Notebook muy lenta

elciclon · 6 Septiembre, 2019 23:40

Hola, cómo están?

Quisiera pedir ayuda debido a que mi pc, que casi no tiene uso, anda exasperantemente lenta para casi cualquier tarea, lo cual ocurrió de un día para otro.

Las especificaciones son las siguientes:

Operating System: Windows 10 Home Single Language 64-bit (10.0, Build 17134) (17134.rs4_release.180410-1804)
                 Language: Spanish (Regional Setting: Spanish)
      System Manufacturer: ASUSTeK COMPUTER INC.
             System Model: X453MA
                     BIOS: X453MA.210 (type: UEFI)
                Processor: Intel(R) Celeron(R) CPU  N2940  @ 1.83GHz (4 CPUs), ~1.8GHz
                   Memory: 4096MB RAM
      Available OS Memory: 3982MB RAM
                Page File: 3911MB used, 1926MB available
              Windows Dir: C:\WINDOWS
          DirectX Version: DirectX 12
      DX Setup Parameters: Not found
         User DPI Setting: 96 DPI (100 percent)
       System DPI Setting: 96 DPI (100 percent)
          DWM DPI Scaling: Disabled
                 Miracast: Available, with HDCP
Microsoft Graphics Hybrid: Not Supported
           DxDiag Version: 10.00.17134.0001 64bit Unicode
HDD SATA 1TB 5400RPM

Gracias!

JavierHF · 7 Septiembre, 2019 17:26

Hola @elciclon y Bienvenido al Foro.

Esa maquina venia originalmente con W10…??

Hiciste alguna verificación para comprobar que NO esté infectada…??

elciclon · 9 Septiembre, 2019 23:58

Hola, gracias por la respuesta!

Venía originalmente con otra versión de Windows (8.1 creo) y sugería actualización constantemente y aceptamos.

Estuvo un tiempo sin antivirus, luego bajé el Avast Free y la escaneé pero no encontró nada

JavierHF · 10 Septiembre, 2019 07:55

Perfecto… y ahora para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado.

Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar ) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :

CCleaner + Manual.
Malwarebytes’ Anti-Malware + Manual. revisa en detalle el manual, para que sepas usarlo y configurarlo correctamente.
AdwCleaner + Manual.
Junkware Removal Tool.
Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1] ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]

Ejecutas las herramientas de una en una y en el orden indicado :

CCleaner.-

Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.
Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.
Realiza un Análisis Completo.
Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.
En el apartado del manual Historial encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.

AdwCleaner.-

Ejecuta Adwcleaner.exe.
Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.
El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

Ejecuta JRT.exe.
Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.
Si en algún momento te pide Reiniciar hazlo.
Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

Ejecuta FRST.exe.
En el mensaje de la ventana del Disclaimer, pulsamos Yes
En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Poner los informes en tu próxima respuesta de :

Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado.

Saludos.

elciclon · 11 Septiembre, 2019 02:21

Muchas gracias por la ayuda!


**Malwarebytes**

www.malwarebytes.com

-Detalles del registro-

Fecha del análisis: 10/9/19

Hora del análisis: 21:56

Archivo de registro: fe4d7690-d42e-11e9-84d7-382c4ae6802b.json

-Información del software-

Versión: 3.8.3.2965

Versión de los componentes: 1.0.625

Versión del paquete de actualización: 1.0.12399

Licencia: Gratis

-Información del sistema-

SO: Windows 10 (Build 17134.950)

CPU: x64

Sistema de archivos: NTFS

Usuario: usuario\Fiore

-Resumen del análisis-

Tipo de análisis: Análisis de amenazas

Análisis iniciado por:: Manual

Resultado: Completado

Objetos analizados: 318201

Amenazas detectadas: 0

Amenazas en cuarentena: 0

Tiempo transcurrido: 7 min, 16 seg

-Opciones de análisis-

Memoria: Activado

Inicio: Activado

Sistema de archivos: Activado

Archivo: Activado

Rootkits: Desactivado

Heurística: Activado

PUP: Detectar

PUM: Detectar

-Detalles del análisis-

Proceso: 0

(No hay elementos maliciosos detectados)

Módulo: 0

(No hay elementos maliciosos detectados)

Clave del registro: 0

(No hay elementos maliciosos detectados)

Valor del registro: 0

(No hay elementos maliciosos detectados)

Datos del registro: 0

(No hay elementos maliciosos detectados)

Secuencia de datos: 0

(No hay elementos maliciosos detectados)

Carpeta: 0

(No hay elementos maliciosos detectados)

Archivo: 0

(No hay elementos maliciosos detectados)

Sector físico: 0

(No hay elementos maliciosos detectados)

WMI: 0

(No hay elementos maliciosos detectados)

(end)

elciclon · 11 Septiembre, 2019 02:22


# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build:    09-05-2019
# Database: 2019-08-27.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    09-10-2019
# Duration: 00:00:54
# OS:       Windows 10 Home Single Language
# Cleaned:  38
# Failed:   1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Not Deleted   Softonic ES

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.ASUSLiveUpdate   Folder   C:\Program Files (x86)\ASUS\ASUS LIVE UPDATE
Deleted       Preinstalled.ASUSLiveUpdate   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4DD97561-C382-4ECB-974A-FFEE5CC6CEEA}
Deleted       Preinstalled.ASUSLiveUpdate   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DD97561-C382-4ECB-974A-FFEE5CC6CEEA}
Deleted       Preinstalled.ASUSLiveUpdate   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9399DE9-C5F3-4DCC-A563-8DA874B8B0D5}
Deleted       Preinstalled.ASUSLiveUpdate   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Live Update1
Deleted       Preinstalled.ASUSLiveUpdate   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Checker
Deleted       Preinstalled.ASUSLiveUpdate   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
Deleted       Preinstalled.ASUSLiveUpdate   Task   C:\Windows\System32\Tasks\ASUS LIVE UPDATE1
Deleted       Preinstalled.ASUSLiveUpdate   Task   C:\Windows\System32\Tasks\UPDATE CHECKER
Deleted       Preinstalled.ASUSProductRegistration   Folder   C:\Program Files (x86)\ASUS\APRP
Deleted       Preinstalled.ASUSProductRegistration   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}
Deleted       Preinstalled.ASUSScreenSaver   Folder   C:\Program Files (x86)\ASUS\ASUS SCREEN SAVER
Deleted       Preinstalled.ASUSScreenSaver   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}
Deleted       Preinstalled.ASUSSmartGesture   Folder   C:\Program Files (x86)\ASUS\ASUS SMART GESTURE
Deleted       Preinstalled.ASUSSmartGesture   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17B53FD9-1E66-41D7-BB11-A27F8AA7BBD7}
Deleted       Preinstalled.ASUSSmartGesture   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Smart Gesture Launcher
Deleted       Preinstalled.ASUSSmartGesture   Registry   HKLM\Software\Classes\CLSID\{F31B5912-07D6-4895-B4BA-5486CF3B18B1}
Deleted       Preinstalled.ASUSSmartGesture   Task   C:\Windows\System32\Tasks\ASUS SMART GESTURE LAUNCHER
Deleted       Preinstalled.ASUSSplendid   Folder   C:\Program Files (x86)\ASUS\SPLENDID
Deleted       Preinstalled.ASUSSplendid   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C944D0A5-6977-4738-AA86-B24EC0256150}
Deleted       Preinstalled.ASUSSplendid   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Splendid ACMON
Deleted       Preinstalled.ASUSSplendid   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D}
Deleted       Preinstalled.ASUSSplendid   Task   C:\Windows\System32\Tasks\ASUS SPLENDID ACMON
Deleted       Preinstalled.ASUSWebStorage   Folder   C:\Program Files (x86)\ASUS\WEBSTORAGE
Deleted       Preinstalled.ASUSWebStorage   Folder   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\WEBSTORAGE
Deleted       Preinstalled.ASUSWebStorage   Registry   HKLM\Software\Classes\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7191}
Deleted       Preinstalled.ASUSWebStorage   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|WebStorage
Deleted       Preinstalled.ASUSWebStorage   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|WebStorage
Deleted       Preinstalled.ASUSWebStorage   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WebStorage
Deleted       Preinstalled.WildTangentGamesBundle   File   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - asus.lnk
Deleted       Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDTANGENT GAMES
Deleted       Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDTANGENT GAMES\APP
Deleted       Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted       Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted       Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
Deleted       Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus
Deleted       Preinstalled.WildTangentGamesBundle   Registry   HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted       Preinstalled.WildTangentGamesBundle   Registry   HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [29530 octets] - [10/09/2019 22:06:39]
AdwCleaner[S00].txt - [6200 octets] - [10/09/2019 22:08:45]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

elciclon · 11 Septiembre, 2019 02:22


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64 
Ran by Fiore (Administrator) on 10/09/2019 at 22:25:20,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 3 

