Hola. Desde hace un par de días veo que mi PC tarda mucho en arrancar, a veces no abre las carpetas y, además, la barra de desplazamiento lateral se ha vuelto loca (siempre va hacia abajo del todo) Ahora mismo también me está pasando con el cursor, que siempre se va hacia el final del texto.
Gracias
Hola @vicen00
Has realizado algun tipo de verificación en tu equipo…??
No sé a qué te refieres con "verificaciones". Lo único que he hecho es pasar el C.Cleaner y el Glary utilities. El equipo sí ha hecho actualizaciones ayer antes de apagar.
GraciasBien… pues para revisar tu maquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado. 
Desactiva temporalmente el Antivirus 
Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.
Vamos a descargar en TU ESCRITORIO(y NO en otro lugar 
) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :
Malwarebytes’ Anti-Malware + Manual. 
revisa en detalle el manual, para que sepas usarlo y configurarlo correctamente.
Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1] ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]
Ejecutas las herramientas de una en una y en el orden indicado :
CCleaner.-
Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.
Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).
Malwarebytes.-
Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.
Realiza un Análisis Completo.
Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.
En el apartado del manual Historial 
encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.
AdwCleaner.-
Ejecuta Adwcleaner.exe.
Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.
El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt
Junkware Removal Tool.-
Ejecuta JRT.exe.
Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.
Si en algún momento te pide Reiniciar hazlo.
Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
Copia y pega el contenido de JRT.txt en tu próxima respuesta.
Farbar Recovery Scan Tool.-
Ejecuta FRST.exe.
En el mensaje de la ventana del Disclaimer, pulsamos Yes
En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.
Poner los informes en tu próxima respuesta de :
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).
Y nos cuentas como funciona tu equipo en relación al problema planteado.
Saludos.
Hola. He hecho lo que me dijiste. Creo que el Pc sigue más o menos igual, por ejemplo, para iniciar le cuesta bastante y cuando intento pinvhar en un icono o carpeta del escritorio se va hacia los iconos del fondo. La scroll lateral está un poco mejor, pero solo un poco. Te envío los informes. Gracias.
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 6/9/19
Hora del análisis: 15:36
Archivo de registro: 6517605c-d0ab-11e9-9828-6c3be581b560.json
-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.12337
Licencia: Gratis
-Información del sistema-
SO: Windows 10 (Build 17763.678)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-6LFIHEJ\User
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 321992
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 3 min, 8 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 0
(No hay elementos maliciosos detectados)
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-08-27.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-06-2019
# Duration: 00:00:16
# OS: Windows 10 Pro
# Scanned: 35522
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1603 octets] - [10/06/2019 16:59:10]
AdwCleaner[C00].txt - [1677 octets] - [10/06/2019 17:00:06]
AdwCleaner_Debug.log - [4034 octets] - [06/09/2019 15:46:26]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by User (Administrator) on 06/09/2019 at 15:59:27,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06/09/2019 at 16:03:41,95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-09-2019
Ran by User (administrator) on DESKTOP-6LFIHEJ (Hewlett-Packard HP ENVY m6 Notebook PC) (06-09-2019 16:32:22)
Running from C:\Users\User\Desktop
Loaded Profiles: User & eleni & Administrator (Available Profiles: User & eleni & Administrator)
Platform: Windows 10 Pro Version 1809 17763.678 (X64) Language: Inglés (Estados Unidos)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-2363524323-2270306343-1107792746-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2019-04-22] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-2363524323-2270306343-1107792746-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22714912 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-2363524323-2270306343-1107792746-1001\...\MountPoints2: {ce6a03c2-262a-11e9-8fe0-6c3be581b560} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2363524323-2270306343-1107792746-500\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-08-28] (Google LLC -> Google LLC)
IFEO\MicrosoftEdge.exe: [Debugger] /
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SynRemoveUserSettings.bat [2015-09-02] () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2019-05-06]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2019-05-23]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine\Vpn.exe (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\Users\eleni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SynRemoveUserSettings.bat [2015-09-02] () [File not signed]
BootExecute: autocheck autochk *
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0198B669-A211-486C-A9B6-C96CCBD58D10} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16585328 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {0A697FAC-F0A1-4CC5-879B-44DC71547EDC} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe [1380232 2019-08-07] (AVAST Software s.r.o. -> AVAST Software)
Task: {23025299-8E0E-4B32-86C8-BEECBAFE6FB9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3942792 2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
Task: {30EAC81B-AEC0-4AD3-B1DE-F45AA9DA209E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-08-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {34F12F05-953B-45C4-81C4-3B8C0D5DDFD4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2045832 2019-08-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {412A3489-678C-404F-BA53-6AAB5C16A3E6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [117296 2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {4827FF7F-21A6-49FD-BA3C-D5B17D2448D1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4467864 2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {64974B3F-50AD-4A43-BE19-6940C25ABC7A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4467864 2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {9206238E-654A-4278-BD2A-981A0CEC2B0B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {93CD0E3A-6699-4087-8B0A-9065E6F3768F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367016 2019-08-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {A65B7A19-C775-4FDC-B61C-AACB5AF00DD0} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {A93C2423-BB56-4A28-950E-7434B3E32942} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1428624 2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF99F21E-F598-44B9-BCFE-214E4EF132BC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1428624 2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {C26FFC8D-D79B-42F9-BF63-EAC44948E44B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-12] (Google Inc -> Google Inc.)
Task: {C2E488BA-4076-4780-BCF5-F349A344F9B9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [117296 2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {CAD0E0C9-2C74-40C7-968F-741E00F7FF78} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367016 2019-08-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {CEE7387F-360B-451B-922C-D4681ABF5263} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_Plugin.exe [1457208 2019-07-08] (Adobe Inc. -> Adobe)
Task: {F92DD01B-FE64-4E35-9745-EE5D37E396AF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-12] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2c3cdc70-6b4d-4439-b3ff-e3038b27f1da}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{87a619ce-6c45-46cb-91ac-f500c94435eb}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\User\Downloads
FireFox:
========
FF DefaultProfile: 15hvbyya.default
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\15hvbyya.default [2019-09-06]
FF Extension: (ScriptSafe) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\15hvbyya.default\Extensions\[email protected] [2019-03-12]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\15hvbyya.default\Extensions\[email protected] [2019-07-07]
FF Extension: (Avast Online Security) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\15hvbyya.default\Extensions\[email protected] [2019-09-04]
FF HKU\S-1-5-21-2363524323-2270306343-1107792746-1001\...\Firefox\Extensions: [[email protected]] - C:\Users\User\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_207.dll [2019-07-08] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_207.dll [2019-07-08] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2017-01-20] (Verimatrix -> Verimatrix, Inc.) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-07-31] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2363524323-2270306343-1107792746-1001: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2017-01-20] (Verimatrix -> Verimatrix, Inc.) [File not signed]
Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2019-09-06]
CHR Extension: (Presentaciones) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-12]
CHR Extension: (Documentos) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-12]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-12]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-12]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-08-27]
CHR Extension: (Hojas de cálculo) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-12]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-12]
CHR Extension: (Avast Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-16]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-12]
CHR Extension: (ScriptSafe) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2019-03-12]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-11]
CHR HKU\S-1-5-21-2363524323-2270306343-1107792746-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5975136 2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [405072 2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [416576 2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [10287216 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11568224 2019-08-24] (Microsoft Corporation -> Microsoft Corporation)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [7449992 2019-08-07] (AVAST Software s.r.o. -> AVAST Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5356848 2019-08-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [35328 2013-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Validity Sensors, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-09-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-09-06] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [209552 2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [263008 2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [205848 2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61472 2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [169408 2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [552848 2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [478096 2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [387176 2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
S1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2018-11-25] (Glarysoft LTD -> Glarysoft Ltd)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-09-06] (Malwarebytes Corporation -> Malwarebytes)
R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2018-09-15] (Microsoft Windows -> MediaTek Inc.)
