No termina de actualizar win 10

buenas! hice los 3 pasos y hubo avances… pero al final no termino ejecute el asistente para actualizar win 10 y cuando termino el asistente se puso la pantalla violeta y empezo a actualizar, pero cuando llego al 93% me salto un mensaje diciendo que hubo un error y no pudo terminar la actualizacion. el codigo es 0x800700b7. gracias

Hola @blackvisor

Menos mal, ya lo lograremos.:+1:

El error que te aparece esta directamente relacionado con Copia de Seguridad y Restauración. Al correr la actualización no puede generar el punto de restauración. Algo lo impide.

Tienes activado Restaurar Sistema? Que antivirus tienes?

Ademas realiza lo indicado en el siguiente enlace a partir deEjecutar el solucionador de problemas de Windows Update, marca la casilla Windows 10 y te habilitara el enlace para el solucionador de problemas.

Nos comentas.

Salu2.

buenas! perdon por la demora en contestar…desde el lunes que no tengo internet…ahora estoy usando los datos del celular jaja :grinning:

restaurar el sistema lo tengo activado y mi antivirus es el avast free.

el solucionador de problemas me tiro lo siguiente.

gracias!!

Hola @blackvisor

Es una mala idea ir a Windows Update con el paquete de datos, no se en tu país los valores, pero en el mio en un día se comió el paquete de un mes…:persevere:

Si, realiza lo siguiente:

Descarga FSS.exe a tu escritorio.

  • Ejecuta FSS.exe (Presiona clic derecho y seleccionas Ejecutar como administrador)

Marca todas las opciones:

  • Internet Services.
  • Windows Firewall
  • System Restore.
  • Security Center/Action Center.
  • Windows Update.
  • Windows Defender.

Presiona el botón Scan y espera a que termine su trabajo.

Se abrirá un Bloc de notas. Copia y pega el contenido en tu próxima respuesta.

Todavía no intentes actualizar que quiero ver los servicios.

Salu2.

buenas! ya me vinieron a arreglar internet !!

te paso lo del bloc de notas:

Farbar Service Scanner Version: 27-01-2016
Ran by dalila (administrator) on 02-03-2019 at 15:28:34
Running from "E:\Desktop\Downloads"
Microsoft Windows 10 Home  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Policy: 
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe"".


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

Hola:

Dos cuestiones:

La herramienta debes ejecutarla desde C: o desde el escritorio donde tienes el SO

De todas maneras no mostró nada relevante.

a) Desinstala tu Antivirus con su >>> herramienta especifica. (Estarás sin antivirus), no lo reinstales hasta que te lo diga.

b) Luego de reiniciar:

Realiza lo siguiente:

1.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. [size=1] >> Como saber si mi Windows es de 32 o 64 bits.?[/size]

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

2.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

buenas! te paso el FSS. esta vez lo hice desde C:

Farbar Service Scanner Version: 27-01-2016
Ran by dalila (administrator) on 03-03-2019 at 01:23:51
Running from "C:\Users\dalila\Desktop"
Microsoft Windows 10 Home  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

ahora van los de Frst. el primero es Frst.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.03.2019
Ran by dalila (administrator) on DESKTOP-OE0ML4N (03-03-2019 01:16:26)
Running from E:\Desktop\Downloads
Loaded Profiles: dalila (Available Profiles: dalila)
Platform: Windows 10 Home Version 1703 15063.1387 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\NisSrv.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8903176 2016-09-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\Policies\Explorer: [] 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\Installer\chrmstp.exe [2019-02-24] (Google LLC -> Google Inc.)
GroupPolicy: Restriction - Chrome <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 100.72.3.97 100.72.3.117
Tcpip\..\Interfaces\{92532174-8b48-47a1-baea-0492ccfc71c8}: [DhcpNameServer] 100.72.3.97 100.72.3.117
Tcpip\..\Interfaces\{d4f2feff-841e-44fe-8640-06cc74198b76}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================

FireFox:
========
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-11-12] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-11-12] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-01-31] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Default [2019-03-03]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-10]
CHR Profile: C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-03-03]
CHR Extension: (Presentaciones) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-02]
CHR Extension: (Documentos) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-02]
CHR Extension: (Google Drive) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-02]
CHR Extension: (YouTube) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-02]
CHR Extension: (Handy Tab) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\clgckgfbhciacomhlchmgdnplmdiadbj [2019-03-02]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-03-02]
CHR Extension: (Hojas de cálculo) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-02]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-02]
CHR Extension: (Avast Online Security) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-03-02]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-02]
CHR Extension: (Gmail) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-02]
CHR Extension: (Chrome Media Router) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-02]
CHR Profile: C:\Users\dalila\AppData\Local\Google\Chrome\User Data\System Profile [2019-03-03]
CHR HKLM-x32\...\Chrome\Extension: [clgckgfbhciacomhlchmgdnplmdiadbj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1353208 2017-06-08] (Autodesk, Inc -> Autodesk Inc.)
S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [431616 2017-09-05] (Microsoft Corporation) [File not signed]
S4 Disc Soft Lite Bus Service; E:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-05-30] (Disc Soft Ltd -> Disc Soft Ltd)
S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784000 2018-08-31] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-09-14] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [7965224 2018-08-12] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S4 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
S4 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-10-03] (Even Balance, Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-03-03] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-03-03] (Microsoft Corporation -> Microsoft Corporation)
S4 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
S4 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-08] (ASUSTeK Computer Inc. -> )
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 DroidCam; C:\Windows\system32\DRIVERS\droidcam.sys [33592 2015-05-24] (DEV47 APPS -> Dev47Apps)
S3 DroidCamVideo; C:\Windows\system32\DRIVERS\droidcamvideo.sys [230712 2015-05-24] (DEV47 APPS -> Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-10-04] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-10-04] (Disc Soft Ltd -> Disc Soft Ltd)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_6992f55a2cc4b209\nvlddmkm.sys [20371952 2018-11-13] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46472 2019-03-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [333792 2019-03-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [62432 2019-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [48656 2018-09-11] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-03 01:16 - 2019-03-03 01:16 - 000000000 ____D C:\FRST
2019-03-03 00:25 - 2019-03-03 00:25 - 000000000 ____D C:\Windows\pss
2019-03-03 00:04 - 2019-03-03 00:56 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2019-02-24 02:58 - 2019-02-24 02:59 - 000000000 ___SD C:\Windows\UpdateAssistantV2
2019-02-24 02:01 - 2019-02-24 18:31 - 000000000 ____D C:\Windows10Upgrade
2019-02-24 02:01 - 2019-02-24 18:02 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asistente para actualización a Windows 10.lnk
2019-02-24 02:01 - 2019-02-24 18:02 - 000000719 _____ C:\Users\dalila\Desktop\Asistente para actualización a Windows 10.lnk
2019-02-23 19:03 - 2019-02-23 19:33 - 000000000 ____D C:\Program Files\CUAssistant
2019-02-19 19:06 - 2019-03-02 23:33 - 000004264 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-02-17 14:53 - 2019-02-17 14:55 - 1817268299 _____ C:\Users\dalila\Downloads\Lizzie.2018.1080p-dual-lat-cinecalidad.to.mp4
2019-02-14 20:15 - 2019-02-14 20:15 - 000000000 ____D C:\Users\dalila\AppData\Local\JUMP_FORCE
2019-02-14 20:13 - 2019-02-14 20:13 - 000000806 _____ C:\Users\Public\Desktop\Jump Force.lnk
2019-02-14 20:13 - 2019-02-14 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jump Force