Successfully deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tuneup utilities 2014.lnk (Shortcut) 
Successfully deleted: C:\Users\Public\Desktop\tuneup utilities 2014.lnk (Shortcut) 
Successfully deleted: C:\WINDOWS\system32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 (Task)



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10/09/2019 at 22:32:39,41
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

elciclon · 11 Septiembre, 2019 02:23


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-09-2019
Ran by Fiore (administrator) on USUARIO (ASUSTeK COMPUTER INC. X453MA) (10-09-2019 22:47:43)
Running from C:\Users\Fiore\Desktop
Loaded Profiles: Fiore (Available Profiles: server & Fiore)
Platform: Windows 10 Home Single Language Version 1803 17134.950 (X64) Language: Español (España, internacional)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVG Netherlands B.V. -> TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(AVG Netherlands B.V. -> TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google) C:\Users\Fiore\AppData\Local\Google\Chrome\User Data\SwReporter\44.218.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Fiore\AppData\Local\Google\Chrome\User Data\SwReporter\44.218.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Fiore\AppData\Local\Google\Chrome\User Data\SwReporter\44.218.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Fiore\AppData\Local\Google\Chrome\User Data\SwReporter\44.218.200\software_reporter_tool.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Users\Fiore\Desktop\JRT.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\browserhost.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-09-10] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1619199255-2488493992-1171246703-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46993264 2019-06-27] (Google LLC -> )
HKU\S-1-5-21-1619199255-2488493992-1171246703-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22714912 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)
HKLM\...\Drivers32: [VIDC.CFHD] => C:\WINDOWS\system32\CFHD.dll [1443328 2013-09-05] (CineForm Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\SysWOW64\CFHD.DLL [1474560 2013-09-05] (CineForm Inc.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-09-01] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-01-24] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-01-24] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk [2017-03-29]
ShortcutTarget: CineForm Status.lnk -> C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro) [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {005F60EC-F219-4823-A687-D1294B873E35} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {0317C6EF-0181-49CF-8665-86FB1017C775} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3942792 2019-09-10] (AVAST Software s.r.o. -> AVAST Software)
Task: {07FDAC41-F3F2-4CC6-AD17-E69E41558E31} - \WPD\SqmUpload_S-1-5-21-1619199255-2488493992-1171246703-1001 -> No File <==== ATTENTION
Task: {0DC54875-5BDA-4AE6-805F-637502CD2791} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-08-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {122C48DA-0AE5-411C-B78C-3AA79DAC7606} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) (Access Denied)
Task: {1C674327-D394-4B4C-9F86-0320197BE890} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86) [Argument = -check]
Task: {229F4F96-6BAC-447A-8614-F5ECE2D6A095} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {28717170-50EA-4405-AFBF-D3CC7869C62A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {28837F67-144E-4DF3-8949-E72FAC15262E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {2AD0A0F6-989B-41B6-B9DF-B26A11EADE30} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {3177D978-F100-453E-BF63-79C1831E1DAB} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19723888 2014-03-27] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {418BFC03-6B5E-427F-B613-4982FEAF5E83} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {49056525-4AF1-4119-A17D-9F251420A60F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {55FEFF50-6C8B-4909-A716-72A119728918} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {562D1D55-7FDD-4DFE-97B2-5C7F256CD5A0} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [33280 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
Task: {5B1F5893-53A8-4CEF-98D8-AEA8F3CC7DEE} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {5BC87285-E9A1-43AE-BF4F-8968267942AC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {6CB6E093-FE7B-4974-B655-F5866B58DA22} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) (Access Denied)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {72D58C87-393F-4D27-9F52-3C5CC23B04D7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7CDDC72A-475D-4C0D-80B2-E0D2BDD18A5A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7CE52D5D-37F2-44BC-AD9A-0794D7804F0A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantAllUsersRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) (Access Denied)
Task: {7D9A7343-63CB-445F-8AA3-0499EE592DBB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2045832 2019-08-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {87597CFC-DC3D-4DA6-9F01-4412DA7BF142} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8B9D17FB-21A3-48C6-B135-148E2C153B9F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {8C2D440E-7E87-4D60-B637-55C65C8E7552} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {962E791D-226E-460B-A57C-7105929B0740} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {96FFE429-04EB-412A-85EB-ECB9DE4460A8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {97BA8DC1-49DD-43AF-8FDB-3A32CDC5A724} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {9A116F94-4D7B-45FC-AD89-975CF8C1ACA8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9B2F22A4-6F7C-47FB-9DC5-73BFE7A0F834} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) (Access Denied)
Task: {ADFE68FE-A353-4283-96DF-4A5E407D1985} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {AE21A191-B0CE-4C4B-ADC9-CFFBF3692755} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16585328 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {B7717BD9-0125-41CB-A445-8D6342EC08C7} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {CB03B202-638B-4EBE-B482-C331CCF4D173} - \WPD\SqmUpload_S-1-5-21-1619199255-2488493992-1171246703-1002 -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D1EDE28A-6706-4841-AE67-AFCFE26F51F0} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => C:\WINDOWS\System32\GWX\GWXUXWorker.exe
Task: {DBC9264E-3D06-48D9-B66C-EDAA372161E2} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387736 2014-07-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {F2470924-A9D8-4958-9AB8-8F5DF89C35F9} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 200.49.130.44 200.42.4.199
Tcpip\..\Interfaces\{e2ef013f-acab-483b-b371-447d2ea65b35}: [DhcpNameServer] 200.49.130.44 200.42.4.199

Internet Explorer:
==================
HKU\S-1-5-21-1619199255-2488493992-1171246703-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-1619199255-2488493992-1171246703-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-08-22] (McAfee, LLC -> McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-08-22] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-08-22]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] (Foxit Corporation -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-17] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-17] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]

Chrome: 
=======
CHR Profile: C:\Users\Fiore\AppData\Local\Google\Chrome\User Data\Default [2019-09-10]
CHR Extension: (Presentaciones) - C:\Users\Fiore\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-22]
CHR Extension: (Documentos) - C:\Users\Fiore\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-22]
CHR Extension: (Google Drive) - C:\Users\Fiore\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\Fiore\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-04]
CHR Extension: (Búsqueda de Google) - C:\Users\Fiore\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Fiore\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-09-03]
CHR Extension: (Hojas de cálculo) - C:\Users\Fiore\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-22]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Fiore\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-08-27]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Fiore\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24]
CHR Extension: (AdBlock) - C:\Users\Fiore\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-09-03]
CHR Extension: (Avast Online Security) - C:\Users\Fiore\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-09-03]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Fiore\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-11-03]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Fiore\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-16]
CHR Extension: (Gmail) - C:\Users\Fiore\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Fiore\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-11]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
CHR HKU\S-1-5-21-1619199255-2488493992-1171246703-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5975136 2019-09-10] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [405072 2019-09-10] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-09-10] (AVAST Software s.r.o. -> AVAST Software)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [905472 2019-08-22] (McAfee, LLC -> McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc. -> McAfee, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2140984 2014-04-15] (AVG Netherlands B.V. -> TuneUp Software)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-04-24] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-04-24] (Microsoft Corporation -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-01-24] (Atheros) [File not signed]
S2 Asus WebStorage Windows Service; "C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe" [X]
S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-09-10] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [209552 2019-09-10] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [263008 2019-09-10] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [205848 2019-09-10] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61472 2019-09-10] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-05-12] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [282768 2019-09-10] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-09-10] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [169408 2019-09-10] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-09-10] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-09-10] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-09-10] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [478096 2019-09-10] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-09-10] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [387176 2019-09-10] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-11] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2013-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [19976 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [67584 2013-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. ->  )
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-09-10] (Malwarebytes Corporation -> Malwarebytes)
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [29464 2013-10-27] (Intel(R) Software -> Intel Corporation)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc. -> McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc. -> McAfee, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-03-26] (AVG Technologies CZ, s.r.o. -> TuneUp Software)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-04-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [344544 2019-04-24] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-04-24] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