S3 qcusbnet; C:\WINDOWS\System32\drivers\qcusbnet.sys [428600 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [47496 2019-09-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [344288 2019-09-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-09-06] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-06 16:32 - 2019-09-06 16:33 - 000022409 _____ C:\Users\User\Desktop\FRST.txt
2019-09-06 16:03 - 2019-09-06 16:03 - 000000552 _____ C:\Users\User\Desktop\JRT.txt
2019-09-06 15:54 - 2019-09-06 15:54 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-09-06 15:35 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-09-06 15:34 - 2019-09-06 15:34 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-09-06 15:34 - 2019-09-06 15:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-09-06 15:34 - 2019-09-06 15:34 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-09-06 15:34 - 2019-09-06 15:34 - 000000000 ____D C:\Program Files\Malwarebytes
2019-09-06 15:34 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-09-06 15:28 - 2019-09-06 16:03 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-09-06 15:28 - 2019-09-06 15:28 - 000002886 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-09-06 15:28 - 2019-09-06 15:28 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-09-06 15:28 - 2019-09-06 15:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-09-06 00:45 - 2019-09-06 00:45 - 001790024 _____ (Malwarebytes) C:\Users\User\Downloads\JRT.exe
2019-09-06 00:44 - 2019-09-06 00:45 - 001615360 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2019-09-06 00:34 - 2019-09-06 00:34 - 020889016 _____ (Piriform Software Ltd) C:\Users\User\Downloads\ccsetup561 (3).exe
2019-09-06 00:34 - 2019-09-06 00:34 - 020889016 _____ (Piriform Software Ltd) C:\Users\User\Downloads\ccsetup561 (2).exe
2019-09-06 00:33 - 2019-09-06 00:34 - 020889016 _____ (Piriform Software Ltd) C:\Users\User\Downloads\ccsetup561 (1).exe
2019-09-05 21:15 - 2019-09-05 21:15 - 000000000 ____D C:\Users\User\AppData\LocalLow\Oracle
2019-09-05 18:14 - 2019-09-05 18:15 - 066088240 _____ (Malwarebytes ) C:\Program Files (x86)\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.12321.exe
2019-09-03 16:33 - 2019-09-03 16:34 - 000614376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-08-31 10:55 - 2019-08-31 10:55 - 000363912 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-08-31 10:55 - 2019-08-31 10:55 - 000236024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-08-31 10:55 - 2019-08-31 10:55 - 000169408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-08-30 10:20 - 2019-08-30 10:20 - 000002580 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Empresarial.lnk
2019-08-30 10:20 - 2019-08-30 10:20 - 000002531 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-08-30 10:19 - 2019-08-30 10:19 - 000002512 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-08-30 10:19 - 2019-08-30 10:19 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-08-30 10:19 - 2019-08-30 10:19 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-08-30 10:19 - 2019-08-30 10:19 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-08-30 10:19 - 2019-08-30 10:19 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-08-30 10:19 - 2019-08-30 10:19 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-08-30 10:19 - 2019-08-30 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2019-08-29 18:10 - 2019-08-29 18:20 - 003103911 _____ C:\Users\User\Downloads\y2mate.com - grupos_de_whatsapp_del_colegio_a_favor_o_en_contra_maribel_martinez_psicologa_N92PMscY88A_1080p (1).mp4
2019-08-29 10:17 - 2019-08-29 10:17 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-08-28 17:32 - 2019-08-28 17:35 - 000087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140_clr0400.dll
2019-08-28 17:31 - 2019-08-28 17:35 - 000772176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_clr0400.dll
2019-08-28 17:31 - 2019-08-28 17:35 - 000702400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase_clr0400.dll
2019-08-28 17:31 - 2019-08-28 17:35 - 000622832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_clr0400.dll
2019-08-28 17:31 - 2019-08-28 17:35 - 000433448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140_clr0400.dll
2019-08-28 17:31 - 2019-08-28 17:35 - 000083768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140_clr0400.dll
2019-08-28 17:31 - 2019-08-28 17:35 - 000032816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2019-08-28 17:31 - 2019-08-28 17:35 - 000029232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2019-08-28 17:31 - 2019-08-28 17:35 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2019-08-28 17:31 - 2019-08-28 17:35 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2019-08-27 18:12 - 2019-08-27 18:12 - 000000783 _____ C:\Users\User\Desktop\27 aagosto 19.txt
2019-08-26 08:30 - 2019-08-26 08:30 - 000462284 _____ C:\Users\User\Downloads\Calendario 2019-20.pdf
2019-08-24 13:16 - 2019-08-24 13:16 - 000057899 _____ C:\Users\User\Downloads\Documento (4).pdf
2019-08-22 10:07 - 2019-08-22 10:07 - 000321513 _____ C:\Users\User\Downloads\1HSN190700377412.pdf
2019-08-22 10:07 - 2019-08-22 10:07 - 000321513 _____ C:\Users\User\Downloads\1HSN190700377412 (1).pdf
2019-08-20 00:00 - 2019-08-20 00:11 - 000000000 ____D C:\Users\User\Documents\Lino
2019-08-18 05:57 - 2019-08-18 05:59 - 000001801 _____ C:\Users\User\Documents\partidos real oviedo.txt
2019-08-14 07:38 - 2019-08-14 07:38 - 011724288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2019-08-14 07:38 - 2019-08-14 07:38 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-08-14 07:38 - 2019-08-14 07:38 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2019-08-14 07:38 - 2019-08-14 07:38 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2019-08-14 07:37 - 2019-08-14 07:38 - 002323688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 023453696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 020816896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 019011584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 012939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 012244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 008900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 007871488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 006544552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 006308016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 006065152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 005587968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 004628992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 004344832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 003818632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-08-14 07:37 - 2019-08-14 07:37 - 003656704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 003614720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 002942976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 002778760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 002278792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 002177336 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-08-14 07:37 - 2019-08-14 07:37 - 002017792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-08-14 07:37 - 2019-08-14 07:37 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 001477432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 001465984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 001290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 001278808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2019-08-14 07:37 - 2019-08-14 07:37 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 001222160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 001221528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-08-14 07:37 - 2019-08-14 07:37 - 000993792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-08-14 07:37 - 2019-08-14 07:37 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000806024 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-08-14 07:37 - 2019-08-14 07:37 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000783184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000763392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-08-14 07:37 - 2019-08-14 07:37 - 000522104 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-08-14 07:37 - 2019-08-14 07:37 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2PGraph.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2PGraph.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-08-14 07:37 - 2019-08-14 07:37 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingDiagSpp.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000317240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-08-14 07:37 - 2019-08-14 07:37 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-08-14 07:37 - 2019-08-14 07:37 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-08-14 07:37 - 2019-08-14 07:37 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2pnetsh.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2019-08-14 07:37 - 2019-08-14 07:37 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-08-14 07:37 - 2019-08-14 07:37 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\p2pnetsh.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000173216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xmllite.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-08-14 07:37 - 2019-08-14 07:37 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000152576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000152576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fsutil.exe