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-03 01:10 - 2017-06-13 00:17 - 008520678 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-03 01:10 - 2017-03-20 02:11 - 004383650 _____ C:\Windows\system32\perfh00A.dat
2019-03-03 01:10 - 2017-03-20 02:11 - 001232058 _____ C:\Windows\system32\perfc00A.dat
2019-03-03 01:08 - 2017-07-08 14:43 - 000000000 ____D C:\Users\dalila\AppData\Roaming\MPC-HC
2019-03-03 01:08 - 2017-06-13 23:12 - 000000000 ____D C:\Users\dalila\AppData\Local\CrashDumps
2019-03-03 01:08 - 2017-03-18 18:01 - 000000000 ____D C:\Windows\INF
2019-03-03 01:07 - 2018-03-08 00:01 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-03-03 01:05 - 2017-06-13 00:25 - 000000000 ____D C:\ProgramData\NVIDIA
2019-03-03 01:03 - 2018-03-21 17:53 - 000000000 ____D C:\Users\dalila\AppData\Local\AVAST Software
2019-03-03 01:03 - 2017-06-13 03:09 - 000000000 ____D C:\ProgramData\AVAST Software
2019-03-03 01:03 - 2017-06-12 19:09 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-03 01:03 - 2017-03-18 08:40 - 001048576 _____ C:\Windows\system32\config\BBI
2019-03-03 01:02 - 2017-12-06 12:18 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2019-03-03 00:08 - 2017-06-12 19:09 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-03-02 23:41 - 2018-12-30 23:13 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2019-03-02 23:32 - 2018-04-12 14:26 - 000000000 ___HD C:\$WINDOWS.~BT
2019-03-02 23:32 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\registration
2019-03-02 15:31 - 2018-03-31 23:09 - 000041913 _____ C:\Windows\diagwrn.xml
2019-03-02 15:31 - 2018-03-31 23:09 - 000041913 _____ C:\Windows\diagerr.xml
2019-03-02 14:49 - 2017-06-12 19:09 - 000000000 ____D C:\Windows\Panther
2019-03-02 14:24 - 2018-03-07 23:54 - 000000000 ____D C:\Program Files\rempl
2019-03-01 17:28 - 2017-06-13 00:16 - 000000000 ____D C:\Users\dalila
2019-02-28 20:10 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\AppReadiness
2019-02-28 20:08 - 2017-06-12 19:09 - 000398144 _____ C:\Windows\system32\FNTCACHE.DAT
2019-02-28 20:07 - 2017-03-20 02:13 - 000000000 ____D C:\Windows\HoloShell
2019-02-28 20:07 - 2017-03-18 18:03 - 000000000 ___SD C:\Windows\SysWOW64\F12
2019-02-28 20:07 - 2017-03-18 18:03 - 000000000 ___SD C:\Windows\system32\F12
2019-02-28 17:42 - 2018-03-13 07:42 - 000004210 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-02-28 17:15 - 2017-03-18 17:51 - 000000000 ____D C:\Windows\CbsTemp
2019-02-28 17:11 - 2017-03-18 08:40 - 000032768 _____ C:\Windows\system32\config\ELAM
2019-02-25 21:18 - 2017-06-13 01:32 - 000000000 ____D C:\Users\dalila\AppData\Local\NVIDIA Corporation
2019-02-24 20:33 - 2018-03-31 22:34 - 000000000 ___HD C:\$GetCurrent
2019-02-24 19:42 - 2018-03-31 23:06 - 000000036 _____ C:\Windows\progress.ini
2019-02-24 02:59 - 2017-03-18 18:03 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2019-02-24 02:59 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2019-02-24 02:59 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\SysWOW64\setup
2019-02-24 02:59 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\SysWOW64\oobe
2019-02-24 02:59 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-02-24 02:58 - 2017-03-20 02:11 - 000000000 ____D C:\Windows\system32\es
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ___RD C:\Windows\PrintDialog
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ___RD C:\Program Files\Windows Defender
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\system32\WinMetadata
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\system32\setup
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\system32\oobe
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\system32\migwiz
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\system32\appraiser
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\ShellExperiences
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\Provisioning
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-02-24 02:58 - 2017-03-18 08:40 - 000000000 ____D C:\Windows\system32\Dism
2019-02-24 02:58 - 2017-03-18 08:40 - 000000000 ____D C:\Windows\servicing
2019-02-24 02:55 - 2017-03-18 18:03 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2019-02-24 02:55 - 2017-03-18 18:03 - 000207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2019-02-24 02:36 - 2017-03-18 18:03 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-24 02:35 - 2017-06-13 00:16 - 000000000 ____D C:\Users\dalila\AppData\Local\Packages
2019-02-24 02:34 - 2017-06-14 01:01 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2019-02-24 02:34 - 2017-06-14 01:01 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2019-02-24 02:34 - 2017-06-14 00:59 - 000000000 ____D C:\Program Files\Microsoft Office
2019-02-24 02:34 - 2017-03-18 18:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-24 02:34 - 2017-03-18 18:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-02-24 01:31 - 2017-06-13 01:23 - 000000436 _____ C:\Users\dalila\Desktop\Este equipo.lnk
2019-02-24 00:16 - 2018-11-19 18:37 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-23 19:10 - 2017-06-13 11:35 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-20 17:39 - 2017-09-29 20:57 - 000000000 ____D C:\Program Files (x86)\ActiveSMART 2.98
2019-02-20 17:38 - 2018-06-09 21:38 - 000000000 ____D C:\ProgramData\GlarySoft
2019-02-20 17:38 - 2018-03-12 21:54 - 000000000 ____D C:\Program Files\Malwarebytes
2019-02-20 17:38 - 2017-09-29 20:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-02-20 17:38 - 2017-09-29 20:34 - 000000000 ____D C:\Users\dalila\AppData\Roaming\GlarySoft
2019-02-20 16:31 - 2017-09-29 20:57 - 000000000 ___HD C:\ProgramData\ActiveSMART
2019-02-19 21:54 - 2017-09-29 20:55 - 000000045 _____ C:\Windows\SysWOW64\initdebug.nfo
2019-02-19 21:54 - 2017-06-15 01:33 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-02-19 21:10 - 2018-12-15 11:03 - 000000000 ____D C:\Users\dalila\Desktop\Nueva carpeta (2)
2019-02-19 19:20 - 2018-03-18 17:03 - 000000000 ____D C:\Users\dalila\AppData\Local\MSfree Inc
2019-02-19 19:06 - 2017-03-18 18:03 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-02-16 22:35 - 2019-01-12 00:27 - 000000000 _____ C:\Windows\system32\last.dump
2019-02-15 18:39 - 2017-10-04 00:17 - 000000000 ____D C:\Users\dalila\AppData\Roaming\DAEMON Tools Lite
2019-02-14 20:15 - 2018-08-12 22:28 - 000000000 ____D C:\Users\dalila\AppData\Local\UnrealEngine
2019-02-14 19:14 - 2017-06-13 01:11 - 000000000 ____D C:\Windows\system32\MRT
2019-02-14 19:12 - 2017-06-13 01:11 - 129330784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-02-14 18:27 - 2017-06-13 11:37 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-02-10 07:57 - 2017-07-27 00:10 - 000003380 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4230046787-4224212327-3222585596-1001
2019-02-10 07:57 - 2017-06-27 17:03 - 000002404 _____ C:\Users\dalila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-10 07:57 - 2017-06-13 00:19 - 000000000 ___RD C:\Users\dalila\OneDrive
2019-02-06 22:28 - 2017-06-16 12:58 - 000000000 ____D C:\Users\dalila\AppData\Local\ElevatedDiagnostics
2019-02-06 16:01 - 2017-06-15 01:33 - 000000000 ____D C:\Program Files\CCleaner
2019-02-05 17:15 - 2018-11-19 18:37 - 000003484 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-02-05 17:15 - 2018-11-19 18:37 - 000003260 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-02-05 17:15 - 2018-09-28 07:14 - 000003398 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-05 17:15 - 2018-09-28 07:14 - 000003196 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-05 17:15 - 2018-09-28 07:14 - 000003152 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-05 17:15 - 2018-09-28 07:14 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-05 17:15 - 2018-09-28 07:14 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-05 17:15 - 2018-09-28 07:14 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-05 17:15 - 2018-09-28 07:14 - 000002914 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-05 17:15 - 2018-04-06 17:20 - 000002590 _____ C:\Windows\System32\Tasks\CreateExplorerShellUnelevatedTask
2019-02-05 17:15 - 2017-10-16 22:56 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-02-05 17:15 - 2017-06-15 01:33 - 000002220 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-02-05 17:15 - 2017-06-13 23:02 - 000002984 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-05 17:15 - 2017-06-13 23:02 - 000002956 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-05 17:15 - 2017-06-13 23:02 - 000002838 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-05 17:15 - 2017-06-13 23:02 - 000002744 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-05 17:15 - 2017-06-13 01:44 - 000003118 _____ C:\Windows\System32\Tasks\Intel PTT EK Recertification

==================== Files in the root of some directories =======

2018-07-04 01:59 - 2018-07-04 01:59 - 000000094 _____ () C:\Users\dalila\AppData\Local\fusioncache.dat

