Tengo un PC que me acaban de asignar en el trabajo el cual esta superlento, es desesperante, tarde 2 horas en realizar un trabajo que realizo en 30 min habitualmente.
Espero me puedan ayudar en la guia para realizar la limpieza de la misma.
Muchas gracia spor el apoyo a simple vista ya PC ya se siente mas ligera y agil , pero al paso del tiempo vuelve a alentarse y tengo que reiniciarla para que pueda trabajar bien.
Adjunto los codigos solicitados, por algun motivo el ZHPCleaner no me permite copiar el codigo me aparece error.
Volví a ejecutar el ZHP y no me permite entrar al report. Aparece una ventana emergente que dice que no encontro el fichero. Aparece un numero 7 a un costado del icono con la bombilla.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-04-2020
Ran by H243170 (01-05-2020 17:07:44)
Running from C:\Users\h243170\Downloads
Windows 10 Enterprise Version 1903 18362.720 (X64) (2020-02-15 11:30:58)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1593338273-1970461741-117478476-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1593338273-1970461741-117478476-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1593338273-1970461741-117478476-1000 - Limited - Disabled)
defaultuser1 (S-1-5-21-1593338273-1970461741-117478476-1012 - Limited - Enabled) => C:\Users\defaultuser1.DKTP475832.005
Guest (S-1-5-21-1593338273-1970461741-117478476-501 - Limited - Disabled)
Halliburton (S-1-5-21-1593338273-1970461741-117478476-1002 - Administrator - Enabled) => C:\Users\Halliburton
WDAGUtilityAccount (S-1-5-21-1593338273-1970461741-117478476-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Symantec Endpoint Protection (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{13DA9C7C-EBFB-40D0-94A1-55B42883DF21}) (Version: 21.2.1 - HP Inc.) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{2595E6DD-D6D4-42FC-80A8-6A711EBEC344}) (Version: 12.2.7.197 - Adobe Systems, Inc)
Carbon Black Sensor (HKLM-x32\...\{2ADD03FC-5CBA-4BF7-A20B-5CD5B2EA3F4A}) (Version: 6.1.9.81012 - Carbon Black, Inc)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Configuration Manager Client (HKLM\...\{2CE44167-3417-4A08-9CC3-9D7D9B5C9AE9}) (Version: 5.00.8913.1000 - Microsoft Corporation) Hidden
Google Chrome (HKU\S-1-5-21-8740799-2134930118-1361462980-1357751\...\Google Chrome) (Version: 81.0.4044.129 - Google LLC)
Herramientas de corrección de Microsoft Office 2016: español (HKLM-x32\...\{90160000-001F-0C0A-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1050 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5063 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Landmark Engineer’s Desktop 5000.14.0 – Third Party Components (HKLM-x32\...\{6195040C-DDE9-4BE7-83A9-FB1440085271}) (Version: 5000.14.0 - Landmark Graphics)
Landmark Engineer's Desktop 5000.14 (HKLM\...\{30BCA381-21C0-4924-B717-5159C90B3557}) (Version: 5000.14.1 - Landmark Graphics)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{A106FA6F-E94C-44C9-8A0F-C34BD82C9FE6}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft redistributable runtime DLLs VS2005 SP1(x86) (HKLM-x32\...\{CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}) (Version: 8.0.50727.4053 - SAP)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{62D2F823-0EAA-496D-B0F9-A869BFC51550}) (Version: 8.05.2312 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{0EEBDCCA-EF5D-4896-9FEA-D7D410A57E8A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27024 (HKLM-x32\...\{5fb2083a-f3cc-4b78-93ff-bd9788b5de01}) (Version: 14.16.27024.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27024 (HKLM-x32\...\{2ff11a2a-f7ac-4a6c-8cd4-c7bb974f3642}) (Version: 14.16.27024.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.31119 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.0.2000.8 - Microsoft Corporation)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM-x32\...\{90160000-001F-040C-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Phish Alert (HKLM-x32\...\{F3E990F3-6238-4294-97E6-DD252C1F2BCB}) (Version: 1.2.45 - KnowBe4)
Pulse Secure (HKLM\...\{0E5D0DD7-7AAD-48D8-95AF-22E3EFA65097}) (Version: 5.3.587 - Pulse Secure, LLC) Hidden
Pulse Secure 5.3 (HKLM-x32\...\Pulse Secure 5.3) (Version: 5.3.587 - Pulse Secure, LLC)
Radmin Server 3.5.2 (HKLM-x32\...\{1B704FD1-C00F-482F-8997-82F2F19E10E7}) (Version: 3.52.1.0000 - Famatech)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.)