2019-08-14 07:37 - 2019-08-14 07:37 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000114128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000092832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-08-14 07:37 - 2019-08-14 07:37 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Groupinghc.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000058882 _____ C:\WINDOWS\system32\srms.dat
2019-08-14 07:37 - 2019-08-14 07:37 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2019-08-14 07:37 - 2019-08-14 07:37 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shunimpl.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 022114960 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-08-14 07:36 - 2019-08-14 07:36 - 007884288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 006925312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 005570968 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 004737536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-08-14 07:36 - 2019-08-14 07:36 - 004351656 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-08-14 07:36 - 2019-08-14 07:36 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 003978240 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 003635200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-08-14 07:36 - 2019-08-14 07:36 - 003385856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 003363856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-08-14 07:36 - 2019-08-14 07:36 - 003333632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 002926096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-08-14 07:36 - 2019-08-14 07:36 - 002842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 002700792 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 002438576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-08-14 07:36 - 2019-08-14 07:36 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 002073232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 001966904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-08-14 07:36 - 2019-08-14 07:36 - 001733120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 001715712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 001715000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 001701880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-08-14 07:36 - 2019-08-14 07:36 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 001483872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 001479184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 001472568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-08-14 07:36 - 2019-08-14 07:36 - 001466880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 001391096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2019-08-14 07:36 - 2019-08-14 07:36 - 001344960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-08-14 07:36 - 2019-08-14 07:36 - 001321784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 001267712 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 001260560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-08-14 07:36 - 2019-08-14 07:36 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-08-14 07:36 - 2019-08-14 07:36 - 001180464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-08-14 07:36 - 2019-08-14 07:36 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-08-14 07:36 - 2019-08-14 07:36 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-08-14 07:36 - 2019-08-14 07:36 - 001038336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000864568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2019-08-14 07:36 - 2019-08-14 07:36 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-08-14 07:36 - 2019-08-14 07:36 - 000771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000678680 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-08-14 07:36 - 2019-08-14 07:36 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000649528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000586256 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000535056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-08-14 07:36 - 2019-08-14 07:36 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000515440 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2019-08-14 07:36 - 2019-08-14 07:36 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-08-14 07:36 - 2019-08-14 07:36 - 000398928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-08-14 07:36 - 2019-08-14 07:36 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingDiagSpp.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2019-08-14 07:36 - 2019-08-14 07:36 - 000262336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-08-14 07:36 - 2019-08-14 07:36 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-08-14 07:36 - 2019-08-14 07:36 - 000200504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-08-14 07:36 - 2019-08-14 07:36 - 000152080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000121656 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2019-08-14 07:36 - 2019-08-14 07:36 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-08-14 07:36 - 2019-08-14 07:36 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdcpw.dll
2019-08-14 07:36 - 2019-08-14 07:36 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\shunimpl.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 007687784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 003567104 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 003335224 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 002999808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 002767160 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-08-14 07:35 - 2019-08-14 07:35 - 002593544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 002022096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 001892864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 001674752 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 001662264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 001294488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-08-14 07:35 - 2019-08-14 07:35 - 001232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-08-14 07:35 - 2019-08-14 07:35 - 001205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 001048376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-08-14 07:35 - 2019-08-14 07:35 - 001020416 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000895792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000850976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000831288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-08-14 07:35 - 2019-08-14 07:35 - 000799784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000794040 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000788480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000764416 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-08-14 07:35 - 2019-08-14 07:35 - 000743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000732168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-08-14 07:35 - 2019-08-14 07:35 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-08-14 07:35 - 2019-08-14 07:35 - 000603280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-08-14 07:35 - 2019-08-14 07:35 - 000508968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-08-14 07:35 - 2019-08-14 07:35 - 000482104 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-08-14 07:35 - 2019-08-14 07:35 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000449576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000444728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-08-14 07:35 - 2019-08-14 07:35 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-08-14 07:35 - 2019-08-14 07:35 - 000396088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000375752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-08-14 07:35 - 2019-08-14 07:35 - 000349696 _____ (Microsoft Corporation)C:\WINDOWS\system32\dnsrslvr.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000310072 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000294512 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000278624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-08-14 07:35 - 2019-08-14 07:35 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000253256 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000248120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2019-08-14 07:35 - 2019-08-14 07:35 - 000230848 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-08-14 07:35 - 2019-08-14 07:35 - 000203064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000193040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-08-14 07:35 - 2019-08-14 07:35 - 000189712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000141736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2019-08-14 07:35 - 2019-08-14 07:35 - 000125016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000118480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pmem.sys