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-03-01 17:16

==================== End of FRST.txt ============================

y este es Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.03.2019
Ran by dalila (03-03-2019 01:17:41)
Running from E:\Desktop\Downloads
Windows 10 Home Version 1703 15063.1387 (X64) (2017-06-13 03:13:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-4230046787-4224212327-3222585596-500 - Administrator - Disabled)
ASPNET (S-1-5-21-4230046787-4224212327-3222585596-1002 - Limited - Enabled)
dalila (S-1-5-21-4230046787-4224212327-3222585596-1001 - Administrator - Enabled) => C:\Users\dalila
DefaultAccount (S-1-5-21-4230046787-4224212327-3222585596-503 - Limited - Disabled)
Invitado (S-1-5-21-4230046787-4224212327-3222585596-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Actualización de NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Aplicaciones destacadas de Autodesk (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
App Manager de Autodesk (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.3.7.0 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.3.7.0 - ASUSTek COMPUTER INC.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.031 - ASUSTek Computer Inc.)
AutoCAD 2011 - Español (HKLM\...\{5783F2D7-9001-040A-0102-0060B0CE6BBA}) (Version: 18.1.116.0 - Autodesk) Hidden
AutoCAD 2011 - Español (HKLM\...\AutoCAD 2011 - Español) (Version: 18.1.49.0 - Autodesk)
AutoCAD 2011 - Español Version 2.1 (HKLM\...\AutoCAD 2011 - Español Version 2.1) (Version: 1 - Autodesk)
AutoCAD 2011 Language Pack - Español (HKLM\...\{5783F2D7-9001-040A-1102-0060B0CE6BBA}) (Version: 18.1.49.0 - Autodesk) Hidden
AutoCAD 2015 - Español (Spanish) (HKLM\...\{5783F2D7-E001-0000-0102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 - Español (Spanish) (HKLM\...\{5783F2D7-E001-040A-2102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015  Language Pack - Español (Spanish) (HKLM\...\{5783F2D7-E001-040A-1102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{556966D9-F7F6-421B-9707-D07901604DDF}) (Version: 5.2.3.1000 - Autodesk)
Autodesk AutoCAD 2015 - Español (Spanish) (HKLM\...\AutoCAD 2015 - Español (Spanish)) (Version: 20.0.51.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk BIM 360 Revit 2015 Add-in 64 bit (HKLM\...\{37E1C3A1-7DBF-4250-9314-46167B68383D}) (Version: 3.32.3357 - Autodesk)
Autodesk Collaboration for Revit 2018 (HKLM\...\{AA384BE4-1800-0010-0000-97E7D7D00B17}) (Version: 18.0.0.420 - Autodesk) Hidden
Autodesk Collaboration for Revit 2018 (HKLM\...\Autodesk Collaboration for Revit 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Content Service (HKLM-x32\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Design Review 2011 (HKLM-x32\...\{8D20B4D7-3422-4099-9332-39F27E617A6F}) (Version: 11.0.0.86 - Autodesk, Inc.) Hidden
Autodesk Design Review 2011 (HKLM-x32\...\Autodesk Design Review 2011) (Version: 11.0.0.86 - Autodesk, Inc.)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.6.272 - Autodesk)
Autodesk Material Library 2011 (HKLM-x32\...\{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Base Image library (HKLM-x32\...\{CD1E078C-A6B9-47DA-B035-6365C85C7832}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Medium Image library (HKLM-x32\...\{975951E7-14D0-49AF-A630-89680D12D7F6}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2015 (HKLM-x32\...\{4FBC9635-AC56-4378-8FDE-C4D3ED072681}) (Version: 5.2.8.100 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2018 (HKLM-x32\...\{1B0F011A-66B4-4865-98B7-0FE132841035}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.8.100 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2018 (HKLM-x32\...\{6EC5DA32-D02D-47D4-A3C4-988C1BC1A5FE}) (Version: 16.11.1.0 - Autodesk)
Autodesk ReCap (HKLM\...\{31ABA3F2-0000-1033-0102-111D43815377}) (Version: 1.3.1.39 - Autodesk) Hidden
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.1.39 - Autodesk)
Autodesk Revit 2015 - Español (Spanish) (HKLM\...\Autodesk Revit 2015 - Español (Spanish)) (Version: 15.0.207.0 - Autodesk)
Autodesk Revit 2018 (HKLM\...\Autodesk Revit 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Revit Content Libraries 2015 - Español (Spanish) (HKLM\...\Autodesk Revit Content Libraries 2015 - Español (Spanish)) (Version: 15.0.207.0 - Autodesk)
Autodesk Revit Content Libraries 2018 (HKLM\...\Autodesk Revit Content Libraries 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Revit MEP Imperial Content (HKLM\...\{7A218E72-B73A-44AF-B4CA-D97EEEAACEFF}) (Version: 2.1 - Autodesk)
Autodesk Revit MEP Metric Content (HKLM\...\{14301A33-A4A1-41B8-A3BF-237AEC8561BB}) (Version: 2.1 - Autodesk)
Autodesk Revit Model Review 2018 (HKLM\...\{715812E8-1800-0010-0000-BBB894911B46}) (Version: 18.0.0.420 - Autodesk) Hidden
Autodesk Revit Model Review 2018 (HKLM\...\Autodesk Revit Model Review 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Workflows 2015 (HKLM\...\{A90DD6F8-60D2-4803-AFF6-796400E73E1B}) (Version: 5.2.14.100 - Autodesk, Inc.)
Autodesk Workflows 2018 (HKLM\...\{28B17270-375A-4844-9D34-754A457E17BF}) (Version: 16.11.1.0 - Autodesk, Inc.)
Batch Print for Autodesk Revit 2018 (HKLM\...\{82AF00E4-1800-0010-0000-FCE0F87063F9}) (Version: 18.0.0.420 - Autodesk) Hidden
Batch Print for Autodesk Revit 2018 (HKLM\...\Batch Print for Autodesk Revit 2018) (Version: 18.0.0.420 - Autodesk)
Call of Duty(R) 2 (HKLM-x32\...\{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.94 - NVIDIA Corporation) Hidden
Dragon Ball FighterZ Ultimate Edition MULTi11 - ElAmigos versión 1.10 (HKLM-x32\...\{C138FF15-7C43-44E1-9F64-40F7EDA696F5}_is1) (Version: 1.10 - Bandai Namco Entertainment)
DRAGON BALL XENOVERSE 2 (HKLM-x32\...\DRAGON BALL XENOVERSE 2_is1) (Version:  - )
Dying Light Ultimate Edition MULTi9 - ElAmigos versión 1.15.0 (HKLM-x32\...\{081AEA41-828F-4775-8670-D83382BBD30F}_is1) (Version: 1.15.0 - Techland)
Dynamo Revit 1.2.2 (HKLM\...\{0FF47E28-76A5-44BA-8EEF-58824252F528}) (Version: 1.2.2.373 - Dynamo)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
eTransmit for Autodesk Revit 2018 (HKLM\...\{4477F08B-1800-0010-0000-9A09D834DFF5}) (Version: 18.0.0.420 - Autodesk) Hidden
eTransmit for Autodesk Revit 2018 (HKLM\...\eTransmit for Autodesk Revit 2018) (Version: 18.0.0.420 - Autodesk)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FARO LS 1.1.600.6 (64bit) (HKLM-x32\...\{510A08AF-1649-4844-94E5-EAC43A023685}) (Version: 6.0.6.5 - FARO Scanner Production)
FormIt Converter For Revit 2018 (HKLM\...\{9FFF4CAD-41A6-44D2-9467-A16AC4B6DC2A}) (Version: 1.9.3.0 - Autodesk)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Hellblade Senuas Sacrifice MULTi20 - ElAmigos versión 1.03 (HKLM-x32\...\{2B882A88-DC28-46C3-A736-17F08FC262F9}_is1) (Version: 1.03 - Ninja Theory)
Importación de SketchUp (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Network Connections 21.1.27.0 (HKLM\...\PROSetDX) (Version: 21.1.27.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
IronPython 2.7.3 (HKLM-x32\...\{1EBADAEA-1A0F-40E3-848C-0DD8C5E5A10D}) (Version: 2.7.31000.0 - IronPython Team)
Jump Force Ultimate Edition MULTi14 - ElAmigos versión 1.0 (HKLM-x32\...\{E7BE40FB-7006-42A9-ADCF-7F57D754B9F0}_is1) (Version: 1.0 - Bandai Namco Entertainment)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lumion 8.0 (HKLM\...\Lumion 8.0_is1) (Version: 8.0 - Act-3D B.V.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{52EBC484-44A1-4DC5-824A-0A503735ABD8}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Middle Earth Shadow of Mordor versión 1.0.1951.27 u8 (HKLM-x32\...\{2C034D2A-A3A8-4298-8858-BAC7580D09FD}_is1) (Version: 1.0.1951.27 u8 - WB Games)
Middle Earth Shadow of War Gold Edition MULTi13 - ElAmigos versión 1.0 (HKLM-x32\...\{0C936F33-85E0-479C-AD0A-4FF22F3DC31F}_is1) (Version: 1.0 - WB Games)
MPC-HC 1.7.10 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.10 - MPC-HC Team)
Naruto to Boruto Shinobi Striker MULTi11 - ElAmigos versión 1.03.00 (HKLM-x32\...\{0FCE3798-538C-4FB0-A2E6-93FEA9FDFA42}_is1) (Version: 1.03.00 - Bandai Namco Entertainment)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA Controlador de 3D Vision 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 416.94 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.94 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Panel de control de NVIDIA 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.94 - NVIDIA Corporation) Hidden
Paquete de idioma de Revit 2015 - Español (Spanish) (HKLM\...\{7346B4A0-1500-0511-040A-705C0D862004}) (Version: 15.0.207.0 - Autodesk) Hidden
Personal Accelerator for Revit (HKLM\...\{7C317DB0-F399-4024-A289-92CF4B6FB256}) (Version: 16.0.1205.0 - Autodesk) Hidden
Personal Accelerator for Revit (HKLM\...\Personal Accelerator for Revit) (Version: 16.0.1205.0 - Autodesk)
Prototype(TM) (HKLM-x32\...\{9322A850-9091-4D0E-B252-3E82EDA3D94A}) (Version: 1.0 - Activision) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7940 - Realtek Semiconductor Corp.)
Revit 2015 - Español (Spanish) (HKLM\...\{7346B4A0-1500-0510-0000-705C0D862004}) (Version: 15.0.207.0 - Autodesk) Hidden
Revit 2018 (HKLM\...\{7346B4A0-1800-0510-0000-705C0D862004}) (Version: 18.0.0.420 - Autodesk) Hidden
Revit Content Libraries 2015 - Español (Spanish) (HKLM\...\{941030D0-1500-0410-0000-818BB38A95FC}) (Version: 15.0.207.0 - Autodesk) Hidden
Revit Content Libraries 2018 (HKLM\...\{941030D0-1800-0410-0000-818BB38A95FC}) (Version: 18.0.0.420 - Autodesk) Hidden
Shadow of the Tomb Raider Croft Edition MULTi12 - ElAmigos versión 1.0.237.6 (HKLM-x32\...\{5749598C-C7FE-4BCB-BF30-CC8996E73C76}_is1) (Version: 1.0.237.6 - Square Enix)
SketchUp 2015 (HKLM\...\{7C62B699-5E17-48F4-BF4E-9250FFCE5E72}) (Version: 15.3.331 - Trimble Navigation Limited)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{13668B9F-F140-4BAB-AB06-08E0D43564F4}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{EC4F72E8-52FE-454E-B70F-DBE5C0FA44C5}) (Version: 1.20.0.0 - Microsoft Corporation) Hidden
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WarCraft III versión 1.26a (HKLM-x32\...\WarCraft III_is1) (Version: 1.26a - Blizzard Entertainment)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Worksharing Monitor for Autodesk Revit 2018 (HKLM\...\{5063E738-1800-0010-0000-7B7B9AB0B696}) (Version: 18.0.0.420 - Autodesk) Hidden
Worksharing Monitor for Autodesk Revit 2018 (HKLM\...\Worksharing Monitor for Autodesk Revit 2018) (Version: 18.0.0.420 - Autodesk)
Worms W.M.D. (HKLM-x32\...\Worms W.M.D._is1) (Version:  - )
XSplit Gamecaster (HKLM-x32\...\{8915913F-E4AF-46C5-B4EF-3535D83BFFDE}) (Version: 2.5.1507.3018 - SplitmediaLabs)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> E:\autocad 2015\AutoCAD 2015\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> E:\autocad 2015\AutoCAD 2015\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> E:\autocad 2011\autocad\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> E:\autocad 2011\autocad\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> E:\autocad 2011\autocad\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> E:\autocad 2011\autocad\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Identificador de icono superpuesto para firmas digitales de AutoCAD] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2014-02-07] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1-x32: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files (x86)\Common Files\Autodesk Shared\DWF Common\DWFShellExtension.dll [2010-01-11] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\igfxDTCM.dll [2018-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-11-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09DA6A8F-F243-471E-BA23-ABE33EBC74C5} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {10E8493A-D84F-4781-B84F-0D310E1E5258} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {11654289-0C05-4668-A2F1-A4C5EFEB8CF7} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistant => C:\Windows\UpdateAssistant\UpdateAssistant.exe
Task: {1F280736-D9CC-4710-A490-558559E5DAE8} - System32\Tasks\S-1-5-21-4230046787-4224212327-3222585596-1001\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe (Microsoft Windows -> Microsoft Corporation)
Task: {214FA2BF-4E8E-4A53-BFBB-2840323D6309} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {2A997591-D4F2-4535-A0F7-4557B095CA32} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2ABB88EE-339C-4061-B51A-1C95FE9EF434} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe (ASUSTeK Computer Inc. -> ) [File not signed]
Task: {33CCC1F2-84B5-4140-A08C-8F358DD2C3D4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {36917C68-1DC7-4919-966D-10B1112234FA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {396F8FDE-A7D9-4EAB-871A-18CF997E336C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\Windows\UpdateAssistant\UpdateAssistant.exe
Task: {3BE52E0E-C11D-4007-B936-6FC84D6C2DB9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Task: {499577AB-FDB4-4545-9980-92897E0947BA} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4A7D27EB-3003-4468-88D1-83846B886D40} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {5BD71536-A3FE-4963-B9AE-59DF35AC8FFA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {644AAE09-3796-4E5A-A582-CD9E54D6E596} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe
Task: {71E21C04-8573-4A91-8DDA-DC3DDF06F957} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7E132284-231A-4B8F-9D7F-205791B4F935} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9A797DF6-88B7-4BCA-8173-034A7F6FC68A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe
Task: {A6AAECBB-EF97-421A-843F-700E0C05E314} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A7DF9CC8-3458-4475-8014-ED5A6888C1C9} - System32\Tasks\Microsoft\Windows\rempl\shell-maintenance => C:\Program Files\rempl\remsh.exe
Task: {A8C57FDF-B490-4002-B45C-3B442C3EF13A} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe
Task: {BC4B6BDC-DFD0-43F8-9C0E-4E01226946C0} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CD98B13C-9847-4ED9-9E46-9865CA1E66BD} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {E0A0E6B0-1370-4D2A-A1B1-92A9D574FDDD} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe
Task: {E12E2BFF-7A71-4E34-9914-C5C827324463} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)
Task: {E5AF1A45-2091-4357-9621-A05A8517F0B5} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {E950C347-BEF0-4382-BDB1-E7CA6BB247E4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {EAB2D582-2B4E-472F-9159-3F230E8B82B1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ECF4DEDC-542B-4C3A-B72B-129379C2D881} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe (Microsoft Windows -> Microsoft Corporation)
Task: {EF8F39D8-5BE4-40B6-B8D6-6FEAA961D91C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============


==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\Software\Classes\.scr: scrfile =>  <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\1-2005-search.com -> www.1-2005-search.com

