-8F38-C167CED41BF6}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe () [File not signed]
FirewallRules: [{859DE77D-D00C-4E00-92F4-90EE40AE0F37}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe () [File not signed]
FirewallRules: [{08454B54-9903-45E1-AF91-DA1043A4100C}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe () [File not signed]
FirewallRules: [{79EB4185-71BC-4BF2-B2A5-41A944D48470}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe () [File not signed]
FirewallRules: [{96AC755C-EACB-4BF3-8505-F21E216A16BD}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe () [File not signed]
FirewallRules: [{CDCBD644-D36C-41B1-8144-089026670208}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{FD588EF4-82A7-4254-AA10-10FD6EB7BDDA}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Restore Points =========================
03-03-2019 17:44:58 Installed QuickTime 7
12-03-2019 17:39:26 Punto de control programado
13-03-2019 01:04:33 JRT Pre-Junkware Removal
13-03-2019 01:05:23 JRT Pre-Junkware Removal
13-03-2019 01:05:52 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/13/2019 10:26:00 AM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (3876,D,21) SRUJet: Se detectó un vínculo de página erróneo(error -338) en un árbol B (IdObjeto: 8, RaízNúmPág: 31) de la base de datos C:\WINDOWS\system32\SRU\SRUDB.dat (31 => 977, 14).
Error: (03/13/2019 10:26:00 AM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (3876,D,21) SRUJet: Se detectó un vínculo de página erróneo(error -338) en un árbol B (IdObjeto: 8, RaízNúmPág: 31) de la base de datos C:\WINDOWS\system32\SRU\SRUDB.dat (31 => 977, 14).
Error: (03/13/2019 10:26:00 AM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (3876,D,21) SRUJet: Se detectó un vínculo de página erróneo(error -338) en un árbol B (IdObjeto: 8, RaízNúmPág: 31) de la base de datos C:\WINDOWS\system32\SRU\SRUDB.dat (31 => 977, 14).
Error: (03/13/2019 10:26:00 AM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (3876,D,21) SRUJet: Se detectó un vínculo de página erróneo(error -338) en un árbol B (IdObjeto: 8, RaízNúmPág: 31) de la base de datos C:\WINDOWS\system32\SRU\SRUDB.dat (31 => 977, 14).
Error: (03/13/2019 10:26:00 AM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (3876,D,21) SRUJet: Se detectó un vínculo de página erróneo(error -338) en un árbol B (IdObjeto: 8, RaízNúmPág: 31) de la base de datos C:\WINDOWS\system32\SRU\SRUDB.dat (31 => 977, 14).
Error: (03/13/2019 10:25:00 AM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (3876,D,21) SRUJet: Se detectó un vínculo de página erróneo(error -338) en un árbol B (IdObjeto: 8, RaízNúmPág: 31) de la base de datos C:\WINDOWS\system32\SRU\SRUDB.dat (31 => 977, 14).
Error: (03/13/2019 10:25:00 AM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (3876,D,21) SRUJet: Se detectó un vínculo de página erróneo(error -338) en un árbol B (IdObjeto: 8, RaízNúmPág: 31) de la base de datos C:\WINDOWS\system32\SRU\SRUDB.dat (31 => 977, 14).
Error: (03/13/2019 10:25:00 AM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (3876,D,21) SRUJet: Se detectó un vínculo de página erróneo(error -338) en un árbol B (IdObjeto: 8, RaízNúmPág: 31) de la base de datos C:\WINDOWS\system32\SRU\SRUDB.dat (31 => 977, 14).