2019-08-14 07:35 - 2019-08-14 07:35 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-08-14 07:35 - 2019-08-14 07:35 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-08-14 07:35 - 2019-08-14 07:35 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiskSnapshot.exe
2019-08-14 07:35 - 2019-08-14 07:35 - 000087056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-08-14 07:35 - 2019-08-14 07:35 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-08-14 07:35 - 2019-08-14 07:35 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-08-14 07:35 - 2019-08-14 07:35 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-08-14 07:35 - 2019-08-14 07:35 - 000032784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2019-08-14 07:35 - 2019-08-14 07:35 - 000032568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2019-08-14 07:35 - 2019-08-14 07:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-08-14 07:35 - 2019-08-14 07:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-08-14 07:35 - 2019-08-14 07:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-08-14 07:35 - 2019-08-14 07:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-08-14 07:35 - 2019-08-14 07:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-08-14 07:35 - 2019-08-14 07:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-08-14 07:35 - 2019-08-14 07:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-08-14 07:35 - 2019-08-14 07:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-08-14 07:35 - 2019-08-14 07:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-06 16:32 - 2019-06-10 17:16 - 000000000 ____D C:\FRST
2019-09-06 16:30 - 2019-04-11 00:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-09-06 16:30 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-09-06 16:29 - 2019-05-23 16:28 - 000004294 _____ C:\WINDOWS\System32\Tasks\Avast SecureLine VPN Update
2019-09-06 16:03 - 2019-05-06 23:05 - 000004286 _____ C:\WINDOWS\System32\Tasks\Avast Cleanup Update
2019-09-06 15:58 - 2019-04-11 01:06 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-09-06 15:58 - 2018-08-13 18:55 - 000000000 ____D C:\Users\User\AppData\Local\AVAST Software
2019-09-06 15:54 - 2019-04-11 01:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-06 15:54 - 2018-06-28 19:24 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles
2019-09-06 15:51 - 2018-09-15 08:09 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2019-09-06 15:35 - 2018-09-15 09:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-09-06 15:30 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-09-06 15:28 - 2018-08-24 18:15 - 000000000 ____D C:\Program Files\CCleaner
2019-09-06 00:22 - 2019-04-11 01:06 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-09-06 00:13 - 2019-04-11 00:42 - 000000000 ____D C:\Users\Administrator
2019-09-06 00:01 - 2018-04-11 05:19 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-09-05 22:29 - 2019-07-08 23:21 - 000003800 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-09-05 22:29 - 2019-04-11 01:06 - 000003420 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5D2CEF53-4638-49ED-9552-CBB1FCEDD913}
2019-09-05 22:29 - 2019-04-11 01:06 - 000003406 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-09-05 22:29 - 2019-04-11 01:06 - 000003182 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-09-05 22:29 - 2019-04-11 01:06 - 000002922 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2363524323-2270306343-1107792746-1002
2019-09-05 22:29 - 2019-04-11 01:06 - 000002922 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2363524323-2270306343-1107792746-1001
2019-09-05 21:46 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-09-05 21:46 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-09-05 21:24 - 2018-11-11 23:15 - 000000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2019-09-05 21:18 - 2019-06-10 16:47 - 000000000 ____D C:\Users\User\Desktop\forospy
2019-09-05 17:28 - 2018-08-13 18:49 - 000000000 ____D C:\ProgramData\AVAST Software
2019-09-05 17:21 - 2018-06-28 19:24 - 000000000 ____D C:\Users\User\AppData\Roaming\Synaptics
2019-09-05 16:22 - 2018-11-25 22:09 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2019-09-05 16:12 - 2018-11-02 11:45 - 000000000 ____D C:\Users\User\Documents\CONT
2019-09-05 00:19 - 2018-08-26 04:17 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2019-09-05 00:16 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-09-04 21:32 - 2019-04-11 01:06 - 000003542 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-09-04 20:45 - 2018-08-20 16:41 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2019-09-04 19:26 - 2019-03-06 21:52 - 000000000 ____D C:\Program Files (x86)\TEDI_telecable
2019-09-04 18:21 - 2019-04-20 13:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-09-02 19:29 - 2019-02-03 01:30 - 000005544 _____ C:\Users\User\Desktop\ENLACES.odt
2019-09-02 17:46 - 2019-04-07 01:18 - 000000000 ___DC C:\WINDOWS\Panther
2019-08-31 11:10 - 2018-11-11 23:15 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-08-31 10:56 - 2018-08-13 18:52 - 000478096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-08-31 10:55 - 2019-05-06 22:20 - 000552848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2019-08-31 10:55 - 2019-01-14 16:50 - 000263008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-08-31 10:55 - 2019-01-05 19:14 - 000205848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-08-31 10:55 - 2019-01-05 19:14 - 000061472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-08-31 10:55 - 2018-10-22 20:23 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-08-31 10:55 - 2018-08-13 18:52 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-08-31 10:55 - 2018-08-13 18:52 - 000387176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-08-31 10:55 - 2018-08-13 18:52 - 000209552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-08-31 10:55 - 2018-08-13 18:52 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-08-31 10:55 - 2018-08-13 18:52 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-08-30 10:48 - 2018-08-24 11:21 - 000000000 ____D C:\Users\User\Documents\artículos prensa
2019-08-30 10:18 - 2018-08-23 19:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-08-30 10:16 - 2019-08-04 01:22 - 000212992 _____ C:\WINDOWS\system32\ClickToRun_Pipeline16
2019-08-29 23:11 - 2018-08-29 19:10 - 000000000 ____D C:\Users\User\Documents\3°E
2019-08-29 23:04 - 2018-09-15 08:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-08-29 22:43 - 2019-04-11 01:04 - 000017148 _____ C:\WINDOWS\diagwrn.xml
2019-08-29 22:43 - 2019-04-11 01:04 - 000017148 _____ C:\WINDOWS\diagerr.xml
2019-08-29 22:43 - 2019-03-19 09:30 - 000000000 ___HD C:\$WINDOWS.~BT
2019-08-29 17:21 - 2018-12-23 22:36 - 000000000 ____D C:\Users\User\Documents\ch
2019-08-29 09:10 - 2018-09-15 08:09 - 000000000 ____D C:\WINDOWS\servicing
2019-08-28 22:58 - 2018-04-11 05:28 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2019-08-28 12:51 - 2018-10-13 20:05 - 000000000 ____D C:\Users\User\Documents\recetas
2019-08-28 08:57 - 2018-08-12 17:51 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-28 08:57 - 2018-08-12 17:51 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-27 18:19 - 2018-06-28 19:04 - 000741432 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-08-27 18:11 - 2019-06-18 23:20 - 000000252 _____ C:\DelFix.txt
2019-08-26 16:56 - 2018-08-19 15:06 - 000000000 __SHD C:\Users\eleni\IntelGraphicsProfiles
2019-08-26 10:01 - 2018-08-13 19:31 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-08-26 08:32 - 2018-09-16 19:47 - 000000000 ____D C:\Users\User\Documents\cole
2019-08-20 00:12 - 2018-08-31 18:26 - 000000000 ____D C:\Users\User\AppData\Roaming\vlc
2019-08-17 19:03 - 2018-08-19 15:07 - 000000000 ___RD C:\Users\eleni\3D Objects
2019-08-17 19:03 - 2018-04-11 05:28 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-17 18:43 - 2019-01-09 21:02 - 000000000 ____D C:\Users\User\Documents\Miami 2019
2019-08-15 06:18 - 2019-04-11 10:01 - 000748218 _____ C:\WINDOWS\system32\perfh00A.dat
2019-08-15 06:18 - 2019-04-11 10:01 - 000144990 _____ C:\WINDOWS\system32\perfc00A.dat
2019-08-15 06:18 - 2019-04-11 00:54 - 001678440 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-14 19:02 - 2018-04-11 05:28 - 000000000 ___RD C:\Users\User\3D Objects
2019-08-14 09:05 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-08-14 09:04 - 2019-04-11 10:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\es-MX
2019-08-14 09:04 - 2018-09-15 11:11 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-08-14 09:04 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-08-14 09:04 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-08-14 09:04 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-08-14 09:04 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\Provisioning