There are 12682 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 18:03 - 2019-01-04 13:27 - 000000855 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKCU\Environment\\Path: %USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dalila\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 100.72.3.97 - 100.72.3.117
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdAppMgrSvc => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Autodesk Content Service => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: cplspcon => 3
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: FlexNet Licensing Service 64 => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 3
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: igfxCUIService2.0.0.0 => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) PROSet Monitoring Service => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvTelemetryContainer => 2
HKLM\...\StartupApproved\Run: => "RTHDVCPL"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C91D8026-F96D-4D26-B98C-2C7DEEA71F31}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BE9C16BD-8580-40D6-9CB9-2C2200B1FAEE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EB8B459D-A6D8-43E5-96D7-AF4E52DC03AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E743E5E7-CF64-49C3-A44C-067ED4B0ED86}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{74240F3C-7635-4B58-BAD4-8E9894E4E71F}] => (Allow) LPort=59200
FirewallRules: [{5FD03B9B-C821-4A2C-9779-C7D59D87DA45}] => (Allow) LPort=5000
FirewallRules: [{A9734053-E0C4-4FD6-AD4D-14AD11BF791E}] => (Allow) LPort=50248
FirewallRules: [{7938B7B5-E360-4AD2-99C1-4A3586F40FE1}] => (Block) %ProgramFiles%\Lumion 8.0\Lumion.exe No File
FirewallRules: [{7376F00D-E902-4947-9EF5-4CE9E80C8D5A}] => (Block) %ProgramFiles%\Lumion 8.0\Lumion.exe No File
FirewallRules: [{A668D845-E010-4F04-BD6A-461CEFABA7DB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{DB50ADA3-BAEB-45CD-A2FB-063D6ED22AC9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{42F1872A-280A-44B1-8E1A-6AD880F9F534}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{5C7DF577-6EB5-4940-923E-B541C373B2AB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{FD1E627E-463C-4487-9CC1-7A55B2B40B79}E:\naruto to boruto striker\naruto to boruto shinobi striker\naruto\binaries\win64\naruto-win64-shipping.exe] => (Allow) E:\naruto to boruto striker\naruto to boruto shinobi striker\naruto\binaries\win64\naruto-win64-shipping.exe (Soleil Ltd. -> Soleil Ltd.)
FirewallRules: [UDP Query User{1AD0BC9D-DC7C-4FEA-8DEE-B304B5042B7D}E:\naruto to boruto striker\naruto to boruto shinobi striker\naruto\binaries\win64\naruto-win64-shipping.exe] => (Allow) E:\naruto to boruto striker\naruto to boruto shinobi striker\naruto\binaries\win64\naruto-win64-shipping.exe (Soleil Ltd. -> Soleil Ltd.)
FirewallRules: [TCP Query User{A921E671-6A8E-4F44-91C0-3E01996CCDBE}E:\dying light\dying light\dyinglightgame.exe] => (Allow) E:\dying light\dying light\dyinglightgame.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [UDP Query User{1B56A3A9-9D5D-4FDF-BAE6-967D2B0FA43C}E:\dying light\dying light\dyinglightgame.exe] => (Allow) E:\dying light\dying light\dyinglightgame.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [{A93224EC-38BB-429B-AC0F-70FCBAB55B1B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{83D65765-E7C0-4619-8AF6-A617E608B537}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4F5515B9-EECB-4D81-BBEE-F5E5335748AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BC39CB83-826F-433C-8507-AFA3585DA9C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4DCA5856-20D5-40D5-BD67-9744A270DE78}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AD405369-55FB-4DDD-9C25-4C0D51452958}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{BD9DD5D5-B6BF-4F4C-8CB3-8AF54014593E}D:\jump force\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe] => (Allow) D:\jump force\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [UDP Query User{C3EA6AF5-EB7F-4A36-82C9-047831ACC0DB}D:\jump force\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe] => (Allow) D:\jump force\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [{D2C89B81-F9D1-41D0-93DD-4E1E3791E9BF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)
FirewallRules: [{06E98C78-D787-4993-ABC0-2EADB733B5A0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)
FirewallRules: [{E448BF5D-58B0-407A-9FFF-732FC24B519F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

28-02-2019 17:14:50 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/28/2019 05:31:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: cleanmgr.exe, versión: 10.0.15063.0, marca de tiempo: 0xca1f6bde
Nombre del módulo con errores: strgsnsaddons.dll, versión: 10.0.17134.1007, marca de tiempo: 0x1cf06153
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000001c02c
Identificador del proceso con errores: 0x1170
Hora de inicio de la aplicación con errores: 0x01d4cfa3003393bb
Ruta de acceso de la aplicación con errores: C:\Windows\system32\cleanmgr.exe
Ruta de acceso del módulo con errores: C:\Program Files\rempl\strgsnsaddons.dll
Identificador del informe: b8e73877-e800-4fe3-942a-3ee271b186a0
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (02/26/2019 04:53:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: cleanmgr.exe, versión: 10.0.15063.0, marca de tiempo: 0xca1f6bde
Nombre del módulo con errores: strgsnsaddons.dll, versión: 10.0.17134.1007, marca de tiempo: 0x1cf06153
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000001c02c
Identificador del proceso con errores: 0x6c
Hora de inicio de la aplicación con errores: 0x01d4ce09685b3b34
Ruta de acceso de la aplicación con errores: C:\Windows\system32\cleanmgr.exe
Ruta de acceso del módulo con errores: C:\Program Files\rempl\strgsnsaddons.dll
Identificador del informe: 276013c7-a724-494b-98d6-978518fcb504
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (02/24/2019 02:48:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-OE0ML4N)
Description: No se pudo activar la aplicación Microsoft.Windows.Photos_8wekyb3d8bbwe!App debido al error: -2144927142. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

Error: (02/24/2019 02:42:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-OE0ML4N)
Description: No se pudo activar la aplicación Microsoft.Windows.Photos_8wekyb3d8bbwe!App debido al error: -2144927142. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

Error: (02/24/2019 12:52:07 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/23/2019 07:00:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-OE0ML4N)
Description: No se pudo activar la aplicación Microsoft.Windows.Photos_8wekyb3d8bbwe!App debido al error: -2144927142. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

Error: (02/23/2019 06:48:49 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/20/2019 08:02:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-OE0ML4N)
Description: No se pudo activar la aplicación Microsoft.Windows.Photos_8wekyb3d8bbwe!App debido al error: -2144927142. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.


System errors:
=============
Error: (03/03/2019 01:18:51 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-OE0ML4N)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 y APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 al usuario DESKTOP-OE0ML4N\dalila con SID (S-1-5-21-4230046787-4224212327-3222585596-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.ContentDeliveryManager_10.0.15063.0_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (03/03/2019 01:03:51 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio HvHost se cerró con el siguiente error: 
Uno de los dispositivos conectados al sistema no funciona.

Error: (03/03/2019 01:03:03 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-OE0ML4N)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (03/03/2019 01:02:55 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-OE0ML4N)
Description: Error de DCOM "1084" al intentar iniciar el servicio netprofm con argumentos "No disponible" para ejecutar el servidor:
{A47979D2-C419-11D9-A5B4-001185AD2B89}

Error: (03/03/2019 01:02:47 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-OE0ML4N)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (03/03/2019 01:02:40 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-OE0ML4N)
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (03/03/2019 01:02:40 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-OE0ML4N)
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (03/03/2019 01:02:40 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-OE0ML4N)
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}


Windows Defender:
===================================
Date: 2019-03-03 01:06:00.947
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_E:\Desktop\Documents\diego el mejor\programas utiles\activador win 10\KMSAuto Net 2015 v1.3.7\KMSAuto Net.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.287.354.0, AS: 1.287.354.0, NIS: 1.287.354.0
Versión de motor: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-19 19:02:30.751
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_E:\Desktop\Documents\diego el mejor\programas utiles\activador win 10\KMSAuto Net 2015 v1.3.7\KMSAuto Net.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-OE0ML4N\dalila
Nombre de proceso: C:\Windows\explorer.exe
Versión de firma: AV: 1.287.354.0, AS: 1.287.354.0, NIS: 1.287.354.0
Versión de motor: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-19 19:02:25.865
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_E:\Desktop\Documents\diego el mejor\programas utiles\activador win 10\KMSAuto Net 2015 v1.3.7\KMSAuto Net.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-OE0ML4N\dalila
Nombre de proceso: C:\Program Files\WinRAR\WinRAR.exe
Versión de firma: AV: 1.287.354.0, AS: 1.287.354.0, NIS: 1.287.354.0
Versión de motor: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-19 18:51:09.230
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_E:\Desktop\Documents\diego el mejor\programas utiles\office 2016 + activador\ac2016\KMSTEST5+\KMSAuto.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.287.189.0, AS: 1.287.189.0, NIS: 1.287.189.0
Versión de motor: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-19 18:50:20.118
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_E:\Desktop\Documents\diego el mejor\programas utiles\office 2016 + activador\ac2016\KMSTEST5+\KMSAuto.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-OE0ML4N\dalila
Nombre de proceso: C:\Windows\explorer.exe
Versión de firma: AV: 1.287.189.0, AS: 1.287.189.0, NIS: 1.287.189.0
Versión de motor: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-15 16:19:29.145
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 
Origen de actualización: Usuario
Tipo de firma: 
Tipo de actualización: 
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 
Código de error: 0x80070652
Descripción del error: Existe otra instalación en curso. Complete dicha instalación antes de continuar con ésta. 

Date: 2019-02-05 12:17:20.705
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.283.2845.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-02-05 12:17:20.705
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.283.2845.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-02-05 12:17:20.704
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.283.2845.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-02-05 12:17:20.700
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.283.2845.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

CodeIntegrity:
===================================

Date: 2019-02-15 17:56:39.742
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-10 15:15:30.454
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-06 22:02:59.870
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-01-13 01:04:03.428
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\icarus\appdata\Bin64\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

Date: 2019-01-11 16:34:08.132
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\icarus\appdata\Bin64\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

Date: 2019-01-11 16:19:07.153
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\icarus\appdata\Bin64\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

Date: 2019-01-11 16:12:50.805
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\icarus\appdata\Bin64\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

Date: 2019-01-08 22:07:05.187
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\icarus\appdata\Bin64\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-7600 CPU @ 3.50GHz
Percentage of memory in use: 43%
Total physical RAM: 8139.76 MB
Available physical RAM: 4587.86 MB
Total Virtual: 11851.76 MB
Available Virtual: 7197.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:488.06 GB) (Free:354.08 GB) NTFS
Drive d: () (Fixed) (Total:465.75 GB) (Free:313.11 GB) NTFS
Drive e: (Datos) (Fixed) (Total:443.23 GB) (Free:219.58 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 733FD22C)

Partition: GPT.

==================== End of Addition.txt ============================

graciasss!!

Hola:

Ojo que estas corriendo las herramientas de diferentes lugares.

FSS la corriste de:

C:\Users\dalila\Desktop

Y FRST de:

E:\Desktop\Downloads

Importante: Corta el ejecutable de FRST y pegarlo en C:\Users\dalila*Desktop* <<< desde allí tienes que correr las herramientas que te indiquemos.

Sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Inicie su ordenador en >>> Modo Seguro

Luego vaya a::

Inicio >>> Ejecutar >>> Escribe notepad.exe o abra un nuevo archivo Notepad y copie y pegue lo siguiente:

Start
CloseProcesses:
C:\Users\dalila\Desktop"
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\Policies\Explorer: [] 
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-03-02]
CHR Extension: (Avast Online Security) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-03-02]
CHR HKLM-x32\...\Chrome\Extension: [clgckgfbhciacomhlchmgdnplmdiadbj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
U1 aswbdisk; no ImagePath
2019-02-19 19:06 - 2019-03-02 23:33 - 000004264 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-03-03 01:03 - 2018-03-21 17:53 - 000000000 ____D C:\Users\dalila\AppData\Local\AVAST Software
2019-03-03 01:03 - 2017-06-13 03:09 - 000000000 ____D C:\ProgramData\AVAST Software
2019-02-05 17:15 - 2017-10-16 22:56 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
Task: {3BE52E0E-C11D-4007-B936-6FC84D6C2DB9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Task: {CD98B13C-9847-4ED9-9E46-9865CA1E66BD} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
lternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\Software\Classes\.scr: scrfile =>  <==== ATTENTION
FirewallRules: [{7938B7B5-E360-4AD2-99C1-4A3586F40FE1}] => (Block) %ProgramFiles%\Lumion 8.0\Lumion.exe No File
FirewallRules: [{7376F00D-E902-4947-9EF5-4CE9E80C8D5A}] => (Block) %ProgramFiles%\Lumion 8.0\Lumion.exe No File

RemoveProxy:
EmptyTemp:
Hosts:
end
  • Lo guarda bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe/Frst64.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajará.

  • Ejecute Frst.exe o Frst64.exe. según el caso.
  • Presione el botón Fix y aguarde a que termine.
  • La Herramienta guardará el reporte en su escritorio (Fixlog.txt).
  • Reinicia y lo pega en su próxima respuesta.

Nos comentas…

Salu2

buenas… te paso frst

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.03.2019 01
Ran by dalila (administrator) on DESKTOP-OE0ML4N (03-03-2019 16:02:28)
Running from C:\Users\dalila\Desktop
Loaded Profiles: dalila (Available Profiles: dalila)
Platform: Windows 10 Home Version 1703 15063.1387 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.1563_none_b931a2a26f82ac69\TiWorker.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\MsMpEng.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\NisSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8903176 2016-09-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\Installer\chrmstp.exe [2019-02-24] (Google LLC -> Google Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 100.72.3.97 100.72.3.117
Tcpip\..\Interfaces\{92532174-8b48-47a1-baea-0492ccfc71c8}: [DhcpNameServer] 100.72.3.97 100.72.3.117
Tcpip\..\Interfaces\{d4f2feff-841e-44fe-8640-06cc74198b76}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================

FireFox:
========
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-11-12] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-11-12] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-01-31] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Default [2019-03-03]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-10]
CHR Profile: C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-03-03]
CHR Extension: (Presentaciones) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-02]
CHR Extension: (Documentos) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-02]
CHR Extension: (Google Drive) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-02]
CHR Extension: (YouTube) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-02]
CHR Extension: (Handy Tab) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\clgckgfbhciacomhlchmgdnplmdiadbj [2019-03-02]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-03-02]
CHR Extension: (Hojas de cálculo) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-02]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-02]
CHR Extension: (Avast Online Security) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-03-02]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-02]
CHR Extension: (Gmail) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-02]
CHR Extension: (Chrome Media Router) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-02]
CHR Profile: C:\Users\dalila\AppData\Local\Google\Chrome\User Data\System Profile [2019-03-03]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1353208 2017-06-08] (Autodesk, Inc -> Autodesk Inc.)
S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [431616 2017-09-05] (Microsoft Corporation) [File not signed]
S4 Disc Soft Lite Bus Service; E:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-05-30] (Disc Soft Ltd -> Disc Soft Ltd)
S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784000 2018-08-31] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-09-14] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [7965224 2018-08-12] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S4 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
S4 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-10-03] (Even Balance, Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-03-03] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-03-03] (Microsoft Corporation -> Microsoft Corporation)
S4 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
S4 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-08] (ASUSTeK Computer Inc. -> )
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 DroidCam; C:\Windows\system32\DRIVERS\droidcam.sys [33592 2015-05-24] (DEV47 APPS -> Dev47Apps)
S3 DroidCamVideo; C:\Windows\system32\DRIVERS\droidcamvideo.sys [230712 2015-05-24] (DEV47 APPS -> Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-10-04] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-10-04] (Disc Soft Ltd -> Disc Soft Ltd)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_6992f55a2cc4b209\nvlddmkm.sys [20371952 2018-11-13] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46472 2019-03-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [333792 2019-03-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [62432 2019-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [48656 2018-09-11] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-03 16:02 - 2019-03-03 16:03 - 000012460 _____ C:\Users\dalila\Desktop\FRST.txt
2019-03-03 15:58 - 2019-03-03 15:58 - 000009307 _____ C:\Users\dalila\Desktop\Fixlog.txt
2019-03-03 15:53 - 2019-03-03 15:53 - 002434560 _____ (Farbar) C:\Users\dalila\Desktop\FRST64.exe
2019-03-03 15:26 - 2019-03-03 15:28 - 000000248 _____ C:\DelFix.txt
2019-03-03 15:26 - 2019-03-03 15:26 - 000000000 ____D C:\Windows\ERUNT
2019-03-03 01:16 - 2019-03-03 16:02 - 000000000 ____D C:\FRST
2019-03-03 00:25 - 2019-03-03 00:25 - 000000000 ____D C:\Windows\pss
2019-03-03 00:04 - 2019-03-03 15:50 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2019-02-24 02:58 - 2019-02-24 02:59 - 000000000 ___SD C:\Windows\UpdateAssistantV2
2019-02-24 02:01 - 2019-02-24 18:31 - 000000000 ____D C:\Windows10Upgrade
2019-02-24 02:01 - 2019-02-24 18:02 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asistente para actualización a Windows 10.lnk
2019-02-24 02:01 - 2019-02-24 18:02 - 000000719 _____ C:\Users\dalila\Desktop\Asistente para actualización a Windows 10.lnk
2019-02-23 19:03 - 2019-02-23 19:33 - 000000000 ____D C:\Program Files\CUAssistant
2019-02-14 20:15 - 2019-02-14 20:15 - 000000000 ____D C:\Users\dalila\AppData\Local\JUMP_FORCE
2019-02-14 20:13 - 2019-02-14 20:13 - 000000806 _____ C:\Users\Public\Desktop\Jump Force.lnk
2019-02-14 20:13 - 2019-02-14 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jump Force