SAP Business Explorer (HKLM-x32\...\SAPBI) (Version: 7.60 - SAP SE)
SAP GUI for Windows 7.60 (Patch 4) (HKLM-x32\...\SAPGUI) (Version: 7.60 Compilation 1 - SAP SE)
SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.0.2000.8 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
Symantec Endpoint Protection (HKLM\...\{CE73BCF2-8C36-4CCD-9331-5CCD2F987706}) (Version: 14.2.5323.2000 - Symantec Corporation)
Update for Skype for Business 2016 (KB4484245) 32-Bit Edition (HKLM-x32\...\{90160000-0011-0000-0000-0000000FF1CE}_Office16.PROPLUS_{4664AD2C-8286-49DC-90D2-5AA24C49164E}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4484245) 32-Bit Edition (HKLM-x32\...\{90160000-002A-0000-1000-0000000FF1CE}_Office16.PROPLUS_{4664AD2C-8286-49DC-90D2-5AA24C49164E}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4484245) 32-Bit Edition (HKLM-x32\...\{90160000-012B-0409-0000-0000000FF1CE}_Office16.PROPLUS_{4664AD2C-8286-49DC-90D2-5AA24C49164E}) (Version: - Microsoft)
Vintela Authentication SSO for SAP (HKLM-x32\...\{D58E9CBE-DF84-4BA6-9B32-0103331BADB5}) (Version: 1.01.0000 - Quest Software)
Yammer (HKU\S-1-5-21-8740799-2134930118-1361462980-1357751\...\yammerdesktop) (Version: 3.4.3 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [LDVPMenu] -> {8BEEE74D-455E-4616-A97A-F6E86C317F32} => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.5323.2000.105\Bin64\vpshell2.dll [2019-11-09] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers2: [LDVPMenu] -> {8BEEE74D-455E-4616-A97A-F6E86C317F32} => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.5323.2000.105\Bin64\vpshell2.dll [2019-11-09] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-29] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-11-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [LDVPMenu] -> {8BEEE74D-455E-4616-A97A-F6E86C317F32} => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.5323.2000.105\Bin64\vpshell2.dll [2019-11-09] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-29] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\h243170\Desktop\EDM AutoSync Client.lnk -> C:\Landmark\EDT_5000.14\AutoSync\bin\autosync_client.bat ()
Shortcut: C:\Users\h243170\Desktop\OpenWells.lnk -> C:\Landmark\EDT_5000.14\OpenWells\Bin\RunOpenWells.bat ()
Shortcut: C:\Users\Public\Desktop\EDM to OpenWorks Link.lnk -> C:\Landmark\EDT_5000.14\EDM\EDM to OpenWorks\EDMtoOpenWorks.bat ()
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSettings_{5CA4F88D-67B7-46CE-9653-5A17519F66F0}.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SepMasterService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-8740799-2134930118-1361462980-1357751\...\//security_MMC.exe -> //security_MMC.exe
IE trusted site: HKU\S-1-5-21-8740799-2134930118-1361462980-1357751\...\activelearner.com -> activelearner.com
IE trusted site: HKU\S-1-5-21-8740799-2134930118-1361462980-1357751\...\airsecurity.com -> airsecurity.com
IE trusted site: HKU\S-1-5-21-8740799-2134930118-1361462980-1357751\...\airsecurity.com -> hxxps://airsecurity.com
IE trusted site: HKU\S-1-5-21-8740799-2134930118-1361462980-1357751\...\corp.halliburton.com -> hounfse700.corp.halliburton.com
IE trusted site: HKU\S-1-5-21-8740799-2134930118-1361462980-1357751\...\ddiworld.com -> ddiworld.com
IE trusted site: HKU\S-1-5-21-8740799-2134930118-1361462980-1357751\...\gohalliburton.com -> gohalliburton.com
IE trusted site: HKU\S-1-5-21-8740799-2134930118-1361462980-1357751\...\halliburton.jobs -> halliburton.jobs
IE trusted site: HKU\S-1-5-21-8740799-2134930118-1361462980-1357751\...\halliburton.sabanow.net -> halliburton.sabanow.net
IE trusted site: HKU\S-1-5-21-8740799-2134930118-1361462980-1357751\...\halliburtonc.sabanow.net -> halliburtonc.sabanow.net
IE trusted site: HKU\S-1-5-21-8740799-2134930118-1361462980-1357751\...\houebiz056 -> houebiz056
IE trusted site: HKU\S-1-5-21-8740799-2134930118-1361462980-1357751\...\ipims.com -> ipims.com
IE trusted site: HKU\S-1-5-21-8740799-2134930118-1361462980-1357751\...\knowledgepak.com -> knowledgepak.com
IE trusted site: HKU\S-1-5-21-8740799-2134930118-1361462980-1357751\...\np1cmpr002 -> hxxp://np1cmpr002
IE trusted site: HKU\S-1-5-21-8740799-2134930118-1361462980-1357751\...\outtask.com -> outtask.com
IE trusted site: HKU\S-1-5-21-8740799-2134930118-1361462980-1357751\...\plateau.com -> plateau.com
IE trusted site: HKU\S-1-5-21-8740799-2134930118-1361462980-1357751\...\sapsf.com -> sapsf.com