2019-08-14 09:04 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-08-14 09:04 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-08-14 07:56 - 2018-06-28 19:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-08-14 07:41 - 2018-06-28 19:01 - 134272480 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-08-12 09:20 - 2019-04-11 00:42 - 000002398 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-08-12 09:20 - 2018-04-11 05:31 - 000000000 ___RD C:\Users\User\OneDrive
2019-08-10 07:56 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-08-09 22:14 - 2018-11-11 23:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
==================== Files in the root of some directories ================
2018-11-24 12:40 - 2018-11-24 12:40 - 001438086 _____ (Igor Pavlov) C:\Program Files\7z1805-x64.exe
2018-11-24 21:26 - 2018-11-24 21:27 - 086412328 _____ () C:\Program Files (x86)\Ace_Stream_Media_3.1.32.exe
2019-05-06 22:15 - 2019-05-06 22:15 - 006643904 _____ () C:\Program Files (x86)\Avast Premier Full 2019 Por R3TZHOTUTOS 95.rar
2018-08-13 18:46 - 2018-08-13 18:46 - 007397256 _____ (AVAST Software) C:\Program Files (x86)\avast_free_antivirus_setup_online.exe
2019-02-01 20:54 - 2019-02-01 20:54 - 008120256 _____ (CodeTwo) C:\Program Files (x86)\C2QRCodeDesktopReaderGeneratorSetup.exe
2019-04-19 19:41 - 2019-04-19 19:41 - 014360370 _____ () C:\Program Files (x86)\CC5.56 [www.tecnotutoshd.net].zip
2018-08-12 17:38 - 2018-08-12 17:38 - 001130840 _____ (Google Inc.) C:\Program Files (x86)\ChromeSetup.exe
2019-02-24 20:08 - 2019-02-24 20:08 - 000453740 _____ () C:\Program Files (x86)\EdgeBlock.zip
2018-08-13 18:38 - 2018-08-13 18:43 - 005454570 _____ () C:\Program Files (x86)\FSCapture90.zip
2018-11-21 23:22 - 2018-11-21 23:22 - 000655582 _____ (GBOOKSDOWNLOADER.COM ) C:\Program Files (x86)\gbooks.exe
2018-09-03 17:28 - 2018-09-03 17:28 - 032342371 _____ () C:\Program Files (x86)\GLYUESP.rar
2018-11-25 22:08 - 2018-11-25 22:09 - 017435632 _____ (Glarysoft Ltd) C:\Program Files (x86)\gu5setup.exe
2018-08-12 18:00 - 2018-08-12 18:01 - 282513408 _____ () C:\Program Files (x86)\LibreOffice_6.1.0_Win_x64.msi
2019-09-05 18:14 - 2019-09-05 18:15 - 066088240 _____ (Malwarebytes ) C:\Program Files (x86)\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.12321.exe
2018-08-23 18:59 - 2018-08-23 18:59 - 004534056 _____ (Microsoft Corporation) C:\Program Files (x86)\Setup.x86.es-es_ProfessionalRetail_NKGG6-WBPCC-HXWMY-6DQGJ-CPQVG_act_1_.exe
2019-03-06 21:49 - 2019-03-06 21:50 - 077926912 _____ () C:\Program Files (x86)\TEDI_telecable.msi
2018-08-31 17:29 - 2018-08-31 17:29 - 020900464 _____ (BitTorrent, Inc.) C:\Program Files (x86)\utweb_installer.exe
2018-08-31 18:15 - 2018-08-31 18:16 - 041465128 _____ () C:\Program Files (x86)\vlc-3.0.3-win64.exe
2018-08-13 18:40 - 2018-08-13 18:40 - 003206608 _____ (Alexander Roshal) C:\Program Files (x86)\winrar-x64-560es.exe
2019-05-06 22:26 - 2019-05-06 22:26 - 000000000 _____ () C:\Users\User\AppData\Local\{7951E7E3-C51F-4834-BBC5-1CB917C751C2}
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-09-2019
Ran by User (06-09-2019 16:34:52)
Running from C:\Users\User\Desktop
Windows 10 Pro Version 1809 17763.678 (X64) (2019-04-10 23:07:50)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2363524323-2270306343-1107792746-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2363524323-2270306343-1107792746-503 - Limited - Disabled)
eleni (S-1-5-21-2363524323-2270306343-1107792746-1002 - Limited - Enabled) => C:\Users\eleni
Guest (S-1-5-21-2363524323-2270306343-1107792746-501 - Limited - Disabled)
User (S-1-5-21-2363524323-2270306343-1107792746-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-2363524323-2270306343-1107792746-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.207 - Adobe)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 19.1.7734 - AVAST Software)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 19.7.2388 - AVAST Software)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 5.2.438 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
CodeTwo QR Code Desktop Reader & Generator (HKLM-x32\...\{AF7E31D6-980C-4788-B80C-47F1837CF44C}) (Version: 1.1.2.4 - CodeTwo)
Glary Utilities PRO 5.118 (HKLM-x32\...\Glary Utilities 5) (Version: 5.118.0.143 - Glarysoft Ltd)
Google Books Downloader version 2.7 (HKLM-x32\...\{216729B6-014A-F413-814F-F17F74FBA113}_is1) (Version: 2.7 - GBOOKSDOWNLOADER.COM)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.0.3.300 - )
LibreOffice 6.1.0.3 (HKLM\...\{DD50CAE9-27C5-452F-A910-1E7A00D8EEE2}) (Version: 6.1.0.3 - The Document Foundation)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.11929.20254 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2363524323-2270306343-1107792746-1001\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2363524323-2270306343-1107792746-1002\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 68.0.2 (x64 es-ES) (HKLM\...\Mozilla Firefox 68.0.2 (x64 es-ES)) (Version: 68.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11929.20254 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20254 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20254 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.11929.20254 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
ViewRight Web PC 4.1.2.0 (HKLM-x32\...\{40361A03-B6D7-461C-90EB-8D7DBF2A94E6}) (Version: 4.1.2.0 - Verimatrix, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.2058.0_x64__rz1tebttyb220 [2019-09-05] (Dolby Laboratories)
Kodi -> C:\Program Files\WindowsApps\XBMCFoundation.Kodi_18.3.500.0_x64__4n2hpmxwrvr6p [2019-07-01] (XBMC Foundation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2363524323-2270306343-1107792746-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2363524323-2270306343-1107792746-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynTPCpl.dll",ShowDevicePropPage 1
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-11] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-11] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-11] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-02-21 21:00 - 2019-02-21 21:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-05-06 23:06 - 2018-09-05 21:32 - 002095104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\SecureLine\libcrypto-1_1.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 01:38 - 2019-05-06 22:17 - 000000837 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-01-20 03:33 - 2019-01-20 03:33 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2363524323-2270306343-1107792746-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
HKU\S-1-5-21-2363524323-2270306343-1107792746-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\eleni\Documents\get shit done picture.png
HKU\S-1-5-21-2363524323-2270306343-1107792746-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKU\S-1-5-21-2363524323-2270306343-1107792746-1001\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-2363524323-2270306343-1107792746-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2363524323-2270306343-1107792746-500\...\StartupApproved\Run: => "OneDriveSetup"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1EE29DFC-095E-4DF2-ADC2-D7116758A85D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3573A0AC-F8C4-4A7B-845D-35B9F3D0E36B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DF320001-BF04-4A76-8203-1839E8C4FD76}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DFB5FB81-0B6A-46F5-B737-5E314B426539}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CB7B1ADA-0F58-406B-ABA9-7EA2286A2D0A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{38306310-1311-47DC-AA56-CFD240D67CE3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E7939559-9638-4B45-93E1-91CF134C1ECF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E3E7BD27-C7D8-425F-B7F9-D3630D47E5D9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{435297A4-531E-4135-B3BB-E1E54C199EEB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4E3D7025-972C-491E-9BEE-DB49779C6F58}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1BF3DAFA-9C89-4B82-BDB5-417529049B8D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D0B37B81-09F5-42A4-A3FA-91D2F411848D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0F0C8C5-EF7D-4BF0-81FA-1E7F680F34C0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A7ED4930-DAFF-4B6A-AD39-93E22A450017}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C9CD9612-09E1-4211-AA66-6C2826F6156C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{34605442-2FA5-4D41-A85C-4E37C78CE6DF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DA33AB5E-7115-4243-A0EF-7D0C361CE927}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1DF02B4E-76C5-43DF-8C09-6BC20C346CD8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{82394CA5-9C82-4A54-992F-F1D584EA77DD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E099317A-327D-47F5-ABCA-F8238240C4BC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{422A6CC2-243C-4479-BA20-119EB8D0D8E9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CD4E06CD-26C6-4F10-BF87-6CBA32CE3EB9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C20BD33E-33B2-4D81-BF4C-4F278B4CE1C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{20544EE2-345E-4981-959C-66AFCF747075}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
23-08-2019 00:05:51 Scheduled Checkpoint
28-08-2019 17:30:31 Windows Update
04-09-2019 19:25:49 TEDI eliminado.