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-03 16:01 - 2017-06-13 00:25 - 000000000 ____D C:\ProgramData\NVIDIA
2019-03-03 16:01 - 2017-03-18 17:51 - 000000000 ____D C:\Windows\CbsTemp
2019-03-03 15:59 - 2017-06-12 19:09 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-03 15:58 - 2017-03-18 18:03 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-03-03 15:58 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-03-03 15:58 - 2017-03-18 08:40 - 001048576 _____ C:\Windows\system32\config\BBI
2019-03-03 15:51 - 2017-06-16 12:58 - 000000000 ____D C:\Users\dalila\AppData\Local\ElevatedDiagnostics
2019-03-03 15:38 - 2017-06-13 00:17 - 008550104 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-03 15:38 - 2017-03-20 02:11 - 004399338 _____ C:\Windows\system32\perfh00A.dat
2019-03-03 15:38 - 2017-03-20 02:11 - 001236812 _____ C:\Windows\system32\perfc00A.dat
2019-03-03 15:22 - 2017-06-12 19:09 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-03-03 13:40 - 2017-07-08 14:43 - 000000000 ____D C:\Users\dalila\AppData\Roaming\MPC-HC
2019-03-03 13:40 - 2017-03-18 18:01 - 000000000 ____D C:\Windows\INF
2019-03-03 02:36 - 2017-06-12 19:09 - 000000000 ____D C:\Windows\Panther
2019-03-03 02:29 - 2018-03-31 23:09 - 000059058 _____ C:\Windows\diagwrn.xml
2019-03-03 02:29 - 2018-03-31 23:09 - 000059058 _____ C:\Windows\diagerr.xml
2019-03-03 02:04 - 2018-12-30 23:13 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2019-03-03 01:58 - 2018-04-12 14:26 - 000000000 ___HD C:\$WINDOWS.~BT
2019-03-03 01:58 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\registration
2019-03-03 01:08 - 2017-06-13 23:12 - 000000000 ____D C:\Users\dalila\AppData\Local\CrashDumps
2019-03-03 01:07 - 2018-03-08 00:01 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-03-03 01:02 - 2017-12-06 12:18 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2019-03-02 14:24 - 2018-03-07 23:54 - 000000000 ____D C:\Program Files\rempl
2019-03-01 17:28 - 2017-06-13 00:16 - 000000000 ____D C:\Users\dalila
2019-02-28 20:10 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\AppReadiness
2019-02-28 20:08 - 2017-06-12 19:09 - 000398144 _____ C:\Windows\system32\FNTCACHE.DAT
2019-02-28 20:07 - 2017-03-20 02:13 - 000000000 ____D C:\Windows\HoloShell
2019-02-28 20:07 - 2017-03-18 18:03 - 000000000 ___SD C:\Windows\SysWOW64\F12
2019-02-28 20:07 - 2017-03-18 18:03 - 000000000 ___SD C:\Windows\system32\F12
2019-02-28 17:42 - 2018-03-13 07:42 - 000004210 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-02-28 17:11 - 2017-03-18 08:40 - 000032768 _____ C:\Windows\system32\config\ELAM
2019-02-25 21:18 - 2017-06-13 01:32 - 000000000 ____D C:\Users\dalila\AppData\Local\NVIDIA Corporation
2019-02-24 20:33 - 2018-03-31 22:34 - 000000000 ___HD C:\$GetCurrent
2019-02-24 19:42 - 2018-03-31 23:06 - 000000036 _____ C:\Windows\progress.ini
2019-02-24 02:59 - 2017-03-18 18:03 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2019-02-24 02:59 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2019-02-24 02:59 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\SysWOW64\setup
2019-02-24 02:59 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\SysWOW64\oobe
2019-02-24 02:59 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-02-24 02:58 - 2017-03-20 02:11 - 000000000 ____D C:\Windows\system32\es
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ___RD C:\Windows\PrintDialog
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ___RD C:\Program Files\Windows Defender
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\system32\WinMetadata
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\system32\setup
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\system32\oobe
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\system32\migwiz
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\system32\appraiser
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\ShellExperiences
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\Provisioning
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-02-24 02:58 - 2017-03-18 18:03 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-02-24 02:58 - 2017-03-18 08:40 - 000000000 ____D C:\Windows\system32\Dism
2019-02-24 02:58 - 2017-03-18 08:40 - 000000000 ____D C:\Windows\servicing
2019-02-24 02:55 - 2017-03-18 18:03 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2019-02-24 02:55 - 2017-03-18 18:03 - 000207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2019-02-24 02:36 - 2017-03-18 18:03 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-24 02:35 - 2017-06-13 00:16 - 000000000 ____D C:\Users\dalila\AppData\Local\Packages
2019-02-24 02:34 - 2017-06-14 01:01 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2019-02-24 02:34 - 2017-06-14 01:01 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2019-02-24 02:34 - 2017-06-14 00:59 - 000000000 ____D C:\Program Files\Microsoft Office
2019-02-24 02:34 - 2017-03-18 18:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-24 02:34 - 2017-03-18 18:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-02-24 01:31 - 2017-06-13 01:23 - 000000436 _____ C:\Users\dalila\Desktop\Este equipo.lnk
2019-02-24 00:16 - 2018-11-19 18:37 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-23 19:10 - 2017-06-13 11:35 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-20 17:39 - 2017-09-29 20:57 - 000000000 ____D C:\Program Files (x86)\ActiveSMART 2.98
2019-02-20 17:38 - 2018-06-09 21:38 - 000000000 ____D C:\ProgramData\GlarySoft
2019-02-20 17:38 - 2018-03-12 21:54 - 000000000 ____D C:\Program Files\Malwarebytes
2019-02-20 17:38 - 2017-09-29 20:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-02-20 17:38 - 2017-09-29 20:34 - 000000000 ____D C:\Users\dalila\AppData\Roaming\GlarySoft
2019-02-20 16:31 - 2017-09-29 20:57 - 000000000 ___HD C:\ProgramData\ActiveSMART
2019-02-19 21:54 - 2017-09-29 20:55 - 000000045 _____ C:\Windows\SysWOW64\initdebug.nfo
2019-02-19 21:10 - 2018-12-15 11:03 - 000000000 ____D C:\Users\dalila\Desktop\Nueva carpeta (2)
2019-02-19 19:20 - 2018-03-18 17:03 - 000000000 ____D C:\Users\dalila\AppData\Local\MSfree Inc
2019-02-19 19:06 - 2017-03-18 18:03 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-02-16 22:35 - 2019-01-12 00:27 - 000000000 _____ C:\Windows\system32\last.dump
2019-02-15 18:39 - 2017-10-04 00:17 - 000000000 ____D C:\Users\dalila\AppData\Roaming\DAEMON Tools Lite
2019-02-14 20:15 - 2018-08-12 22:28 - 000000000 ____D C:\Users\dalila\AppData\Local\UnrealEngine
2019-02-14 19:14 - 2017-06-13 01:11 - 000000000 ____D C:\Windows\system32\MRT
2019-02-14 19:12 - 2017-06-13 01:11 - 129330784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-02-14 18:27 - 2017-06-13 11:37 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-02-10 07:57 - 2017-07-27 00:10 - 000003380 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4230046787-4224212327-3222585596-1001
2019-02-10 07:57 - 2017-06-27 17:03 - 000002404 _____ C:\Users\dalila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-10 07:57 - 2017-06-13 00:19 - 000000000 ___RD C:\Users\dalila\OneDrive
2019-02-06 16:01 - 2017-06-15 01:33 - 000000000 ____D C:\Program Files\CCleaner
2019-02-05 17:15 - 2018-11-19 18:37 - 000003484 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-02-05 17:15 - 2018-11-19 18:37 - 000003260 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-02-05 17:15 - 2018-09-28 07:14 - 000003398 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-05 17:15 - 2018-09-28 07:14 - 000003196 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-05 17:15 - 2018-09-28 07:14 - 000003152 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-05 17:15 - 2018-09-28 07:14 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-05 17:15 - 2018-09-28 07:14 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-05 17:15 - 2018-09-28 07:14 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-05 17:15 - 2018-09-28 07:14 - 000002914 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-05 17:15 - 2018-04-06 17:20 - 000002590 _____ C:\Windows\System32\Tasks\CreateExplorerShellUnelevatedTask
2019-02-05 17:15 - 2017-06-15 01:33 - 000002220 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-02-05 17:15 - 2017-06-13 23:02 - 000002984 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-05 17:15 - 2017-06-13 23:02 - 000002956 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-05 17:15 - 2017-06-13 23:02 - 000002838 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-05 17:15 - 2017-06-13 23:02 - 000002744 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-05 17:15 - 2017-06-13 01:44 - 000003118 _____ C:\Windows\System32\Tasks\Intel PTT EK Recertification

==================== Files in the root of some directories =======

2018-07-04 01:59 - 2018-07-04 01:59 - 000000094 _____ () C:\Users\dalila\AppData\Local\fusioncache.dat