elciclon · 11 Septiembre, 2019 02:24


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-09-10 22:43 - 2019-09-10 22:47 - 000034538 _____ C:\Users\Fiore\Desktop\Addition.txt
2019-09-10 22:37 - 2019-09-10 22:50 - 000028798 _____ C:\Users\Fiore\Desktop\FRST.txt
2019-09-10 22:36 - 2019-09-10 22:47 - 000000000 ____D C:\FRST
2019-09-10 22:32 - 2019-09-10 22:32 - 000000844 _____ C:\Users\Fiore\Desktop\JRT.txt
2019-09-10 22:15 - 2019-09-10 22:15 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-09-10 22:06 - 2019-09-10 22:11 - 000000000 ____D C:\AdwCleaner
2019-09-10 21:55 - 2019-09-10 21:55 - 000000000 ____D C:\Users\Fiore\AppData\Local\mbam
2019-09-10 21:54 - 2019-09-10 21:54 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-09-10 21:54 - 2019-09-10 21:54 - 000000000 ____D C:\Users\Fiore\AppData\Local\mbamtray
2019-09-10 21:54 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-09-10 21:53 - 2019-09-10 21:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-09-10 21:53 - 2019-09-10 21:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-09-10 21:53 - 2019-09-10 21:53 - 000000000 ____D C:\Program Files\Malwarebytes
2019-09-10 21:53 - 2019-08-27 05:50 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-09-10 21:52 - 2019-09-10 21:52 - 000098778 _____ C:\Users\Fiore\Desktop\cc_20190910_215151.reg
2019-09-10 21:43 - 2019-09-10 21:43 - 000002872 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-09-10 21:42 - 2019-09-10 21:43 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-09-10 21:42 - 2019-09-10 21:42 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-09-10 21:42 - 2019-09-10 21:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-09-10 21:42 - 2019-09-10 21:42 - 000000000 ____D C:\Program Files\CCleaner
2019-09-10 20:47 - 2019-09-10 20:47 - 001614848 _____ (Farbar) C:\Users\Fiore\Desktop\FRST64.exe
2019-09-10 20:45 - 2019-09-10 20:46 - 007636680 _____ (Malwarebytes) C:\Users\Fiore\Desktop\adwcleaner_7.4.1.exe
2019-09-10 20:45 - 2019-09-10 20:45 - 066427128 _____ (Malwarebytes ) C:\Users\Fiore\Desktop\mb3-setup-consumer-3.8.3.2965-1.0.625-1.0.12399.exe
2019-09-10 20:45 - 2019-09-10 20:45 - 001790024 _____ (Malwarebytes) C:\Users\Fiore\Desktop\JRT.exe
2019-09-10 20:44 - 2019-09-10 20:44 - 020889016 _____ (Piriform Software Ltd) C:\Users\Fiore\Desktop\ccsetup561.exe
2019-09-10 20:40 - 2019-09-10 20:40 - 001143099 _____ C:\Users\Fiore\Downloads\Sisema tributario argentino.pptx
2019-09-10 15:39 - 2019-09-10 15:39 - 000747365 _____ C:\Users\Fiore\Downloads\Clase presencial N° 2_ Sarcopenia - Rol de la Actividad física.pdf
2019-09-10 15:39 - 2019-09-10 15:39 - 000633516 _____ C:\Users\Fiore\Downloads\Clase presencia N° 2_ Sarcopenia.pdf
2019-09-10 15:03 - 2019-09-10 15:03 - 001683931 _____ C:\Users\Fiore\Downloads\Sarcopenia consenso europeo sobre su definición y diagnóstico.pdf
2019-09-10 15:03 - 2019-09-10 15:03 - 000918782 _____ C:\Users\Fiore\Downloads\Sarcopenia.pdf
2019-09-10 15:02 - 2019-09-10 15:01 - 000363912 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-09-10 15:02 - 2019-09-10 15:01 - 000236024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-09-10 15:02 - 2019-09-10 15:01 - 000169408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-09-10 15:01 - 2019-09-10 15:01 - 000102703 _____ C:\Users\Fiore\Downloads\EXAMEN FINAL (1).pdf
2019-09-06 12:47 - 2019-09-10 15:42 - 000000000 ____D C:\Users\Fiore\Desktop\Consultorio
2019-09-03 22:41 - 2019-09-03 22:41 - 000850070 _____ C:\Users\Fiore\Downloads\2018.06.06 Sistema fiscal (completo).pdf
2019-08-27 01:00 - 2019-08-27 01:00 - 000000000 _____ C:\Users\Fiore\Downloads\221_.000
2019-08-13 16:29 - 2019-08-07 10:13 - 021389776 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-08-13 16:29 - 2019-08-07 05:08 - 007435720 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-08-13 16:29 - 2019-08-07 05:07 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-08-13 16:29 - 2019-08-07 05:07 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-08-13 16:29 - 2019-08-07 04:56 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-08-13 16:29 - 2019-08-07 04:56 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-08-13 16:29 - 2019-08-07 04:49 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-08-13 16:29 - 2019-08-07 04:47 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-08-13 16:29 - 2019-08-07 04:44 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-08-13 16:29 - 2019-08-07 04:42 - 022717952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-08-13 16:29 - 2019-08-07 04:39 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-08-13 16:29 - 2019-08-07 04:36 - 007572480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-08-13 16:29 - 2019-08-07 04:34 - 005769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-08-13 16:29 - 2019-08-07 04:32 - 004938240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-08-13 16:29 - 2019-08-07 04:32 - 004516864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-08-13 16:29 - 2019-07-09 05:01 - 004527792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-08-13 16:29 - 2019-07-09 05:00 - 001616824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-08-13 16:29 - 2019-07-09 04:44 - 012757504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-08-13 16:29 - 2019-07-09 03:42 - 011943424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-08-13 16:29 - 2019-07-09 00:23 - 001213264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-08-13 16:29 - 2019-07-09 00:21 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-08-13 16:29 - 2019-07-08 23:55 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-08-13 16:29 - 2019-07-08 23:50 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-08-13 16:29 - 2019-07-08 23:47 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-08-13 16:28 - 2019-08-07 10:13 - 001632112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-08-13 16:28 - 2019-08-07 10:13 - 001515904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-08-13 16:28 - 2019-08-07 10:13 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-08-13 16:28 - 2019-08-07 09:58 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-08-13 16:28 - 2019-08-07 09:58 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-08-13 16:28 - 2019-08-07 09:55 - 008626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-08-13 16:28 - 2019-08-07 09:55 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2PGraph.dll
2019-08-13 16:28 - 2019-08-07 09:55 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2019-08-13 16:28 - 2019-08-07 09:54 - 004783104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-08-13 16:28 - 2019-08-07 09:53 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-08-13 16:28 - 2019-08-07 09:53 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2019-08-13 16:28 - 2019-08-07 09:52 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-08-13 16:28 - 2019-08-07 09:43 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-08-13 16:28 - 2019-08-07 09:41 - 001322688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-08-13 16:28 - 2019-08-07 09:41 - 000662112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-08-13 16:28 - 2019-08-07 09:40 - 020384344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-08-13 16:28 - 2019-08-07 09:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-08-13 16:28 - 2019-08-07 09:30 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-08-13 16:28 - 2019-08-07 09:27 - 007990272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-08-13 16:28 - 2019-08-07 09:26 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2PGraph.dll
2019-08-13 16:28 - 2019-08-07 09:26 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2019-08-13 16:28 - 2019-08-07 09:25 - 004175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-08-13 16:28 - 2019-08-07 09:24 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-08-13 16:28 - 2019-08-07 09:24 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-08-13 16:28 - 2019-08-07 06:40 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-08-13 16:28 - 2019-08-07 05:09 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-08-13 16:28 - 2019-08-07 05:09 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-08-13 16:28 - 2019-08-07 05:09 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-08-13 16:28 - 2019-08-07 05:09 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-08-13 16:28 - 2019-08-07 05:09 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-08-13 16:28 - 2019-08-07 05:09 - 000194352 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-08-13 16:28 - 2019-08-07 05:09 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-08-13 16:28 - 2019-08-07 05:09 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-08-13 16:28 - 2019-08-07 05:09 - 000095008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-08-13 16:28 - 2019-08-07 05:08 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-08-13 16:28 - 2019-08-07 05:08 - 002470648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-08-13 16:28 - 2019-08-07 05:08 - 001566736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-08-13 16:28 - 2019-08-07 05:08 - 001141712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-08-13 16:28 - 2019-08-07 05:08 - 000723216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-08-13 16:28 - 2019-08-07 05:08 - 000710232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-08-13 16:28 - 2019-08-07 05:08 - 000494992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-08-13 16:28 - 2019-08-07 05:08 - 000227744 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll
2019-08-13 16:28 - 2019-08-07 05:08 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-08-13 16:28 - 2019-08-07 05:08 - 000130840 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-08-13 16:28 - 2019-08-07 05:08 - 000091568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-08-13 16:28 - 2019-08-07 05:07 - 002719240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-08-13 16:28 - 2019-08-07 05:07 - 001459328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-08-13 16:28 - 2019-08-07 05:07 - 001260992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-08-13 16:28 - 2019-08-07 05:07 - 001031696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-08-13 16:28 - 2019-08-07 05:07 - 000984152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-08-13 16:28 - 2019-08-07 05:07 - 000786288 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-08-13 16:28 - 2019-08-07 05:07 - 000115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-08-13 16:28 - 2019-08-07 04:57 - 000081256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-08-13 16:28 - 2019-08-07 04:56 - 001993344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-08-13 16:28 - 2019-08-07 04:56 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-08-13 16:28 - 2019-08-07 04:56 - 000357336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-08-13 16:28 - 2019-08-07 04:56 - 000192608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xmllite.dll