06-09-2019 15:59:31 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/06/2019 03:55:38 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007267C
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (09/06/2019 03:17:37 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007007B
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (09/06/2019 03:17:35 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007007B
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (09/06/2019 03:17:32 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007007B
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (09/06/2019 12:25:23 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa explorer.exe (versión 10.0.17763.652) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.
Id. de proceso: 132c
Hora de Inicio: 01d56437cdfecae1
Hora de finalización: 0
Ruta de la aplicación: C:\Windows\explorer.exe
Id. de informe: 0018feee-c383-48d4-b3fc-e0f713431858
Nombre completo del paquete con errores:
Id. de la aplicación relativa al paquete con errores:
Tipo de bloqueo: Unknown
Error: (09/06/2019 12:19:04 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007007B
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (09/06/2019 12:19:01 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007007B
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (09/06/2019 12:18:57 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007007B
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
System errors:
=============
Error: (09/06/2019 03:58:03 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-6LFIHEJ)
Description: La configuración de permisos application-specific no concede el permiso Activation Local para la aplicación de servidor COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
y APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
al usuario DESKTOP-6LFIHEJ\User con SID (S-1-5-21-2363524323-2270306343-1107792746-1001) en la dirección LocalHost (Using LRPC) que se ejecuta en el contenedor de aplicaciones con SID Unavailable (Unavailable). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (09/06/2019 03:51:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio HuaweiHiSuiteService64.exe se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (09/06/2019 03:51:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Validity WBF Policy Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (09/06/2019 03:51:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) HD Graphics Control Panel Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (09/06/2019 03:36:31 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-6LFIHEJ)
Description: La configuración de permisos application-specific no concede el permiso Activation Local para la aplicación de servidor COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
y APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
al usuario DESKTOP-6LFIHEJ\User con SID (S-1-5-21-2363524323-2270306343-1107792746-1001) en la dirección LocalHost (Using LRPC) que se ejecuta en el contenedor de aplicaciones con SID Unavailable (Unavailable). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (09/06/2019 03:28:46 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-6LFIHEJ)
Description: La configuración de permisos application-specific no concede el permiso Activation Local para la aplicación de servidor COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
y APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
al usuario DESKTOP-6LFIHEJ\User con SID (S-1-5-21-2363524323-2270306343-1107792746-1001) en la dirección LocalHost (Using LRPC) que se ejecuta en el contenedor de aplicaciones con SID Unavailable (Unavailable). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (09/06/2019 03:26:19 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-6LFIHEJ)
Description: La configuración de permisos application-specific no concede el permiso Activation Local para la aplicación de servidor COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
y APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
al usuario DESKTOP-6LFIHEJ\User con SID (S-1-5-21-2363524323-2270306343-1107792746-1001) en la dirección LocalHost (Using LRPC) que se ejecuta en el contenedor de aplicaciones con SID Unavailable (Unavailable). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (09/06/2019 03:26:03 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-6LFIHEJ)
Description: La configuración de permisos application-specific no concede el permiso Activation Local para la aplicación de servidor COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
y APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
al usuario DESKTOP-6LFIHEJ\User con SID (S-1-5-21-2363524323-2270306343-1107792746-1001) en la dirección LocalHost (Using LRPC) que se ejecuta en el contenedor de aplicaciones con SID Unavailable (Unavailable). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Windows Defender:
===================================
Date: 2019-06-11 10:10:27.643
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: High
Categoría: Tool
Ruta de acceso: file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe; process:_pid:3324,ProcessStart:132047136054763952
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-6LFIHEJ\User
Nombre de proceso: C:\ProgramData\KMSAutoS\KMSAuto Net.exe
Versión de firma: AV: 1.295.102.0, AS: 1.295.102.0, NIS: 1.295.102.0
Versión de motor: AM: 1.1.16000.6, NIS: 1.1.16000.6
Date: 2019-06-11 10:10:25.839
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: High
Categoría: Tool
Ruta de acceso: file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-6LFIHEJ\User
Nombre de proceso: C:\ProgramData\KMSAutoS\KMSAuto Net.exe
Versión de firma: AV: 1.295.102.0, AS: 1.295.102.0, NIS: 1.295.102.0
Versión de motor: AM: 1.1.16000.6, NIS: 1.1.16000.6
Date: 2019-06-11 10:10:15.567
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: High
Categoría: Tool
Ruta de acceso: file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe; file:_C:\WINDOWS\System32\Tasks\KMSAutoNet->(UTF-16LE); process:_pid:3324,ProcessStart:132047136054763952; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D675921-FCFB-4729-8CB6-75E0714E0424}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KMSAutoNet; taskscheduler:_C:\WINDOWS\System32\Tasks\KMSAutoNet
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\ProgramData\KMSAutoS\KMSAuto Net.exe
Versión de firma: AV: 1.295.102.0, AS: 1.295.102.0, NIS: 1.295.102.0
Versión de motor: AM: 1.1.16000.6, NIS: 1.1.16000.6
Date: 2019-06-11 10:08:52.230
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: High
Categoría: Tool
Ruta de acceso: file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-6LFIHEJ\User
Nombre de proceso: C:\ProgramData\KMSAutoS\KMSAuto Net.exe
Versión de firma: AV: 1.295.102.0, AS: 1.295.102.0, NIS: 1.295.102.0
Versión de motor: AM: 1.1.16000.6, NIS: 1.1.16000.6
Date: 2019-06-11 10:08:39.963
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: High