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-03-01 17:16

==================== End of FRST.txt ============================

addition


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019 01
Ran by dalila (03-03-2019 16:03:54)
Running from C:\Users\dalila\Desktop
Windows 10 Home Version 1703 15063.1387 (X64) (2017-06-13 03:13:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-4230046787-4224212327-3222585596-500 - Administrator - Disabled)
ASPNET (S-1-5-21-4230046787-4224212327-3222585596-1002 - Limited - Enabled)
dalila (S-1-5-21-4230046787-4224212327-3222585596-1001 - Administrator - Enabled) => C:\Users\dalila
DefaultAccount (S-1-5-21-4230046787-4224212327-3222585596-503 - Limited - Disabled)
Invitado (S-1-5-21-4230046787-4224212327-3222585596-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Actualización de NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Aplicaciones destacadas de Autodesk (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
App Manager de Autodesk (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.3.7.0 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.3.7.0 - ASUSTek COMPUTER INC.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.031 - ASUSTek Computer Inc.)
AutoCAD 2011 - Español (HKLM\...\{5783F2D7-9001-040A-0102-0060B0CE6BBA}) (Version: 18.1.116.0 - Autodesk) Hidden
AutoCAD 2011 - Español (HKLM\...\AutoCAD 2011 - Español) (Version: 18.1.49.0 - Autodesk)
AutoCAD 2011 - Español Version 2.1 (HKLM\...\AutoCAD 2011 - Español Version 2.1) (Version: 1 - Autodesk)
AutoCAD 2011 Language Pack - Español (HKLM\...\{5783F2D7-9001-040A-1102-0060B0CE6BBA}) (Version: 18.1.49.0 - Autodesk) Hidden
AutoCAD 2015 - Español (Spanish) (HKLM\...\{5783F2D7-E001-0000-0102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 - Español (Spanish) (HKLM\...\{5783F2D7-E001-040A-2102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015  Language Pack - Español (Spanish) (HKLM\...\{5783F2D7-E001-040A-1102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{556966D9-F7F6-421B-9707-D07901604DDF}) (Version: 5.2.3.1000 - Autodesk)
Autodesk AutoCAD 2015 - Español (Spanish) (HKLM\...\AutoCAD 2015 - Español (Spanish)) (Version: 20.0.51.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk BIM 360 Revit 2015 Add-in 64 bit (HKLM\...\{37E1C3A1-7DBF-4250-9314-46167B68383D}) (Version: 3.32.3357 - Autodesk)
Autodesk Collaboration for Revit 2018 (HKLM\...\{AA384BE4-1800-0010-0000-97E7D7D00B17}) (Version: 18.0.0.420 - Autodesk) Hidden
Autodesk Collaboration for Revit 2018 (HKLM\...\Autodesk Collaboration for Revit 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Content Service (HKLM-x32\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Design Review 2011 (HKLM-x32\...\{8D20B4D7-3422-4099-9332-39F27E617A6F}) (Version: 11.0.0.86 - Autodesk, Inc.) Hidden
Autodesk Design Review 2011 (HKLM-x32\...\Autodesk Design Review 2011) (Version: 11.0.0.86 - Autodesk, Inc.)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.6.272 - Autodesk)
Autodesk Material Library 2011 (HKLM-x32\...\{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Base Image library (HKLM-x32\...\{CD1E078C-A6B9-47DA-B035-6365C85C7832}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Medium Image library (HKLM-x32\...\{975951E7-14D0-49AF-A630-89680D12D7F6}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2015 (HKLM-x32\...\{4FBC9635-AC56-4378-8FDE-C4D3ED072681}) (Version: 5.2.8.100 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2018 (HKLM-x32\...\{1B0F011A-66B4-4865-98B7-0FE132841035}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.8.100 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2018 (HKLM-x32\...\{6EC5DA32-D02D-47D4-A3C4-988C1BC1A5FE}) (Version: 16.11.1.0 - Autodesk)
Autodesk ReCap (HKLM\...\{31ABA3F2-0000-1033-0102-111D43815377}) (Version: 1.3.1.39 - Autodesk) Hidden
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.1.39 - Autodesk)
Autodesk Revit 2015 - Español (Spanish) (HKLM\...\Autodesk Revit 2015 - Español (Spanish)) (Version: 15.0.207.0 - Autodesk)
Autodesk Revit 2018 (HKLM\...\Autodesk Revit 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Revit Content Libraries 2015 - Español (Spanish) (HKLM\...\Autodesk Revit Content Libraries 2015 - Español (Spanish)) (Version: 15.0.207.0 - Autodesk)
Autodesk Revit Content Libraries 2018 (HKLM\...\Autodesk Revit Content Libraries 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Revit MEP Imperial Content (HKLM\...\{7A218E72-B73A-44AF-B4CA-D97EEEAACEFF}) (Version: 2.1 - Autodesk)
Autodesk Revit MEP Metric Content (HKLM\...\{14301A33-A4A1-41B8-A3BF-237AEC8561BB}) (Version: 2.1 - Autodesk)
Autodesk Revit Model Review 2018 (HKLM\...\{715812E8-1800-0010-0000-BBB894911B46}) (Version: 18.0.0.420 - Autodesk) Hidden
Autodesk Revit Model Review 2018 (HKLM\...\Autodesk Revit Model Review 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Workflows 2015 (HKLM\...\{A90DD6F8-60D2-4803-AFF6-796400E73E1B}) (Version: 5.2.14.100 - Autodesk, Inc.)
Autodesk Workflows 2018 (HKLM\...\{28B17270-375A-4844-9D34-754A457E17BF}) (Version: 16.11.1.0 - Autodesk, Inc.)
Batch Print for Autodesk Revit 2018 (HKLM\...\{82AF00E4-1800-0010-0000-FCE0F87063F9}) (Version: 18.0.0.420 - Autodesk) Hidden
Batch Print for Autodesk Revit 2018 (HKLM\...\Batch Print for Autodesk Revit 2018) (Version: 18.0.0.420 - Autodesk)
Call of Duty(R) 2 (HKLM-x32\...\{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.94 - NVIDIA Corporation) Hidden
DRAGON BALL XENOVERSE 2 (HKLM-x32\...\DRAGON BALL XENOVERSE 2_is1) (Version:  - )
Dying Light Ultimate Edition MULTi9 - ElAmigos versión 1.15.0 (HKLM-x32\...\{081AEA41-828F-4775-8670-D83382BBD30F}_is1) (Version: 1.15.0 - Techland)
Dynamo Revit 1.2.2 (HKLM\...\{0FF47E28-76A5-44BA-8EEF-58824252F528}) (Version: 1.2.2.373 - Dynamo)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
eTransmit for Autodesk Revit 2018 (HKLM\...\{4477F08B-1800-0010-0000-9A09D834DFF5}) (Version: 18.0.0.420 - Autodesk) Hidden
eTransmit for Autodesk Revit 2018 (HKLM\...\eTransmit for Autodesk Revit 2018) (Version: 18.0.0.420 - Autodesk)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FARO LS 1.1.600.6 (64bit) (HKLM-x32\...\{510A08AF-1649-4844-94E5-EAC43A023685}) (Version: 6.0.6.5 - FARO Scanner Production)
FormIt Converter For Revit 2018 (HKLM\...\{9FFF4CAD-41A6-44D2-9467-A16AC4B6DC2A}) (Version: 1.9.3.0 - Autodesk)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Hellblade Senuas Sacrifice MULTi20 - ElAmigos versión 1.03 (HKLM-x32\...\{2B882A88-DC28-46C3-A736-17F08FC262F9}_is1) (Version: 1.03 - Ninja Theory)
Importación de SketchUp (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Network Connections 21.1.27.0 (HKLM\...\PROSetDX) (Version: 21.1.27.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
IronPython 2.7.3 (HKLM-x32\...\{1EBADAEA-1A0F-40E3-848C-0DD8C5E5A10D}) (Version: 2.7.31000.0 - IronPython Team)
Jump Force Ultimate Edition MULTi14 - ElAmigos versión 1.0 (HKLM-x32\...\{E7BE40FB-7006-42A9-ADCF-7F57D754B9F0}_is1) (Version: 1.0 - Bandai Namco Entertainment)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lumion 8.0 (HKLM\...\Lumion 8.0_is1) (Version: 8.0 - Act-3D B.V.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{52EBC484-44A1-4DC5-824A-0A503735ABD8}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
MPC-HC 1.7.10 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.10 - MPC-HC Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA Controlador de 3D Vision 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 416.94 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.94 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Panel de control de NVIDIA 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.94 - NVIDIA Corporation) Hidden
Paquete de idioma de Revit 2015 - Español (Spanish) (HKLM\...\{7346B4A0-1500-0511-040A-705C0D862004}) (Version: 15.0.207.0 - Autodesk) Hidden
Personal Accelerator for Revit (HKLM\...\{7C317DB0-F399-4024-A289-92CF4B6FB256}) (Version: 16.0.1205.0 - Autodesk) Hidden
Personal Accelerator for Revit (HKLM\...\Personal Accelerator for Revit) (Version: 16.0.1205.0 - Autodesk)
Prototype(TM) (HKLM-x32\...\{9322A850-9091-4D0E-B252-3E82EDA3D94A}) (Version: 1.0 - Activision) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7940 - Realtek Semiconductor Corp.)
Revit 2015 - Español (Spanish) (HKLM\...\{7346B4A0-1500-0510-0000-705C0D862004}) (Version: 15.0.207.0 - Autodesk) Hidden
Revit 2018 (HKLM\...\{7346B4A0-1800-0510-0000-705C0D862004}) (Version: 18.0.0.420 - Autodesk) Hidden
Revit Content Libraries 2015 - Español (Spanish) (HKLM\...\{941030D0-1500-0410-0000-818BB38A95FC}) (Version: 15.0.207.0 - Autodesk) Hidden
Revit Content Libraries 2018 (HKLM\...\{941030D0-1800-0410-0000-818BB38A95FC}) (Version: 18.0.0.420 - Autodesk) Hidden
Shadow of the Tomb Raider Croft Edition MULTi12 - ElAmigos versión 1.0.237.6 (HKLM-x32\...\{5749598C-C7FE-4BCB-BF30-CC8996E73C76}_is1) (Version: 1.0.237.6 - Square Enix)
SketchUp 2015 (HKLM\...\{7C62B699-5E17-48F4-BF4E-9250FFCE5E72}) (Version: 15.3.331 - Trimble Navigation Limited)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{13668B9F-F140-4BAB-AB06-08E0D43564F4}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{EC4F72E8-52FE-454E-B70F-DBE5C0FA44C5}) (Version: 1.20.0.0 - Microsoft Corporation) Hidden
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WarCraft III versión 1.26a (HKLM-x32\...\WarCraft III_is1) (Version: 1.26a - Blizzard Entertainment)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Worksharing Monitor for Autodesk Revit 2018 (HKLM\...\{5063E738-1800-0010-0000-7B7B9AB0B696}) (Version: 18.0.0.420 - Autodesk) Hidden
Worksharing Monitor for Autodesk Revit 2018 (HKLM\...\Worksharing Monitor for Autodesk Revit 2018) (Version: 18.0.0.420 - Autodesk)
XSplit Gamecaster (HKLM-x32\...\{8915913F-E4AF-46C5-B4EF-3535D83BFFDE}) (Version: 2.5.1507.3018 - SplitmediaLabs)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> E:\autocad 2015\AutoCAD 2015\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> E:\autocad 2015\AutoCAD 2015\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> E:\autocad 2011\autocad\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> E:\autocad 2011\autocad\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> E:\autocad 2011\autocad\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> E:\autocad 2011\autocad\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Identificador de icono superpuesto para firmas digitales de AutoCAD] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2014-02-07] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1-x32: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files (x86)\Common Files\Autodesk Shared\DWF Common\DWFShellExtension.dll [2010-01-11] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\igfxDTCM.dll [2018-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-11-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09DA6A8F-F243-471E-BA23-ABE33EBC74C5} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {10E8493A-D84F-4781-B84F-0D310E1E5258} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {11654289-0C05-4668-A2F1-A4C5EFEB8CF7} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistant => C:\Windows\UpdateAssistant\UpdateAssistant.exe
Task: {1F280736-D9CC-4710-A490-558559E5DAE8} - System32\Tasks\S-1-5-21-4230046787-4224212327-3222585596-1001\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe (Microsoft Windows -> Microsoft Corporation)
Task: {214FA2BF-4E8E-4A53-BFBB-2840323D6309} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {2A997591-D4F2-4535-A0F7-4557B095CA32} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2ABB88EE-339C-4061-B51A-1C95FE9EF434} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe (ASUSTeK Computer Inc. -> ) [File not signed]
Task: {2D18D859-CCBC-4359-B22B-32D9658367C9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {33CCC1F2-84B5-4140-A08C-8F358DD2C3D4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {36917C68-1DC7-4919-966D-10B1112234FA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {396F8FDE-A7D9-4EAB-871A-18CF997E336C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\Windows\UpdateAssistant\UpdateAssistant.exe
Task: {46312FFE-293A-40CB-B919-6407AC7893B6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {499577AB-FDB4-4545-9980-92897E0947BA} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4A7D27EB-3003-4468-88D1-83846B886D40} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {5BD71536-A3FE-4963-B9AE-59DF35AC8FFA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {644AAE09-3796-4E5A-A582-CD9E54D6E596} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe
Task: {71E21C04-8573-4A91-8DDA-DC3DDF06F957} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7E132284-231A-4B8F-9D7F-205791B4F935} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {894A0C1A-FA05-4CEE-9ACF-916A7B23863D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {9A797DF6-88B7-4BCA-8173-034A7F6FC68A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe
Task: {A6AAECBB-EF97-421A-843F-700E0C05E314} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A7DF9CC8-3458-4475-8014-ED5A6888C1C9} - System32\Tasks\Microsoft\Windows\rempl\shell-maintenance => C:\Program Files\rempl\remsh.exe
Task: {A8C57FDF-B490-4002-B45C-3B442C3EF13A} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe
Task: {BC4B6BDC-DFD0-43F8-9C0E-4E01226946C0} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E0A0E6B0-1370-4D2A-A1B1-92A9D574FDDD} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe
Task: {E12E2BFF-7A71-4E34-9914-C5C827324463} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)
Task: {E5AF1A45-2091-4357-9621-A05A8517F0B5} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {E950C347-BEF0-4382-BDB1-E7CA6BB247E4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {EAB2D582-2B4E-472F-9159-3F230E8B82B1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ECF4DEDC-542B-4C3A-B72B-129379C2D881} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe (Microsoft Windows -> Microsoft Corporation)
Task: {EF8F39D8-5BE4-40B6-B8D6-6FEAA961D91C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============


==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\1-2005-search.com -> www.1-2005-search.com

There are 12682 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 18:03 - 2019-03-03 15:58 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKCU\Environment\\Path: %USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dalila\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 100.72.3.97 - 100.72.3.117
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdAppMgrSvc => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Autodesk Content Service => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: cplspcon => 3
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: FlexNet Licensing Service 64 => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 3
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: igfxCUIService2.0.0.0 => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) PROSet Monitoring Service => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvTelemetryContainer => 2
HKLM\...\StartupApproved\Run: => "RTHDVCPL"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C91D8026-F96D-4D26-B98C-2C7DEEA71F31}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BE9C16BD-8580-40D6-9CB9-2C2200B1FAEE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EB8B459D-A6D8-43E5-96D7-AF4E52DC03AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E743E5E7-CF64-49C3-A44C-067ED4B0ED86}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{74240F3C-7635-4B58-BAD4-8E9894E4E71F}] => (Allow) LPort=59200
FirewallRules: [{5FD03B9B-C821-4A2C-9779-C7D59D87DA45}] => (Allow) LPort=5000
FirewallRules: [{A9734053-E0C4-4FD6-AD4D-14AD11BF791E}] => (Allow) LPort=50248
FirewallRules: [{A668D845-E010-4F04-BD6A-461CEFABA7DB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{DB50ADA3-BAEB-45CD-A2FB-063D6ED22AC9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{42F1872A-280A-44B1-8E1A-6AD880F9F534}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{5C7DF577-6EB5-4940-923E-B541C373B2AB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{A921E671-6A8E-4F44-91C0-3E01996CCDBE}E:\dying light\dying light\dyinglightgame.exe] => (Allow) E:\dying light\dying light\dyinglightgame.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [UDP Query User{1B56A3A9-9D5D-4FDF-BAE6-967D2B0FA43C}E:\dying light\dying light\dyinglightgame.exe] => (Allow) E:\dying light\dying light\dyinglightgame.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [{A93224EC-38BB-429B-AC0F-70FCBAB55B1B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{83D65765-E7C0-4619-8AF6-A617E608B537}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4F5515B9-EECB-4D81-BBEE-F5E5335748AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BC39CB83-826F-433C-8507-AFA3585DA9C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4DCA5856-20D5-40D5-BD67-9744A270DE78}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AD405369-55FB-4DDD-9C25-4C0D51452958}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{BD9DD5D5-B6BF-4F4C-8CB3-8AF54014593E}D:\jump force\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe] => (Allow) D:\jump force\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [UDP Query User{C3EA6AF5-EB7F-4A36-82C9-047831ACC0DB}D:\jump force\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe] => (Allow) D:\jump force\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [{D2C89B81-F9D1-41D0-93DD-4E1E3791E9BF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)
FirewallRules: [{06E98C78-D787-4993-ABC0-2EADB733B5A0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)
FirewallRules: [{E448BF5D-58B0-407A-9FFF-732FC24B519F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

28-02-2019 17:14:50 Windows Update
03-03-2019 13:40:40 Copias de seguridad de Windows

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/03/2019 02:58:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddWin32ServiceFiles: Unable to back up image of service AvastWscReporter since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.
.