IE trusted site: HKU\S-1-5-21-8740799-2134930118-1361462980-1357751\...\sharepoint.com -> halliburton.sharepoint.com
IE trusted site: HKU\S-1-5-21-8740799-2134930118-1361462980-1357751\...\successfactors.com -> successfactors.com
IE trusted site: HKU\S-1-5-21-8740799-2134930118-1361462980-1357751\...\thomsonreuters.com -> cpe.checkpointlearning.thomsonreuters.com
There are 1 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-11 18:38 - 2018-04-11 18:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\110\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\DTS\Binn\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-8740799-2134930118-1361462980-1357751\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 34.34.132.1 - 34.36.132.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 4) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Juniper Network Service -> jnprns (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{2365687F-1BC5-4123-916B-5D9C09D21F7A}C:\program files (x86)\microsoft office\office16\lync.exe] => (Block) C:\program files (x86)\microsoft office\office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{FEB7E66E-D6DC-49DE-89CB-42D5B7004EEB}C:\program files (x86)\microsoft office\office16\lync.exe] => (Block) C:\program files (x86)\microsoft office\office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{2610890A-87FE-43E6-8AE1-C3B599342FF9}C:\program files (x86)\microsoft office\office16\lync.exe] => (Allow) C:\program files (x86)\microsoft office\office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{0E0584FD-02BB-4421-A453-12B2BCFB4CC6}C:\program files (x86)\microsoft office\office16\lync.exe] => (Allow) C:\program files (x86)\microsoft office\office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{0411F6A0-9DB8-4A04-8A62-CCE04FCED5FB}C:\landmark\edt_5000.14\common files\jdk\jre\bin\javaw.exe] => (Allow) C:\landmark\edt_5000.14\common files\jdk\jre\bin\javaw.exe
FirewallRules: [TCP Query User{E9EEB7BB-414D-44C4-B4AA-97AA0CA9E612}C:\landmark\edt_5000.14\common files\jdk\jre\bin\javaw.exe] => (Allow) C:\landmark\edt_5000.14\common files\jdk\jre\bin\javaw.exe
FirewallRules: [{3DDB51A9-C361-48DA-8430-3BC3B1808345}] => (Allow) C:\WINDOWS\SysWOW64\rserver30\rserver3.exe (Famatech Corp. -> Famatech Corp.)
FirewallRules: [{EB856908-9641-4146-9AAE-A55AE0876126}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4AC7CC28-5D88-4D93-B882-283876DFF2A3}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8A2F6C18-C59A-4083-996C-2A692F069B57}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A4623224-AE2F-4D20-8A3C-A9E0AAB9E8BC}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{18B65B37-D9B1-46E6-81E0-9CE31E84397C}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.5323.2000.105\Bin\ccSvcHst.exe (Symantec Corporation -> Symantec Corporation)
FirewallRules: [{0850DB02-BAE1-4F2D-8508-339C45E52813}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.5323.2000.105\Bin\ccSvcHst.exe (Symantec Corporation -> Symantec Corporation)
FirewallRules: [{6A10B56B-6AF4-4232-908B-F229786C3A53}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.5323.2000.105\Bin64\snac64.exe (Symantec Corporation -> Symantec Corporation)
FirewallRules: [{07F8772E-0458-403B-80DE-E2D15582636E}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.5323.2000.105\Bin64\snac64.exe (Symantec Corporation -> Symantec Corporation)
FirewallRules: [TCP Query User{3BD8EA1F-BA33-46B0-8981-A1F765A62F00}C:\landmark\edt_5000.14\common files\jdk\jre\bin\javaw.exe] => (Block) C:\landmark\edt_5000.14\common files\jdk\jre\bin\javaw.exe
FirewallRules: [UDP Query User{91B5FA0A-BC86-4173-A96E-A5AED0429756}C:\landmark\edt_5000.14\common files\jdk\jre\bin\javaw.exe] => (Block) C:\landmark\edt_5000.14\common files\jdk\jre\bin\javaw.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:460.49 GB) (Free:289.68 GB) (63%)
Check "VSS" service
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/01/2020 05:15:07 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5580,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (05/01/2020 04:49:06 PM) (Source: Symantec AntiVirus) (EventID: 51) (User: )
Description: Security Risk Found! WS.Reputation.1 in File: C:\Users\h243170\Downloads\FRST64.exe by: Auto-Protect scan. Action: Leave Alone succeeded. Action Description: The file was left unchanged.