Categoría: Tool
Ruta de acceso: file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe; process:_pid:3324,ProcessStart:132047136054763952
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\ProgramData\KMSAutoS\KMSAuto Net.exe
Versión de firma: AV: 1.295.102.0, AS: 1.295.102.0, NIS: 1.295.102.0
Versión de motor: AM: 1.1.16000.6, NIS: 1.1.16000.6
Date: 2019-08-05 08:21:48.309
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.295.102.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual:
Versión de motor anterior: 1.1.16000.6
Código de error: 0x80072ee7
Descripción del error: The server name or address could not be resolved
Date: 2019-08-05 08:21:48.308
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.295.102.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual:
Versión de motor anterior: 1.1.16000.6
Código de error: 0x80072ee7
Descripción del error: The server name or address could not be resolved
Date: 2019-08-05 08:21:48.307
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.295.102.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual:
Versión de motor anterior: 1.1.16000.6
Código de error: 0x80072ee7
Descripción del error: The server name or address could not be resolved
Date: 2019-08-05 08:21:48.284
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.295.102.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual:
Versión de motor anterior: 1.1.16000.6
Código de error: 0x80072ee7
Descripción del error: The server name or address could not be resolved
Date: 2019-08-05 08:21:48.283
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.295.102.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual:
Versión de motor anterior: 1.1.16000.6
Código de error: 0x80072ee7
Descripción del error: The server name or address could not be resolved
CodeIntegrity:
===================================
Date: 2019-09-06 15:54:09.843
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-06 15:16:35.199
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-06 00:17:41.461
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-05 23:52:16.573
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-05 21:08:12.372
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-05 17:32:31.658
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-05 17:32:31.557
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-05 17:32:31.438
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Insyde F.22 10/25/2012
Motherboard: Hewlett-Packard 18A4
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 35%
Total physical RAM: 8088.28 MB
Available physical RAM: 5218.69 MB
Total Virtual: 9368.28 MB
Available Virtual: 6982.61 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:697.18 GB) (Free:562.8 GB) NTFS
\\?\Volume{340449c4-0791-4b73-8676-3ed0b722ebaa}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{8c247f58-2bcd-412e-8005-efdcf0a57813}\ () (Fixed) (Total:0.85 GB) (Free:0.34 GB) NTFS
\\?\Volume{1ae18fed-5e97-44e3-b15c-890ebd8a024d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 40BEBE1B)
Partition: GPT.
==================== End of Addition.txt ============================Bien… y ahora sigue estos pasos, MUY Importante Realiza una copia de seguridad del registro :
Para hacerlo descarga DelFix.exe(en tu escritorio).
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
Atención, ahora marca/selecciona únicamente la casilla Create registry backup, las demás casillas NO.
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKU\S-1-5-21-2363524323-2270306343-1107792746-1001\...\MountPoints2: {ce6a03c2-262a-11e9-8fe0-6c3be581b560} - "D:\HiSuiteDownLoader.exe"
IFEO\MicrosoftEdge.exe: [Debugger] /
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SynRemoveUserSettings.bat [2015-09-02] () [File not signed]
Startup: C:\Users\eleni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SynRemoveUserSettings.bat [2015-09-02] () [File not signed]
BootExecute: autocheck autochk *
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
FF HKU\S-1-5-21-2363524323-2270306343-1107792746-1001\...\Firefox\Extensions: [[email protected]] - C:\Users\User\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
ENDGuárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.
Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
Presionar el botón FIX y aguardar a que termine.
La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).
Pegar el contenido de este fichero en tu próxima respuesta.
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Saludos.
He llegado hasta el 2º método, pero ya me pasó en el mensaje anterior. No me salen exactamente las pantallas que tú dices en “modo a prueba de fallos”. Después de entrar en “opciones avanzadas” no me salen las opciones del tutorial, me sale alguna más:
System restore - uninstall updates - system image recovery - setup repair - command prompt -UEFI firmware setting Si cojo esta última opción, me aparecen varias opciones ( F1, F2, F9, F10…) system information, system diagnostics, bios setup… No sé si es porque tengo Windows 10, aunque en el post me dices que también es aplicable a este sistema.
La vez anterior me habías mandado un .exe pero tampoco funciona (sale lo de “más información” y después desaparece). la verdad es que ya no sé que hacer… Gracias.
Hola @vicen00
Sigue de nuevo estos pasos :
Desactiva temporalmente el Antivirus 
Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos que nos queden.
Descargas este nuevo ejecutable(en TU escritorio) 
Modo_Seguro_Red.exe (590 KB)
Ejecutalo y pulsamos en ACEPTAR o SÍ en las ventanas que te saldrán. 
Veamos si con este paso logras entrar al modo seguro de tu equipo directamente. 
Y puedes realizar el resto de los pasos.
Saludos.
Es lo que te decía en otro mensaje.No funciona el ejecutable.Después de pinchar en “más información”, hizo un amago de abrir una ventana pero se cerró. Lo intenté varias veces más y algunas veces se repite lo mismo y otras ni siquiera se abre. No sé si se podrá abrir a prueba de fallos de otra manera.
Gracias.
Hola.
Pues NO entiendo porque no te funciona ese proceso. 
Prueba con esta herramienta BootSafe.exe (275,1 KB), descargala en tu escritorio.
Ejecutala y pulsas en la opción “Safe Mode with Networking”, después pulsas en la opción de “Restat Windows” y Aceptas el mensaje de confirmación que saldrá pulsando en SI.
Cuando te inicie de nuevo el sistema deberá hacerlo desde ese modo de windows(Modo Seguro con Red) y te aparecerá un mensaje/aviso, al que deberás responder pulsando en SI, como este :
Nos comentas.
Saludos.
Hola. Hice lo que me dijiste y el “boot safe” funcionó y se reinició en modo a prueba de fallos, pero no permitía la conexión a Internet. De todos modos, pasé el FRST, aunque no se pudo actualizar. Te envío el informe. Una cosa más, el problema sigue igual. No solo es la barra lateral, también pasa con todos los iconos. Siempre queda seleccionado un icono del fondo de la pantalla, así que tengo que andar peleándome para poder pinchar donde lo necesite.