2019-08-13 16:28 - 2019-08-07 04:56 - 000101400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-08-13 16:28 - 2019-08-07 04:55 - 000603792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-08-13 16:28 - 2019-08-07 04:38 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-08-13 16:28 - 2019-08-07 04:38 - 004385792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-08-13 16:28 - 2019-08-07 04:38 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-08-13 16:28 - 2019-08-07 04:38 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-08-13 16:28 - 2019-08-07 04:37 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-08-13 16:28 - 2019-08-07 04:37 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2019-08-13 16:28 - 2019-08-07 04:37 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-08-13 16:28 - 2019-08-07 04:36 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-08-13 16:28 - 2019-08-07 04:36 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-08-13 16:28 - 2019-08-07 04:36 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2019-08-13 16:28 - 2019-08-07 04:36 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-08-13 16:28 - 2019-08-07 04:35 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-08-13 16:28 - 2019-08-07 04:35 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2019-08-13 16:28 - 2019-08-07 04:35 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-08-13 16:28 - 2019-08-07 04:35 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2019-08-13 16:28 - 2019-08-07 04:35 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-08-13 16:28 - 2019-08-07 04:34 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-08-13 16:28 - 2019-08-07 04:34 - 001680384 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-08-13 16:28 - 2019-08-07 04:34 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-08-13 16:28 - 2019-08-07 04:34 - 000521216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2019-08-13 16:28 - 2019-08-07 04:34 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-08-13 16:28 - 2019-08-07 04:34 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-08-13 16:28 - 2019-08-07 04:34 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-08-13 16:28 - 2019-08-07 04:33 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-08-13 16:28 - 2019-08-07 04:33 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2019-08-13 16:28 - 2019-08-07 04:32 - 002165760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-08-13 16:28 - 2019-08-07 04:32 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-08-13 16:28 - 2019-08-07 04:32 - 001154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-08-13 16:28 - 2019-08-07 04:32 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-08-13 16:28 - 2019-08-07 04:32 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-08-13 16:28 - 2019-08-07 04:32 - 000318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-08-13 16:28 - 2019-08-07 04:32 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-08-13 16:28 - 2019-08-07 04:32 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-08-13 16:28 - 2019-08-07 04:31 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-08-13 16:28 - 2019-08-07 04:31 - 001110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-08-13 16:28 - 2019-08-07 04:31 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-08-13 16:28 - 2019-08-07 04:31 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-08-13 16:28 - 2019-08-07 04:31 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-08-13 16:28 - 2019-08-07 04:31 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-08-13 16:28 - 2019-08-07 04:31 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-08-13 16:28 - 2019-08-07 04:31 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-08-13 16:28 - 2019-08-07 04:31 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-08-13 16:28 - 2019-08-07 04:31 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-08-13 16:28 - 2019-07-11 03:48 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-08-13 16:28 - 2019-07-10 22:30 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-08-13 16:28 - 2019-07-10 22:30 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-08-13 16:28 - 2019-07-10 22:30 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-08-13 16:28 - 2019-07-09 05:07 - 000506088 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-08-13 16:28 - 2019-07-09 05:04 - 000348664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-08-13 16:28 - 2019-07-09 04:44 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-08-13 16:28 - 2019-07-09 04:43 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-08-13 16:28 - 2019-07-09 04:43 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-08-13 16:28 - 2019-07-09 04:41 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-08-13 16:28 - 2019-07-09 04:40 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-08-13 16:28 - 2019-07-09 04:39 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-08-13 16:28 - 2019-07-09 04:38 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-08-13 16:28 - 2019-07-09 04:37 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-08-13 16:28 - 2019-07-09 04:37 - 000517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2019-08-13 16:28 - 2019-07-09 04:37 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-08-13 16:28 - 2019-07-09 03:37 - 000485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2019-08-13 16:28 - 2019-07-09 00:29 - 000375312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-08-13 16:28 - 2019-07-09 00:29 - 000230200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2019-08-13 16:28 - 2019-07-09 00:29 - 000031032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2019-08-13 16:28 - 2019-07-09 00:23 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-08-13 16:28 - 2019-07-09 00:21 - 000133136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2019-08-13 16:28 - 2019-07-09 00:20 - 000500536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-08-13 16:28 - 2019-07-09 00:20 - 000275512 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-08-13 16:28 - 2019-07-09 00:20 - 000227640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-08-13 16:28 - 2019-07-09 00:19 - 002769472 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-08-13 16:28 - 2019-07-09 00:19 - 002371504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-08-13 16:28 - 2019-07-09 00:19 - 001674216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-08-13 16:28 - 2019-07-09 00:19 - 000799248 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-08-13 16:28 - 2019-07-09 00:19 - 000767232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-08-13 16:28 - 2019-07-09 00:19 - 000713488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-08-13 16:28 - 2019-07-09 00:19 - 000152104 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-08-13 16:28 - 2019-07-09 00:19 - 000142352 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2019-08-13 16:28 - 2019-07-09 00:19 - 000046608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\werkernel.sys
2019-08-13 16:28 - 2019-07-09 00:12 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-08-13 16:28 - 2019-07-09 00:12 - 001286528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2019-08-13 16:28 - 2019-07-09 00:12 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-08-13 16:28 - 2019-07-09 00:12 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-08-13 16:28 - 2019-07-09 00:11 - 002257336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-08-13 16:28 - 2019-07-09 00:11 - 000576528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-08-13 16:28 - 2019-07-09 00:11 - 000108560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2019-08-13 16:28 - 2019-07-08 23:56 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-08-13 16:28 - 2019-07-08 23:53 - 003708416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-08-13 16:28 - 2019-07-08 23:53 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-08-13 16:28 - 2019-07-08 23:52 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-08-13 16:28 - 2019-07-08 23:51 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-08-13 16:28 - 2019-07-08 23:51 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-08-13 16:28 - 2019-07-08 23:51 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-08-13 16:28 - 2019-07-08 23:51 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-08-13 16:28 - 2019-07-08 23:51 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2019-08-13 16:28 - 2019-07-08 23:51 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-08-13 16:28 - 2019-07-08 23:51 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-08-13 16:28 - 2019-07-08 23:50 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-08-13 16:28 - 2019-07-08 23:50 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-08-13 16:28 - 2019-07-08 23:50 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-08-13 16:28 - 2019-07-08 23:50 - 000659456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-08-13 16:28 - 2019-07-08 23:50 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-08-13 16:28 - 2019-07-08 23:49 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-08-13 16:28 - 2019-07-08 23:49 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-08-13 16:28 - 2019-07-08 23:49 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-08-13 16:28 - 2019-07-08 23:49 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2019-08-13 16:28 - 2019-07-08 23:49 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-08-13 16:28 - 2019-07-08 23:49 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-08-13 16:28 - 2019-07-08 23:49 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-08-13 16:28 - 2019-07-08 23:48 - 003402240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-08-13 16:28 - 2019-07-08 23:48 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-08-13 