Error: (03/03/2019 01:40:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddWin32ServiceFiles: Unable to back up image of service AvastWscReporter since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.
.

Error: (03/03/2019 01:40:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddWin32ServiceFiles: Unable to back up image of service AvastWscReporter since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.
.

Error: (03/03/2019 01:40:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddWin32ServiceFiles: Unable to back up image of service AvastWscReporter since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.
.

Error: (03/03/2019 01:39:51 PM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (9156) Al intentar abrir el archivo "C:\Users\dalila\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" para acceso de sólo lectura se produjo el error de sistema 32 (0x00000020): "El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8).

Error: (03/03/2019 01:30:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddWin32ServiceFiles: Unable to back up image of service AvastWscReporter since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.
.

Error: (03/03/2019 01:19:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddWin32ServiceFiles: Unable to back up image of service AvastWscReporter since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.
.

Error: (03/03/2019 12:55:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddWin32ServiceFiles: Unable to back up image of service AvastWscReporter since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.
.


System errors:
=============
Error: (03/03/2019 03:59:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio HvHost se cerró con el siguiente error: 
Uno de los dispositivos conectados al sistema no funciona.

Error: (03/03/2019 03:58:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Windows Search no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio debido a un error en el inicio de sesión.

Error: (03/03/2019 03:58:50 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: El servicio WSearch no se pudo iniciarse como NT AUTHORITY\SYSTEM con la contraseña configurada actualmente debido al siguiente error: 
Solicitud no compatible.


Para asegurarse de que el servicio esté correctamente configurado, use el complemento Servicios en Microsoft Management Console (MMC).

Error: (03/03/2019 03:58:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Remediation Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

Error: (03/03/2019 03:58:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Search terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (03/03/2019 03:58:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio SQL Server VSS Writer se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (03/03/2019 03:58:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio PnkBstrA se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (03/03/2019 03:54:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media se cerró con el siguiente error: 
Se intentó hacer referencia a un token que no existe.


Windows Defender:
===================================
Date: 2019-03-03 03:55:22.606
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {D9698348-B64A-4060-AE5B-CDCDB206EAFE}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-03-03 01:06:00.947
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_E:\Desktop\Documents\diego el mejor\programas utiles\activador win 10\KMSAuto Net 2015 v1.3.7\KMSAuto Net.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.287.354.0, AS: 1.287.354.0, NIS: 1.287.354.0
Versión de motor: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-19 19:02:30.751
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_E:\Desktop\Documents\diego el mejor\programas utiles\activador win 10\KMSAuto Net 2015 v1.3.7\KMSAuto Net.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-OE0ML4N\dalila
Nombre de proceso: C:\Windows\explorer.exe
Versión de firma: AV: 1.287.354.0, AS: 1.287.354.0, NIS: 1.287.354.0
Versión de motor: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-19 19:02:25.865
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_E:\Desktop\Documents\diego el mejor\programas utiles\activador win 10\KMSAuto Net 2015 v1.3.7\KMSAuto Net.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-OE0ML4N\dalila
Nombre de proceso: C:\Program Files\WinRAR\WinRAR.exe
Versión de firma: AV: 1.287.354.0, AS: 1.287.354.0, NIS: 1.287.354.0
Versión de motor: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-19 18:51:09.230
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_E:\Desktop\Documents\diego el mejor\programas utiles\office 2016 + activador\ac2016\KMSTEST5+\KMSAuto.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.287.189.0, AS: 1.287.189.0, NIS: 1.287.189.0
Versión de motor: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-15 16:19:29.145
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 
Origen de actualización: Usuario
Tipo de firma: 
Tipo de actualización: 
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 
Código de error: 0x80070652
Descripción del error: Existe otra instalación en curso. Complete dicha instalación antes de continuar con ésta. 

Date: 2019-02-05 12:17:20.705
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.283.2845.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-02-05 12:17:20.705
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.283.2845.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-02-05 12:17:20.704
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.283.2845.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-02-05 12:17:20.700
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.283.2845.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

CodeIntegrity:
===================================

Date: 2019-02-15 17:56:39.742
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-10 15:15:30.454
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-06 22:02:59.870
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-01-13 01:04:03.428
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\icarus\appdata\Bin64\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

Date: 2019-01-11 16:34:08.132
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\icarus\appdata\Bin64\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

Date: 2019-01-11 16:19:07.153
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\icarus\appdata\Bin64\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

Date: 2019-01-11 16:12:50.805
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\icarus\appdata\Bin64\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

Date: 2019-01-08 22:07:05.187
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\icarus\appdata\Bin64\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-7600 CPU @ 3.50GHz
Percentage of memory in use: 28%
Total physical RAM: 8139.76 MB
Available physical RAM: 5816.25 MB
Total Virtual: 11851.76 MB
Available Virtual: 8918.4 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:488.06 GB) (Free:377.15 GB) NTFS
Drive d: () (Fixed) (Total:465.75 GB) (Free:35.9 GB) NTFS
Drive e: (Datos) (Fixed) (Total:443.23 GB) (Free:142.49 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 733FD22C)

Partition: GPT.

==================== End of Addition.txt ============================

este es fix…no lo pude ejecutar en modo seguro…cuando lo intentaba abrir no pasaba nada…asi q lo hice en normal…

Fix result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019 01
Ran by dalila (03-03-2019 15:58:20) Run:1
Running from C:\Users\dalila\Desktop
Loaded Profiles: dalila (Available Profiles: dalila)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
C:\Users\dalila\Desktop"
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\Policies\Explorer: [] 
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-03-02]
CHR Extension: (Avast Online Security) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-03-02]
CHR HKLM-x32\...\Chrome\Extension: [clgckgfbhciacomhlchmgdnplmdiadbj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
U1 aswbdisk; no ImagePath
2019-02-19 19:06 - 2019-03-02 23:33 - 000004264 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-03-03 01:03 - 2018-03-21 17:53 - 000000000 ____D C:\Users\dalila\AppData\Local\AVAST Software
2019-03-03 01:03 - 2017-06-13 03:09 - 000000000 ____D C:\ProgramData\AVAST Software
2019-02-05 17:15 - 2017-10-16 22:56 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
Task: {3BE52E0E-C11D-4007-B936-6FC84D6C2DB9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Task: {CD98B13C-9847-4ED9-9E46-9865CA1E66BD} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
lternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\Software\Classes\.scr: scrfile =>  <==== ATTENTION
FirewallRules: [{7938B7B5-E360-4AD2-99C1-4A3586F40FE1}] => (Block) %ProgramFiles%\Lumion 8.0\Lumion.exe No File
FirewallRules: [{7376F00D-E902-4947-9EF5-4CE9E80C8D5A}] => (Block) %ProgramFiles%\Lumion 8.0\Lumion.exe No File

RemoveProxy:
EmptyTemp:
Hosts:
end
*****************

Processes closed successfully.
"C:\Users\dalila\Desktop" => Warning: FRST is scripted not to move this directory.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-03-02] => Error: No automatic fix found for this entry.
CHR Extension: (Avast Online Security) - C:\Users\dalila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-03-02] => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\clgckgfbhciacomhlchmgdnplmdiadbj => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully
aswbdisk => service removed successfully
C:\Windows\System32\Tasks\Avast Emergency Update => moved successfully
C:\Users\dalila\AppData\Local\AVAST Software => moved successfully
C:\ProgramData\AVAST Software => moved successfully
C:\Windows\System32\Tasks\AVAST Software => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Glary Utilities => removed successfully
HKLM\Software\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7} => not found
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\Glary Utilities => removed successfully
HKLM\Software\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Glary Utilities => removed successfully
HKLM\Software\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{3BE52E0E-C11D-4007-B936-6FC84D6C2DB9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BE52E0E-C11D-4007-B936-6FC84D6C2DB9}" => removed successfully
"C:\Windows\System32\Tasks\Avast Software\Overseer" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{CD98B13C-9847-4ED9-9E46-9865CA1E66BD}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD98B13C-9847-4ED9-9E46-9865CA1E66BD}" => removed successfully
"C:\Windows\System32\Tasks\Avast Emergency Update" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Emergency Update" => removed successfully
lternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0] => Error: No automatic fix found for this entry.
HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\Software\Classes\.scr => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7938B7B5-E360-4AD2-99C1-4A3586F40FE1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7376F00D-E902-4947-9EF5-4CE9E80C8D5A}" => removed successfully

========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 26360560 B
Java, Flash, Steam htmlcache => 346342771 B
Windows/system/drivers => 34967531 B
Edge => 9728 B
Chrome => 49055634 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 1658 B
NetworkService => 169561007 B
dalila => 8916763 B

RecycleBin => 6908684 B
EmptyTemp: => 619.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:58:40 ====

Hola @blackvisor:

Bueno por suerte todo esta en orden…:+1:

Tanto insistirte con la ubicación desde donde debías ejecutar FRST que se me escapo en el script :confounded:

C:\Users\dalila\Desktop" >>> “C:\Users\dalila\Desktop” => Warning: FRST is scripted not to move this directory.

Advertencia: FRST está programado para no mover este directorio.

Por el resto todo eliminado en orden.

Ahora aun estas sin antivirus.

Intenta actualizar nuevamente, descarga nuevamente la herramienta por si la anterior pudiera estar corrupta, presiona en “Descargar ahora la herramienta” y sigue los pasos.

Cualquier error tomas una imagen y la pegas en tu próxima respuesta.

https://www.microsoft.com/es-es/software-download/windows10

Salu2

buenas! despues de la pantalla violeta cuando se estaba actualizando me tiro esto

y despues esto…

gracias!

Hola:

Descarga la siguiente herramienta, la ejecutas, y tomas imagen del resultado que te de especialmente si te marca un error.

http://go.microsoft.com/?linkid=9830262

Salu2.

buenas! me tiro esto…

Hola:

Pincha en ver información detallada.

Nos comentas.

Salu2.

buenas! aca los detalles!

Hola @blackvisor

En la segunda imagen se ven problemas con unos de los servicios principales (BITS), problemas de red y obviamente Windows Update.

El Solucionador de problemas te habilita siguiente, terminaste todos los pasos?

Salu2.