System errors:
=============
Error: (03/13/2019 04:04:40 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
y APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
al usuario NT AUTHORITY\LOCAL SERVICE con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (03/13/2019 01:00:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID
Windows.SecurityCenter.WscDataProtection
y APPID
No disponible
al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (03/13/2019 01:00:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID
Windows.SecurityCenter.WscDataProtection
y APPID
No disponible
al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (03/13/2019 12:57:28 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
y APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
al usuario NT AUTHORITY\NETWORK SERVICE con SID (S-1-5-20) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (03/12/2019 06:29:25 PM) (Source: DCOM) (EventID: 10016) (User: HP360)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
y APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
al usuario HP360\Geral con SID (S-1-5-21-662939426-3632563996-1299455624-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (03/12/2019 11:42:12 AM) (Source: DCOM) (EventID: 10016) (User: HP360)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
y APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
al usuario HP360\Geral con SID (S-1-5-21-662939426-3632563996-1299455624-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (03/12/2019 11:39:07 AM) (Source: DCOM) (EventID: 10016) (User: HP360)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
y APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
al usuario HP360\Geral con SID (S-1-5-21-662939426-3632563996-1299455624-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (03/12/2019 11:27:52 AM) (Source: DCOM) (EventID: 10016) (User: HP360)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
y APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
al usuario HP360\Geral con SID (S-1-5-21-662939426-3632563996-1299455624-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Windows Defender:
===================================
Date: 2019-03-12 16:56:05.720
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {EFB350B8-3BC5-48A5-BA28-0722F0BE23A0}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-03-12 12:46:20.429
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {B54F325C-4B3D-48DB-AFCB-12546AF85987}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-03-10 15:46:21.146
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {5DFBA4FA-0D29-4CD8-B13A-37DD049A8D18}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-03-10 12:07:49.813
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {2A0763C1-85CC-46B4-A682-C98BAA872F99}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: HP360\Geral
Date: 2019-03-09 08:12:16.930
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {F91B6D3A-47E8-452A-A148-EA4417EAA073}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-03-13 07:29:29.546
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.289.911.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.15700.9
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulta Ayuda y soporte técnico.
Date: 2019-03-13 01:08:36.490
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.289.911.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.15700.9
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulta Ayuda y soporte técnico.
Date: 2019-03-12 22:32:46.943
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.289.911.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.15700.9
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulta Ayuda y soporte técnico.
Date: 2019-03-12 20:50:54.260
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.289.911.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.15700.9
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulta Ayuda y soporte técnico.
Date: 2018-10-03 11:25:20.022
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.277.424.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.15300.6
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulta Ayuda y soporte técnico.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU N3710 @ 1.60GHz
Percentage of memory in use: 57%
Total physical RAM: 3938.27 MB
Available physical RAM: 1666.14 MB
Total Virtual: 7906.27 MB
Available Virtual: 5588.54 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:452.64 GB) (Free:338.1 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:11.89 GB) (Free:1.44 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{c5179e5d-6860-4be8-a362-bf1dff70aa26}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.5 GB) NTFS
\\?\Volume{98cd90c0-8a2a-4241-abad-5b6f61dcca63}\ () (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: E2A9B03F)
Partition: GPT.
==================== End of Addition.txt ============================
Bien… y ahora sigue estos pasos, MUY Importante Realiza una copia de seguridad del registro :
Para hacerlo descarga DelFix.exe(en tu escritorio).
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
Atención, ahora marca/selecciona únicamente la casilla Create registry backup, las demás casillas NO.
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {4143DEE5-8454-460B-AAD8-F9E09E94916B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {4EC9C9BA-46AD-4091-AF20-B2AD9F03CBF7} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {DF2C992E-535B-4803-ADB3-4306A1355698} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
HKLM-x32\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
2019-03-13 00:57 - 2017-08-25 09:30 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-12-29 20:58 - 2018-12-29 20:58 - 000000000 _____ () C:\Users\Geral\AppData\Local\{85FB2A34-D850-4B29-80B3-A55D34E91CAA}
2018-12-29 20:58 - 2018-12-29 20:58 - 000000000 _____ () C:\Users\Geral\AppData\Local\{C4FBED46-1B59-4CC1-9C62-3FA552839788}
2019-03-05 05:44 - 2018-09-11 16:23 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-02-26 17:07 - 2019-02-26 17:07 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign05e203efe166a89c
2019-02-26 16:59 - 2019-02-26 16:59 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign93606907c8766e98
2019-02-26 16:59 - 2019-02-26 16:59 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign053a37e11bb25f0b
2019-02-26 16:58 - 2019-02-26 16:58 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsignd015985b68551a22
2019-02-26 16:57 - 2019-02-26 16:57 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign9f309115cec88aaf
2019-02-26 16:57 - 2019-02-26 16:57 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign82ffde9f0b9fb484
2019-02-26 16:50 - 2019-02-26 16:50 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign70ff5e8283265acf
2019-02-26 16:49 - 2019-02-26 16:49 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign5ab4dd8245afa930
2019-02-26 16:49 - 2019-02-26 16:49 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign0782dee32f435322
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
ENDGuárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.
Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
Presionar el botón FIX y aguardar a que termine.
La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).
Pegar el contenido de este fichero en tu próxima respuesta.
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Saludos.
Me cuesta demasiado iniciar sesión o publicar en las redes sociales. (Claramente tengo un V). ¡Por si no vuelvo! En el siguiente mensaje, el .txt. ¡Muchas gracias, ante todo!
Geraldine.
Fix result of Farbar Recovery Scan Tool (x64) Version: 11.03.2019
Ran by Geral (13-03-2019 19:10:30) Run:1
Running from C:\Users\Geral\Desktop
Loaded Profiles: Geral (Available Profiles: defaultuser0 & Geral & omiii)
Boot Mode: Safe Mode (with Networking)
==============================================
fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {4143DEE5-8454-460B-AAD8-F9E09E94916B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {4EC9C9BA-46AD-4091-AF20-B2AD9F03CBF7} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {DF2C992E-535B-4803-ADB3-4306A1355698} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
HKLM-x32\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
2019-03-13 00:57 - 2017-08-25 09:30 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-12-29 20:58 - 2018-12-29 20:58 - 000000000 _____ () C:\Users\Geral\AppData\Local\{85FB2A34-D850-4B29-80B3-A55D34E91CAA}
2018-12-29 20:58 - 2018-12-29 20:58 - 000000000 _____ () C:\Users\Geral\AppData\Local\{C4FBED46-1B59-4CC1-9C62-3FA552839788}
2019-03-05 05:44 - 2018-09-11 16:23 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-02-26 17:07 - 2019-02-26 17:07 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign05e203efe166a89c
2019-02-26 16:59 - 2019-02-26 16:59 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign93606907c8766e98
2019-02-26 16:59 - 2019-02-26 16:59 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign053a37e11bb25f0b
2019-02-26 16:58 - 2019-02-26 16:58 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsignd015985b68551a22
2019-02-26 16:57 - 2019-02-26 16:57 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign9f309115cec88aaf
2019-02-26 16:57 - 2019-02-26 16:57 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign82ffde9f0b9fb484
2019-02-26 16:50 - 2019-02-26 16:50 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign70ff5e8283265acf
2019-02-26 16:49 - 2019-02-26 16:49 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign5ab4dd8245afa930
2019-02-26 16:49 - 2019-02-26 16:49 - 000000000 ____D C:\Users\Geral\AppData\Local\Tempzxpsign0782dee32f435322
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{4143DEE5-8454-460B-AAD8-F9E09E94916B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4143DEE5-8454-460B-AAD8-F9E09E94916B}" => removed successfully
C:\WINDOWS\System32\Tasks\Avast Software\Overseer => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{4EC9C9BA-46AD-4091-AF20-B2AD9F03CBF7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4EC9C9BA-46AD-4091-AF20-B2AD9F03CBF7}" => removed successfully
C:\WINDOWS\System32\Tasks\AVG\Overseer => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG\Overseer" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF2C992E-535B-4803-ADB3-4306A1355698}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF2C992E-535B-4803-ADB3-4306A1355698}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AvastUI.exe" => removed successfully
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\WAB Migrate" => removed successfully
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\WAB Migrate" => removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Users\Geral\AppData\Local\{85FB2A34-D850-4B29-80B3-A55D34E91CAA} => moved successfully
C:\Users\Geral\AppData\Local\{C4FBED46-1B59-4CC1-9C62-3FA552839788} => moved successfully
C:\WINDOWS\System32\Tasks\AVAST Software => moved successfully
C:\Users\Geral\AppData\Local\Tempzxpsign05e203efe166a89c => moved successfully
C:\Users\Geral\AppData\Local\Tempzxpsign93606907c8766e98 => moved successfully
C:\Users\Geral\AppData\Local\Tempzxpsign053a37e11bb25f0b => moved successfully
C:\Users\Geral\AppData\Local\Tempzxpsignd015985b68551a22 => moved successfully
C:\Users\Geral\AppData\Local\Tempzxpsign9f309115cec88aaf => moved successfully
C:\Users\Geral\AppData\Local\Tempzxpsign82ffde9f0b9fb484 => moved successfully
C:\Users\Geral\AppData\Local\Tempzxpsign70ff5e8283265acf => moved successfully
C:\Users\Geral\AppData\Local\Tempzxpsign5ab4dd8245afa930 => moved successfully
C:\Users\Geral\AppData\Local\Tempzxpsign0782dee32f435322 => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-662939426-3632563996-1299455624-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-662939426-3632563996-1299455624-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= End of CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
Error en la operaci¢n. No hay ning£n adaptador permitido para
esta operaci¢n.