16:28 - 2019-07-08 23:48 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-13 16:28 - 2019-07-08 23:48 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2019-08-13 16:28 - 2019-07-08 23:48 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-08-13 16:28 - 2019-07-08 23:48 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-08-13 16:28 - 2019-07-08 23:48 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-08-13 16:28 - 2019-07-08 23:47 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-08-13 16:28 - 2019-07-08 23:47 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-08-13 16:28 - 2019-07-08 23:47 - 000928768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-08-13 16:28 - 2019-07-08 23:47 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-08-13 16:28 - 2019-07-08 23:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-08-13 16:28 - 2019-07-08 23:46 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-08-13 16:28 - 2019-07-08 23:46 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-08-13 16:28 - 2019-07-08 23:46 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-08-13 16:28 - 2019-07-08 23:46 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-08-13 16:28 - 2019-07-08 23:45 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-08-13 16:28 - 2019-07-08 23:45 - 001218560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-08-13 16:28 - 2019-07-08 23:45 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-08-13 16:28 - 2019-07-08 23:45 - 000510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-08-13 16:28 - 2019-07-08 23:45 - 000504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2019-08-13 16:28 - 2019-07-08 23:44 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-08-13 16:28 - 2019-07-08 23:44 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-13 16:28 - 2019-07-08 23:44 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-08-13 16:28 - 2019-07-08 23:44 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-08-13 16:28 - 2019-07-08 23:44 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-08-13 16:28 - 2019-07-08 23:44 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-08-13 16:28 - 2019-07-08 23:44 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-08-13 16:28 - 2019-07-08 23:43 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-08-13 16:28 - 2019-07-08 23:43 - 001398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-08-13 16:28 - 2019-07-08 23:43 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-08-13 16:28 - 2019-07-08 23:43 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-08-13 16:27 - 2019-08-07 09:53 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2pnetsh.dll
2019-08-13 16:27 - 2019-08-07 09:51 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2019-08-13 16:27 - 2019-08-07 09:24 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\p2pnetsh.dll
2019-08-13 16:27 - 2019-08-07 04:36 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2019-08-13 16:27 - 2019-08-07 04:36 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-08-13 16:27 - 2019-08-07 04:35 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-08-13 16:27 - 2019-08-07 04:35 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-08-13 16:27 - 2019-08-07 04:34 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-08-13 16:27 - 2019-08-07 04:33 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-08-13 16:27 - 2019-08-07 03:15 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-08-13 16:27 - 2019-07-09 04:43 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2019-08-13 16:27 - 2019-07-09 04:39 - 001210880 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2019-08-13 16:27 - 2019-07-09 04:39 - 001193472 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2019-08-13 16:27 - 2019-07-09 04:37 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-08-13 16:27 - 2019-07-09 03:38 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-08-13 16:27 - 2019-07-08 23:56 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2019-08-13 16:27 - 2019-07-08 23:55 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2019-08-13 16:27 - 2019-07-08 23:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-08-13 16:27 - 2019-07-08 23:52 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2019-08-13 16:27 - 2019-07-08 23:51 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-08-13 16:27 - 2019-07-08 23:51 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-08-13 16:27 - 2019-07-08 23:50 - 000141312 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2019-08-13 16:27 - 2019-07-08 23:50 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2019-08-13 16:27 - 2019-07-08 23:50 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdcpw.dll
2019-08-13 16:27 - 2019-07-08 23:50 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-08-13 16:27 - 2019-07-08 23:49 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetDriverInstall.dll
2019-08-13 16:27 - 2019-07-08 23:47 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-08-13 16:27 - 2019-06-19 23:21 - 000058882 _____ C:\WINDOWS\system32\srms.dat
2019-08-13 16:26 - 2019-08-13 16:26 - 002699729 _____ C:\Users\Fiore\Downloads\Clase presencial N° 1_ Generalidades.pdf
2019-08-13 16:20 - 2019-08-13 16:21 - 000102703 _____ C:\Users\Fiore\Downloads\EXAMEN FINAL.pdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-09-10 22:51 - 2018-04-11 20:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-09-10 22:41 - 2018-04-11 20:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-09-10 22:41 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-09-10 22:17 - 2016-06-05 20:01 - 000000000 __SHD C:\Users\Fiore\IntelGraphicsProfiles
2019-09-10 22:15 - 2019-05-12 16:18 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-09-10 22:15 - 2018-07-06 22:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-10 22:14 - 2018-04-11 18:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-09-10 22:12 - 2016-10-09 20:33 - 000000000 ____D C:\Program Files (x86)\ASUS
2019-09-10 22:12 - 2014-12-04 01:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2019-09-10 21:54 - 2018-04-11 20:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-09-10 21:49 - 2018-06-26 13:54 - 000000000 ___DC C:\WINDOWS\Panther
2019-09-10 21:49 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-09-10 21:49 - 2018-04-11 20:36 - 000000000 ____D C:\WINDOWS\INF
2019-09-10 21:49 - 2016-03-18 21:40 - 000000000 ____D C:\Users\Fiore\AppData\Local\CrashDumps
2019-09-10 21:35 - 2018-05-21 02:02 - 000000000 ____D C:\Users\Fiore\AppData\Local\Packages
2019-09-10 21:34 - 2018-07-06 21:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-09-10 20:59 - 2018-04-11 20:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-09-10 20:38 - 2015-08-09 22:30 - 000000093 _____ C:\Users\Fiore\AppData\Roaming\sp_data.sys
2019-09-10 20:33 - 2016-06-05 20:04 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2019-09-10 15:08 - 2019-05-12 16:17 - 000478096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-09-10 15:01 - 2019-05-12 16:17 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-09-10 15:01 - 2019-05-12 16:17 - 000387176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-09-10 15:01 - 2019-05-12 16:17 - 000282768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-09-10 15:01 - 2019-05-12 16:17 - 000263008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-09-10 15:01 - 2019-05-12 16:17 - 000209552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-09-10 15:01 - 2019-05-12 16:17 - 000205848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-09-10 15:01 - 2019-05-12 16:17 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-09-10 15:01 - 2019-05-12 16:17 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-09-10 15:01 - 2019-05-12 16:17 - 000061472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-09-10 15:01 - 2019-05-12 16:17 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-09-10 15:01 - 2019-05-12 16:17 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-09-09 21:13 - 2018-07-06 22:05 - 000003364 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1619199255-2488493992-1171246703-1002
2019-09-09 20:59 - 2018-07-06 21:34 - 000002442 _____ C:\Users\Fiore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-09-09 20:59 - 2016-06-05 20:07 - 000000000 ___RD C:\Users\Fiore\OneDrive
2019-09-06 20:54 - 2019-05-12 16:18 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-09-06 20:54 - 2018-07-06 22:05 - 000003484 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-09-06 20:54 - 2018-07-06 22:05 - 000003346 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DDEF0D84-3BFD-4A18-8938-F678A7956AE6}
2019-09-06 20:54 - 2018-07-06 22:05 - 000003260 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-09-06 20:54 - 2018-07-06 22:05 - 000003126 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CAF1D2CB-E4EE-4AA1-8BDC-2A79B34F2DBB}
2019-09-06 20:54 - 2018-07-06 22:05 - 000002750 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1619199255-2488493992-1171246703-500
2019-09-06 20:54 - 2018-07-06 22:05 - 000002520 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2019-09-06 20:54 - 2018-07-06 22:05 - 000002188 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2019-09-06 20:54 - 2018-07-06 22:05 - 000002180 _____ C:\WINDOWS\System32\Tasks\RtHDVBg
2019-09-06 20:54 - 2018-07-06 22:05 - 000002174 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2019-09-01 12:23 - 2015-08-29 21:18 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-01 12:23 - 2015-08-29 21:18 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-14 19:32 - 2018-05-21 12:27 - 000000000 ___RD C:\Users\Fiore\3D Objects
2019-08-14 19:32 - 2015-08-09 20:30 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-14 19:30 - 2018-07-06 21:28 - 000410304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-08-14 19:23 - 2018-04-11 20:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-08-14 19:23 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-08-14 19:23 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-08-14 19:23 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-08-14 19:23 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-08-14 19:23 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-08-13 16:26 - 2015-08-30 17:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-08-13 16:18 - 2015-08-30 17:59 - 134272480 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ================