Error: (05/01/2020 04:20:37 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9632,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (05/01/2020 04:14:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: StartMenuExperienceHost.exe, version: 0.0.0.0, time stamp: 0x5d65fb6a
Faulting module name: StartUI.dll, version: 10.0.18362.449, time stamp: 0x5dac238d
Exception code: 0xc0000409
Fault offset: 0x00000000002c7a1f
Faulting process id: 0x22f0
Faulting application start time: 0x01d61feb4273c001
Faulting application path: C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
Faulting module path: C:\Windows\ShellExperiences\StartUI.dll
Report Id: 6bdf5758-6a4f-49a6-ba7b-6bd3e9213bd7
Faulting package full name: Microsoft.Windows.StartMenuExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App
Error: (05/01/2020 03:15:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program javaw.exe version 6.0.270.7 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 2804
Start Time: 01d61febc2748c2f
Termination Time: 4294967295
Application Path: C:\Landmark\EDT_5000.14\Common Files\JDK\jre\bin\javaw.exe
Report Id: 7a1433e1-7dde-4421-86e6-a2a1cb6318f8
Faulting package full name:
Faulting package-relative application ID:
Hang type: Top level window is idle
Error: (05/01/2020 03:13:27 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11680,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (05/01/2020 03:03:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program lync.exe version 16.0.4978.1000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 2c3c
Start Time: 01d61feb6ffe9693
Termination Time: 4294967295
Application Path: C:\Program Files (x86)\Microsoft Office\Office16\lync.exe
Report Id: f89a733c-0795-40f6-927a-8f996f3dc22f
Faulting package full name:
Faulting package-relative application ID:
Hang type: Unknown
Error: (05/01/2020 02:59:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rundll32.exe, version: 10.0.18362.1, time stamp: 0x8ceb427f
Faulting module name: PolicyAgentEndpoint.dll, version: 5.0.8913.1012, time stamp: 0x5df5f85b
Exception code: 0xc0000005
Fault offset: 0x000000000000f3e6
Faulting process id: 0x2dec
Faulting application start time: 0x01d61fef7497cb49
Faulting application path: C:\Windows\System32\rundll32.exe
Faulting module path: C:\WINDOWS\CCM\PolicyAgentEndpoint.dll
Report Id: 85a3c988-0cf2-4d3d-93b1-2d42f2860185
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (05/01/2020 02:59:40 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {B07C1D3E-637B-4C71-BC2F-06665F376A59} did not register with DCOM within the required timeout.
Error: (05/01/2020 02:01:03 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:21:20 PM on 5/1/2020 was unexpected.
Error: (05/01/2020 11:42:46 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Audiosrv service.
Error: (05/01/2020 11:42:16 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Audiosrv service.
Error: (05/01/2020 11:41:46 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Audiosrv service.
Error: (05/01/2020 11:40:05 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Audiosrv service.
Error: (05/01/2020 11:39:35 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Audiosrv service.
Error: (05/01/2020 11:38:04 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Audiosrv service.
CodeIntegrity:
===================================
Date: 2020-05-01 16:52:40.420
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.5323.2000.105\Bin\WSCSAvNotifier.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-05-01 16:52:40.417
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.5323.2000.105\Bin\WSCSAvNotifier.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-05-01 16:47:43.035
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.5323.2000.105\Bin\WSCSAvNotifier.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-05-01 16:47:43.025
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.5323.2000.105\Bin\WSCSAvNotifier.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-05-01 14:05:36.399
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.5323.2000.105\Bin\WSCSAvNotifier.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-05-01 14:05:36.396
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.5323.2000.105\Bin\WSCSAvNotifier.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-05-01 14:05:34.658
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.5323.2000.105\Bin\WSCSAvNotifier.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-05-01 14:05:34.653
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.5323.2000.105\Bin\WSCSAvNotifier.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Hewlett-Packard L01 v02.33 07/15/2014
Motherboard: Hewlett-Packard 1998
Processor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
Percentage of memory in use: 81%
Total physical RAM: 4007.51 MB
Available physical RAM: 747.36 MB
Total Virtual: 10663.51 MB
Available Virtual: 5262.67 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:460.49 GB) (Free:289.68 GB) NTFS
Drive d: (Aliphat Externo 640 GB) (Fixed) (Total:596.17 GB) (Free:135.3 GB) NTFS
Drive g: (ALIPHAT) (Removable) (Total:3.61 GB) (Free:0.95 GB) FAT32
\\?\Volume{a42c5e8e-31a9-4705-89eb-ef106db1bd4e}\ (Recovery) (Fixed) (Total:4.65 GB) (Free:4.25 GB) NTFS
\\?\Volume{e113b7fe-1f22-4192-9af5-2ecc98caa18b}\ () (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32
==================== MBR & Partition Table ====================
==================== End of Addition.txt =======================