========= End of CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
Unable to connect to BITS - 0x8007043c
========= End of CMD: =========
========= netsh advfirewall reset =========
Aceptar
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= End of CMD: =========
========= netsh int ipv4 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
========= netsh int ipv6 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 11034624 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 168924505 B
Java, Flash, Steam htmlcache => 1124 B
Windows/system/drivers => 10141379 B
Edge => 4096 B
Chrome => 93881084 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 2770 B
LocalService => 0 B
NetworkService => 6063560 B
NetworkService => 0 B
defaultuser0 => 0 B
Geral => 1157772444 B
omiii => 97531854 B
RecycleBin => 0 B
EmptyTemp: => 1.4 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:13:21 ====Tengo la mitad de las opciones de las redes sociales en cualquier navegador y en las aplicaciones de la Store. En la mayoría no puedo publicar nada. La cámara se prende y apaga sola. Mi celular igual dice “no hay señal”. O “se traba”.
Geraldine.
Hola.
En los procesos que se ven activos en tus informes NO hay NADA sospechoso. 
Que tengas muchos programas/procesos activos es totalmente normal, en cualquier equipo con W10(1803) como el tuyo pueden haber perfectamente 150 o mas procesos funcionando y la gran mayoría son del propio sistema operativo.
Si quieres podemos hacer alguna verificación de infecciones con algún antivirus online o puedes instalar alguna antivirus gratuito y verificar con él tu sistema.
Aparte de eso, el uso de activadores de programas como los que encontró Malwarebytes pueden seer responsables de problemas e infecciones que se producen con tu consentimiento.
Nos comentas.
Saludos.
Hagamos eso. No puedo usar ninguna red social. ¿Eso de dónde vino? No me permite usar ninguna red social del celu o de la compu. Tengo la mitad de las opciones de las redes sociales en cualquier navegador y en las aplicaciones de la Store. En la mayoría no puedo publicar nada. La cámara se prende y apaga sola. Mi celular igual dice “no hay señal”. O “se traba”. ¿Alguna ayuda para eso? El activador no creo que sea porque todo funcionaba hace unos días. Es decir, hace un tiempo veo que la P.C. está más lenta y al cerrar los programas en segundo plano me di cuenta que andaba mucho más ligera y por si acaso decidí preguntar acá. Ahora, desde ayer a la noche, no puedo usar las redes. Dudo que sean los activadores. Igualmente tengo las páginas de donde los bajé. Y fue cosa de ayer hasta hoy. Es raro. Fue todo en el mismo instante. ¿Abrá algo para chequear alguna infección maliciosa? Si no tendré que ir al service. =(
Geraldine.
Si los problemas son tanto en el móvil como en el equipo puede deberse a problemas con TU router. 
Realiza un REINICIO a valores de fabrica con tu router.
SI usas Chrome… Revisalo siguiendo estos pasos :
Y comprueba/desactiva la opción “Sincronizar todo” y después de hacerlo :
Despues de hacerlo cierras el navegador lo vuelves a iniciar y compruebas el problema.
Nos comentas resultados.
Saludos.
Bueno. Ya realicé todo. ¡Muchas gracias! Igualmente la barra de direcciones al entrar por ejemplo a Facebook genera símbolos diferentes de antes. Realicé la limpieza de Chrome, sigue igual. Y tengo el error 403 Forbidden access en Chrome e Internet explorer (No puedo descargar información del drive del trabajo). ¿Tiene algo que ver?