2015-08-09 22:30 - 2019-09-10 20:38 - 000000093 _____ () C:\Users\Fiore\AppData\Roaming\sp_data.sys

==================== FLock ================

2018-05-10 11:20 C:\WINDOWS\UpdateAssistant

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

elciclon · 11 Septiembre, 2019 02:25


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-09-2019
Ran by Fiore (10-09-2019 22:51:58)
Running from C:\Users\Fiore\Desktop
Windows 10 Home Single Language Version 1803 17134.950 (X64) (2018-07-07 01:06:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1619199255-2488493992-1171246703-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1619199255-2488493992-1171246703-503 - Limited - Disabled)
Fiore (S-1-5-21-1619199255-2488493992-1171246703-1002 - Administrator - Enabled) => C:\Users\Fiore
HomeGroupUser$ (S-1-5-21-1619199255-2488493992-1171246703-1004 - Limited - Enabled)
Invitado (S-1-5-21-1619199255-2488493992-1171246703-501 - Limited - Disabled)
server (S-1-5-21-1619199255-2488493992-1171246703-1001 - Administrator - Enabled) => C:\Users\server
WDAGUtilityAccount (S-1-5-21-1619199255-2488493992-1171246703-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.7.2388 - AVAST Software)
Backup and Sync from Google (HKLM\...\{768C0072-2FD2-4934-9824-B2A1E81AEA5D}) (Version: 3.45.5545.5747 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
Eines de correcció del Microsoft Office 2013: català (HKLM-x32\...\{90150000-001F-0403-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Epi Info (HKLM-x32\...\{E8E2B4D8-503C-46C7-A6CE-BC78CC3D4F9A}) (Version: 3.5.4 - Centers for Disease Control and Prevention (CDC))
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM-x32\...\{90150000-001F-0456-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
GoPro Studio 2.0.0 (HKLM-x32\...\GoPro Studio) (Version: 2.0.0 - WoodmanLabs Inc. d.b.a. GoPro)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.92 - McAfee, LLC.)
Microsoft Office Standard 2013 (HKLM-x32\...\Office15.STANDARD) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1619199255-2488493992-1171246703-1002\...\OneDriveSetup.exe) (Version: 19.152.0801.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.316 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.27040 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7288 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM-x32\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
TuneUp Utilities 2014 (es-ES) (HKLM-x32\...\{B9F7B0C4-3AE0-41AF-B60F-ADACEAE856E3}) (Version: 14.0.1000.296 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}) (Version: 14.0.1000.296 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.296 - TuneUp Software)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{57D07AAD-97E2-4E16-89C4-1A3C51BC9C98}) (Version: 1.16.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WHO AnthroPlus (HKLM-x32\...\{13A42C71-87A5-41F7-B7C9-5DC7D56038FC}_is1) (Version: 1.0.4 - WHO)
Windows Driver Package - ASUS (ATP) Mouse  (01/07/2014 1.0.0.197) (HKLM\...\2BEE838DC3D664A0CAB23AEA0332BB3877ED0685) (Version: 01/07/2014 1.0.0.197 - ASUS)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2015-08-16] (WildTangent Games)
ASUS WebStorage -> C:\Program Files\WindowsApps\ASUSCloudCorporation.MobileFileExplorer_1.0.24.190_x86__wk4d32h0cvhem [2015-08-16] (ASUS Cloud Corporation)
ASUS Welcome -> C:\Program Files\WindowsApps\B9ECED6F.ASUSWelcome_1.0.1.0_x64__qmba6cd70vzyy [2016-06-05] (ASUSTeK COMPUTER INC.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.147.500.0_x86__kgqvnymyfvs32 [2019-09-09] (king.com)
Complemento de teléfono de Microsoft -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-04-21] (Microsoft Corporation)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-10] (Microsoft Corporation) [MS Ad]
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2018-04-09] (Flipboard)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-06-19] (Microsoft Corporation)
LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_5.19.0.0_x86__8ptj331gd3tyt [2019-09-06] (LINE Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-10] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-09-01] (Microsoft Studios) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-10] (Microsoft Corporation) [MS Ad]
MSN Finanzas -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
MSN Recetas -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-16] (Microsoft Corporation) [MS Ad]
MSN Salud -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-16] (Microsoft Corporation) [MS Ad]
MSN Viajes -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-16] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.0.0.0_x64__a2t3txkz9j1jw [2019-08-10] (MAGIX)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-07-05] (Netflix, Inc.)
Skype WiFi -> C:\Program Files\WindowsApps\Microsoft.SkypeWiFi_1.2.0.7_x86__kzf8qxf38zg5c [2015-08-16] (Skype)
Teléfono Microsoft -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-11] (Microsoft Corporation)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2016-11-17] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-11] (Twitter Inc.)
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2015-08-16] (Zinio LLC)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1619199255-2488493992-1171246703-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} =>  -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-10] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-10] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2013-12-18] (Foxit Corporation -> Foxit Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-10] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:/Program Files (x86)/Common Files/AWS/2.1.11.399/ASUSWSContextMenu.dll [2014-08-20] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-10] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============


==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 10:25 - 2013-08-22 10:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\CineForm\Tools;C:\Program Files (x86)\GoPro\Tools;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1619199255-2488493992-1171246703-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Fiore\Pictures\Camera Roll\cam01788~2.jpg
DNS Servers: 200.49.130.52 - 200.42.4.210
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{07CA1F5A-2CD2-4B5D-8850-8CB0CA226A23}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3B426336-BF23-4D27-926C-7676C106044B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

22-08-2019 18:57:25 Windows Update
27-08-2019 00:26:20 Windows Update
01-09-2019 12:08:39 Windows Update
06-09-2019 12:00:55 Windows Update
09-09-2019 21:24:38 Windows Update
10-09-2019 22:25:26 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/10/2019 10:12:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido.
.