Fix result of Farbar Recovery Scan Tool (x64) Version: 04-09-2019
Ran by User (08-09-2019 13:33:36) Run:1
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User & eleni & Administrator)
Boot Mode: Safe Mode (with Networking)
==============================================
fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKU\S-1-5-21-2363524323-2270306343-1107792746-1001\...\MountPoints2: {ce6a03c2-262a-11e9-8fe0-6c3be581b560} - "D:\HiSuiteDownLoader.exe"
IFEO\MicrosoftEdge.exe: [Debugger] /
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SynRemoveUserSettings.bat [2015-09-02] () [File not signed]
Startup: C:\Users\eleni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SynRemoveUserSettings.bat [2015-09-02] () [File not signed]
BootExecute: autocheck autochk *
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
FF HKU\S-1-5-21-2363524323-2270306343-1107792746-1001\...\Firefox\Extensions: [[email protected]] - C:\Users\User\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKU\S-1-5-21-2363524323-2270306343-1107792746-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ce6a03c2-262a-11e9-8fe0-6c3be581b560} => removed successfully
HKLM\Software\Classes\CLSID\{ce6a03c2-262a-11e9-8fe0-6c3be581b560} => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MicrosoftEdge.exe => removed successfully
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SynRemoveUserSettings.bat => moved successfully
C:\Users\eleni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SynRemoveUserSettings.bat => moved successfully
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKU\S-1-5-21-2363524323-2270306343-1107792746-1001\Software\Mozilla\Firefox\Extensions\\[email protected]" => removed successfully
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN" => not found
C:\Program Files\VideoLAN\VLC\npvlc.dll => moved successfully
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN" => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\System\CurrentControlSet\Services\SmbDrvI => removed successfully
SmbDrvI => service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2363524323-2270306343-1107792746-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2363524323-2270306343-1107792746-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= End of CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Local Area Connection* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Local Area Connection* 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet 3 mientras los medios
est‚n desconectados.
========= End of CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores
========= End of CMD: =========
========= netsh advfirewall reset =========
Aceptar
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= End of CMD: =========
========= netsh int ipv4 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
========= netsh int ipv6 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 40558848 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 10524005 B
Edge => 36352 B
Chrome => 356192677 B
Firefox => 21616300 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 6344 B
LocalService => 0 B
NetworkService => 140187824 B
NetworkService => 0 B
User => 10760701 B
eleni => 1174411 B
Administrator => 14560 B
RecycleBin => 86247336 B
EmptyTemp: => 646.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 13:38:02 ====Hola.
Bien… aparentemente NO es un problema de infección. 
Tu equipo es un Portátil…??
Usas un ratón externo conectado por USB o usas un TouchPad…??
Sí, es un portátil y uso ratón externo, pero probé con el touchpad y ocurre lo mismo. Además el pc va muy lento y muchas veces no abre las carpetas o le cuesta mucho. No sé…
Hola.
Pues pasemos a verificar como tienes el disco duro de tu equipo, para hacerlo sigue el 3er. MÉTODO: descrito en esta Faq de ayuda ¿Cómo usar CHKDSK para realizar una comprobación del disco?, que es válida también para un Windows 10.
Una vez terminado el proceso, que puede/debe durar bastante rato, debes poner el informe que se habrá guardado por parte de Windows y que tienes que encontrar siguiendo estos pasos ¿Cuándo y cómo usar el visor de eventos (eventvwr.msc)?
Fíjate bien en como es el informe que viene en ese tema, para que busques algo similar y NO pongas cualquier otra cosa.
Nos pones el informe y comentas como sigue el problema del equipo.
Saludos.
El chkdsk se paró en el 11% y ya no avanzó más. Esperé como unas 3 horas pero nada.
@vicen00, Al menos se deben esperar 24h sin hacer o interrumpir para NADA el proceso, que el proceso parezca que se pare al 11% o cualquier otro porcentaje% NO indica que se haya quedado parado, internamente sigue su trabajo.
Y SIEMPRE antes de hacer nada con el equipo/proceso comentarlo con nosotros indicando como va el proceso. 
En un disco com problemas y de la capacidad del tuyo de casi 700Gb el proceso puede durar muchas mas horas de las indicadas.
DEJA que el proceso SIGA y espera mínimo 24 horas en TOTAL(desde su inicio) SI en ese tiempo no termina lo comentas sin PARARLO/CORTARLO o interrumpirlo.
Saludos.
Hola. He hecho lo que me has dicho. EN el vidor de eventos hay varias cosas, pero creo que lo más interesante es el que tiene como origen “Wininit” ya que si pinchas en los que pone “Winlogon” dice que el suscriptor de notificaciones Winlogon no estaba disponible. Otra cosa, después de reiniciar, windows se atualizó y ahora me pide la clave y su activación. No sé si estará relacionado con el problema del post. Te envío la información del “Wininit”
Checking file system on C:
The type of the file system is NTFS.
One of your disks needs to be checked for consistency. You
may cancel the disk check, but it is strongly recommended
that you continue.
Windows will now check the disk.
Stage 1: Examining basic file system structure ...
710912 file records processed.
File verification completed.
25456 large file records processed.
0 bad file records processed.
Stage 2: Examining file name linkage ...
51195 reparse records processed.
881476 index entries processed.
Index verification completed.
0 unindexed files scanned.
0 unindexed files recovered to lost and found.
51195 reparse records processed.
Stage 3: Examining security descriptors ...
Cleaning up 22 unused index entries from index $SII of file 0x9.
Cleaning up 22 unused index entries from index $SDH of file 0x9.
Cleaning up 22 unused security descriptors.
Security descriptor verification completed.
85283 data files processed.
CHKDSK is verifying Usn Journal...
34747536 USN bytes processed.
Usn Journal verification completed.
Stage 4: Looking for bad clusters in user file data ...
710896 files processed.
File data verification completed.
Stage 5: Looking for bad, free clusters ...
147303428 free clusters processed.
Free space verification is complete.
Windows has scanned the file system and found no problems.
No further action is required.
731048626 KB total disk space.
140724824 KB in 439731 files.
259076 KB in 85284 indexes.
0 KB in bad sectors.
851014 KB in use by the system.
65536 KB occupied by the log file.
589213712 KB available on disk.
4096 bytes in each allocation unit.
182762156 total allocation units on disk.
147303428 allocation units available on disk.
Internal Info:
00 d9 0a 00 e2 02 08 00 6d 3f 0f 00 00 00 00 00 ........m?......
8e 09 00 00 6d be 00 00 00 00 00 00 00 00 00 00 ....m...........
Windows has finished checking your disk.
Please wait while your computer restarts.Hola.
El informe es el correcto.
Y se instalo la ultima version de windows o fue una actualizacion normal/mensual…
En principio esa “petición” NO estaría relacionada con el problema que TU tenias en este tema. 
Ni nada de lo que hicimos debe provocar esa solicitud.
Se supone que TU sistema operativo era una version legal de Windows.??
En alguna ocasión que me ha ocurrido personalmente ese mismo problema con pasar por el apartado de “Activación” o incluso Reiniciando el equipo puede solucionarse.
Nos debes comentar ademas como sigue el problema inicialmente planteado.
Saludos.