Operación:
   Ejecutando operación asincrónica

Contexto:
   Estado actual: DoSnapshotSet

Error: (09/10/2019 03:04:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: UpdateChecker.exe, versión: 0.0.0.0, marca de tiempo: 0x5295f1af
Nombre del módulo con errores: alvupdt.dll, versión: 1.0.0.10, marca de tiempo: 0x5292f1c8
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000157f6
Identificador del proceso con errores: 0x2434
Hora de inicio de la aplicación con errores: 0x01d567d80157dd3c
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
Identificador del informe: b1609905-5d11-4b2c-a6e6-0c4881a5f689
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (09/09/2019 09:12:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: LockApp.exe, versión: 10.0.17134.1, marca de tiempo: 0x5acd88b2
Nombre del módulo con errores: msvcrt.dll, versión: 7.0.17134.1, marca de tiempo: 0x5cbba6fd
Código de excepción: 0x40000015
Desplazamiento de errores: 0x000000000000add2
Identificador del proceso con errores: 0x3260
Hora de inicio de la aplicación con errores: 0x01d5676aab56cf52
Ruta de acceso de la aplicación con errores: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\msvcrt.dll
Identificador del informe: eff0c9a9-53f7-4a7d-960d-79496585953e
Nombre completo del paquete con errores: Microsoft.LockApp_10.0.17134.1_neutral__cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: WindowsDefaultLockScreen

Error: (08/19/2019 12:56:38 PM) (Source: MsiInstaller) (EventID: 1041) (User: NT AUTHORITY)
Description: No se pudo iniciar una transacción de Windows Installer {4D3286A6-F6AB-498A-82A4-E4F040529F3D}. Error 1618 al iniciar la transacción.

Error: (07/22/2019 02:44:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: UpdateChecker.exe, versión: 0.0.0.0, marca de tiempo: 0x5295f1af
Nombre del módulo con errores: alvupdt.dll, versión: 1.0.0.10, marca de tiempo: 0x5292f1c8
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000157f6
Identificador del proceso con errores: 0x2974
Hora de inicio de la aplicación con errores: 0x01d540b4141535b3
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
Identificador del informe: 4a14ce6f-d188-4d28-98b2-3730245449a8
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (07/22/2019 02:32:47 PM) (Source: MsiInstaller) (EventID: 1041) (User: NT AUTHORITY)
Description: No se pudo iniciar una transacción de Windows Installer {4D3286A6-F6AB-498A-82A4-E4F040529F3D}. Error 1618 al iniciar la transacción.

Error: (07/18/2019 01:18:49 PM) (Source: MsiInstaller) (EventID: 11704) (User: NT AUTHORITY)
Description: Producto: Update for Windows 10 for x64-based Systems (KB4023057) -- Error 1704. Actualmente hay una instalación de ASUS Smart Gesture en suspenso. Debe deshacer los cambios realizados por dicha instalación para poder continuar. ¿Desea deshacer esos cambios?

Error: (07/17/2019 08:10:26 PM) (Source: MsiInstaller) (EventID: 1041) (User: NT AUTHORITY)
Description: No se pudo iniciar una transacción de Windows Installer {4D3286A6-F6AB-498A-82A4-E4F040529F3D}. Error 1618 al iniciar la transacción.

elciclon · 11 Septiembre, 2019 02:25


System errors:
=============
Error: (09/10/2019 10:52:33 PM) (Source: DCOM) (EventID: 10016) (User: usuario)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario usuario\Fiore con SID (S-1-5-21-1619199255-2488493992-1171246703-1002) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (09/10/2019 10:51:43 PM) (Source: DCOM) (EventID: 10016) (User: usuario)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario usuario\Fiore con SID (S-1-5-21-1619199255-2488493992-1171246703-1002) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (09/10/2019 10:51:21 PM) (Source: DCOM) (EventID: 10016) (User: usuario)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario usuario\Fiore con SID (S-1-5-21-1619199255-2488493992-1171246703-1002) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (09/10/2019 10:36:21 PM) (Source: DCOM) (EventID: 10016) (User: usuario)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 y APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 al usuario usuario\Fiore con SID (S-1-5-21-1619199255-2488493992-1171246703-1002) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (09/10/2019 10:33:23 PM) (Source: DCOM) (EventID: 10016) (User: usuario)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario usuario\Fiore con SID (S-1-5-21-1619199255-2488493992-1171246703-1002) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (09/10/2019 10:29:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (09/10/2019 10:21:04 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Administrador de mapas descargados no respondió después de iniciar.

Error: (09/10/2019 10:19:53 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} no se registró con DCOM dentro del tiempo de espera requerido.


Windows Defender:
===================================
Date: 2019-05-12 15:58:04.758
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {4F1113A7-1935-49C3-9760-9E64B1EDA755}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-04-14 20:56:22.681
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {5013AD5A-EB83-40EA-A1A5-86500CCE6F83}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-04-14 19:53:30.170
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {8A1AE60F-FCF1-477D-8D66-EFE7688204E6}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-04-14 17:45:52.286
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {4BF5D3B0-4A85-46ED-B310-64DD47343AEF}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-04-14 17:30:15.514
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {D2DA6041-6FC9-48BF-9D3B-E89AB6588EC1}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-05-31 12:29:12.370
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 1.293.2651.0
Versión de firma anterior: 1.293.1448.0
Origen de actualización: Usuario
Tipo de firma: AntiSpyware
Tipo de actualización: Diferencia
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 1.1.15900.4
Versión de motor anterior: 1.1.15900.4
Código de error: 0x80509004
Descripción del error: Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2019-05-31 12:29:12.369
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 1.293.2651.0
Versión de firma anterior: 1.293.1448.0
Origen de actualización: Usuario
Tipo de firma: AntiVirus
Tipo de actualización: Diferencia
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 1.1.15900.4
Versión de motor anterior: 1.1.15900.4
Código de error: 0x80509004
Descripción del error: Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2019-04-11 21:06:01.166
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.291.1605.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15800.1
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2019-04-09 12:13:20.974
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.291.1222.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15800.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-04-09 12:13:20.973
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.291.1222.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15800.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

CodeIntegrity:
===================================

Date: 2018-12-02 19:50:59.469
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Common Files\AWS\2.1.11.399\AsusWSShellExt64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-12-02 19:50:59.301
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Common Files\AWS\2.1.11.399\AsusWSShellExt64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-12-02 19:50:59.241
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Common Files\AWS\2.1.11.399\AsusWSShellExt64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-12-02 19:50:59.027
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-12-02 19:50:59.012
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-12-02 19:50:58.971
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-11-26 10:36:19.947
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Common Files\AWS\2.1.11.399\AsusWSShellExt64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-11-26 10:36:19.792
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Common Files\AWS\2.1.11.399\AsusWSShellExt64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. X453MA.210 12/25/2014
Motherboard: ASUSTeK COMPUTER INC. X453MA
Processor: Intel(R) Celeron(R) CPU N2940 @ 1.83GHz
Percentage of memory in use: 83%
Total physical RAM: 3982.57 MB
Available physical RAM: 640.46 MB
Total Virtual: 5582.57 MB
Available Virtual: 1900.19 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:308.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:533.47 GB) NTFS

\\?\Volume{8ab40827-8c24-455f-a644-55840365ea1f}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.59 GB) NTFS
\\?\Volume{803da3cc-854c-45d3-8a0e-9218976f23b0}\ (Restore) (Fixed) (Total:20.01 GB) (Free:9.24 GB) NTFS
\\?\Volume{0b8d83d0-619a-4155-982f-b114eefbb99d}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1D8E673C)

Partition: GPT.

==================== End of Addition.txt ============================

elciclon · 11 Septiembre, 2019 02:25

Muchas gracias por la ayuda!

JavierHF · 11 Septiembre, 2019 22:56

Bien… y ahora sigue estos pasos, MUY Importante Realiza una copia de seguridad del registro :

Para hacerlo descarga DelFix.exe(en tu escritorio).
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
Atención, ahora marca/selecciona únicamente la casilla Create registry backup, las demás casillas NO.
Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.

Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {07FDAC41-F3F2-4CC6-AD17-E69E41558E31} - \WPD\SqmUpload_S-1-5-21-1619199255-2488493992-1171246703-1001 -> No File <==== ATTENTION
Task: {229F4F96-6BAC-447A-8614-F5ECE2D6A095} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {28717170-50EA-4405-AFBF-D3CC7869C62A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {28837F67-144E-4DF3-8949-E72FAC15262E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {2AD0A0F6-989B-41B6-B9DF-B26A11EADE30} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {55FEFF50-6C8B-4909-A716-72A119728918} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5B1F5893-53A8-4CEF-98D8-AEA8F3CC7DEE} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {72D58C87-393F-4D27-9F52-3C5CC23B04D7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7CDDC72A-475D-4C0D-80B2-E0D2BDD18A5A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {87597CFC-DC3D-4DA6-9F01-4412DA7BF142} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8B9D17FB-21A3-48C6-B135-148E2C153B9F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {8C2D440E-7E87-4D60-B637-55C65C8E7552} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {96FFE429-04EB-412A-85EB-ECB9DE4460A8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {9A116F94-4D7B-45FC-AD89-975CF8C1ACA8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {ADFE68FE-A353-4283-96DF-4A5E407D1985} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {CB03B202-638B-4EBE-B482-C331CCF4D173} - \WPD\SqmUpload_S-1-5-21-1619199255-2488493992-1171246703-1002 -> No File <==== ATTENTION
Task: {D1EDE28A-6706-4841-AE67-AFCFE26F51F0} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => C:\WINDOWS\System32\GWX\GWXUXWorker.exe
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
S2 Asus WebStorage Windows Service; "C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe" [X]
S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.

Nota Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
Presionar el botón FIX y aguardar a que termine.
La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

elciclon · 12 Septiembre, 2019 00:40


Fix result of Farbar Recovery Scan Tool (x64) Version: 08-09-2019
Ran by Fiore (11-09-2019 21:32:41) Run:1
Running from C:\Users\Fiore\Desktop
Loaded Profiles: Fiore (Available Profiles: server & Fiore)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {07FDAC41-F3F2-4CC6-AD17-E69E41558E31} - \WPD\SqmUpload_S-1-5-21-1619199255-2488493992-1171246703-1001 -> No File <==== ATTENTION
Task: {229F4F96-6BAC-447A-8614-F5ECE2D6A095} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {28717170-50EA-4405-AFBF-D3CC7869C62A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {28837F67-144E-4DF3-8949-E72FAC15262E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {2AD0A0F6-989B-41B6-B9DF-B26A11EADE30} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {55FEFF50-6C8B-4909-A716-72A119728918} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5B1F5893-53A8-4CEF-98D8-AEA8F3CC7DEE} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {72D58C87-393F-4D27-9F52-3C5CC23B04D7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7CDDC72A-475D-4C0D-80B2-E0D2BDD18A5A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {87597CFC-DC3D-4DA6-9F01-4412DA7BF142} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8B9D17FB-21A3-48C6-B135-148E2C153B9F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {8C2D440E-7E87-4D60-B637-55C65C8E7552} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {96FFE429-04EB-412A-85EB-ECB9DE4460A8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {9A116F94-4D7B-45FC-AD89-975CF8C1ACA8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {ADFE68FE-A353-4283-96DF-4A5E407D1985} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {CB03B202-638B-4EBE-B482-C331CCF4D173} - \WPD\SqmUpload_S-1-5-21-1619199255-2488493992-1171246703-1002 -> No File <==== ATTENTION
Task: {D1EDE28A-6706-4841-AE67-AFCFE26F51F0} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => C:\WINDOWS\System32\GWX\GWXUXWorker.exe
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
S2 Asus WebStorage Windows Service; "C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe" [X]
S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_B => removed successfully
HKLM\Software\Classes\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7191} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{07FDAC41-F3F2-4CC6-AD17-E69E41558E31}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07FDAC41-F3F2-4CC6-AD17-E69E41558E31}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-1619199255-2488493992-1171246703-1001" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{229F4F96-6BAC-447A-8614-F5ECE2D6A095}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{229F4F96-6BAC-447A-8614-F5ECE2D6A095}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{28717170-50EA-4405-AFBF-D3CC7869C62A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28717170-50EA-4405-AFBF-D3CC7869C62A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{28837F67-144E-4DF3-8949-E72FAC15262E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28837F67-144E-4DF3-8949-E72FAC15262E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2AD0A0F6-989B-41B6-B9DF-B26A11EADE30}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2AD0A0F6-989B-41B6-B9DF-B26A11EADE30}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{55FEFF50-6C8B-4909-A716-72A119728918}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55FEFF50-6C8B-4909-A716-72A119728918}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B1F5893-53A8-4CEF-98D8-AEA8F3CC7DEE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B1F5893-53A8-4CEF-98D8-AEA8F3CC7DEE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{72D58C87-393F-4D27-9F52-3C5CC23B04D7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72D58C87-393F-4D27-9F52-3C5CC23B04D7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CDDC72A-475D-4C0D-80B2-E0D2BDD18A5A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CDDC72A-475D-4C0D-80B2-E0D2BDD18A5A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{87597CFC-DC3D-4DA6-9F01-4412DA7BF142}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87597CFC-DC3D-4DA6-9F01-4412DA7BF142}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B9D17FB-21A3-48C6-B135-148E2C153B9F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B9D17FB-21A3-48C6-B135-148E2C153B9F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C2D440E-7E87-4D60-B637-55C65C8E7552}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C2D440E-7E87-4D60-B637-55C65C8E7552}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{96FFE429-04EB-412A-85EB-ECB9DE4460A8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96FFE429-04EB-412A-85EB-ECB9DE4460A8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A116F94-4D7B-45FC-AD89-975CF8C1ACA8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A116F94-4D7B-45FC-AD89-975CF8C1ACA8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{ADFE68FE-A353-4283-96DF-4A5E407D1985}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADFE68FE-A353-4283-96DF-4A5E407D1985}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB03B202-638B-4EBE-B482-C331CCF4D173}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB03B202-638B-4EBE-B482-C331CCF4D173}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-1619199255-2488493992-1171246703-1002" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D1EDE28A-6706-4841-AE67-AFCFE26F51F0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1EDE28A-6706-4841-AE67-AFCFE26F51F0}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask" => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\dssrequest => removed successfully
HKLM\Software\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => not found
HKLM\Software\Classes\PROTOCOLS\Handler\sacore => removed successfully
HKLM\Software\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0 => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => removed successfully
HKLM\System\CurrentControlSet\Services\Asus WebStorage Windows Service => removed successfully
Asus WebStorage Windows Service => service removed successfully
HKLM\System\CurrentControlSet\Services\GamesAppIntegrationService => removed successfully
GamesAppIntegrationService => service removed successfully
HKLM\System\CurrentControlSet\Services\GamesAppService => removed successfully
GamesAppService => service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1619199255-2488493992-1171246703-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1619199255-2488493992-1171246703-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 4 mientras los medios
est‚n desconectados.

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 210282116 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 452108 B
Edge => 597580 B
Chrome => 11476762 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 966 B
LocalService => 0 B
NetworkService => 5362 B
NetworkService => 0 B
server => 54169 B
Fiore => 98472495 B

RecycleBin => 0 B
EmptyTemp: => 314 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:34:46 ====

elciclon · 12 Septiembre, 2019 01:11

Hola, noto más rápida la PC, lo que sí sigue medio lento el inicio, puede ser que se estén abriendo aplicaciones innecesarias?

JavierHF · 12 Septiembre, 2019 08:21

Hola.

Desde que tienes ese equipo aparte de hacerle la actualizacion/migración desde W8.1 a Windows 10, hicistes en alguna ocasión una instalación limpia(borrando absolutamente todo) e instalaste Windows 10 de nuevo…

Cuanto tiempo(de reloj, haz la prueba exacta) tarda tu equipo en presentar el escritorio desde que pulsas el botón de encendido…??

Revisas personalmente y periódicamente que TU Windows(desde windows update) realice absolutamente TODAS las actualizaciones…??

Haz la comprobación varias veces hasta que veas que NO tienes ninguna actualizacion y SI te propone la instalación de alguna después de terminarlas REINICIAS el equipo y recompruebas que NO salga ninguna más.

Nos comentas.

Saludos.