Buenas tardes me abre pestañas con verentinjec.info Creo que es un virus. He arrancado en modo seguro, para pasar malwarebytes, superantispyware, Windows defender, ccleaner, pero no me lo permite., se sale de las aplicaciones al escritorio. El pc va muy lento Me podrían ayudar
Hola @Bermuda bienvenid@ al nuevo foro
Intenta realizar los pasos en modo normal a ver si te deja.
Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:
1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.
- Realiza un Análisis de amenazas, actualizando si te lo pide.
- Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
- En el apartado del manual Informes
Informe de análisis encontrarás el reporte de MBAM, clic en Exportar Copiar al portapapeles.
2) Descarga AdwCleaner | InfoSpyware en el escritorio.
- Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus.
- Cierra también todos los programas que tengas abiertos.
- Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
- Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
- Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
- Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
- El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt
3) Descarga CCleaner
- Instala Ccleaner
- Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine clic en ejecutar limpiador
- Clic en la pestaña Registro clic en buscar problemas esperas que termine clic en Reparar Seleccionadas y haces una copia de seguridad
- Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.
Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.
Un saludo
Buenas tardes: Malwarebytes no me ha detectado nada y este es el informe de adware
# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-03-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-12-2019
# Duration: 00:00:23
# OS: Windows 10 Home
# Cleaned: 13
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
Deleted C:\ProgramData\Host App Service
Not Deleted C:\Users\Carolina\AppData\Local\Host App Service
Deleted C:\Users\openpgsvc\AppData\Local\Host App Service
Deleted C:\Users\openpgsvc.LAPTOP-A6AK8O9F\AppData\Local\Host App Service
***** [ Files ] *****
Deleted C:\Windows\System32\Tasks_Migrated\App Explorer
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\App Explorer
***** [ Registry ] *****
Deleted HKU\S-1-5-21-3264493433-3611251206-197929902-1004\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKU\S-1-5-21-3264493433-3611251206-197929902-1004\Software\Host App Service
Deleted HKCU\Software\Host App Service
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFC9BB6C-454D-4E37-91AB-BBD49E4C9E01}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2522 octets] - [12/03/2019 08:37:46]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########Me siguen saliendo las pestañas de verentinjec.info, lo que no le explique en el primer mensaje que donde me aparecen es en la pestaña de notificaciones, no en el navegador google chrome.
Hola
Aunque no te haya detectado nada Malwarebytes pon el reporte para revisarlo.
Hola
Descarga Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1] ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]
- Ejecuta FRST.exe.
- En el mensaje de la ventana del Disclaimer, pulsamos Yes
- En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
- Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.
Pon los dos reportes generados.
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).
Un saludo
Disculpe que no le haya contestado antes, pero el ordenador que fallaba es el portátil de mi hija y se lo llevó. Me comenta que ya no se le abren las pestañas en las notificaciones. ¿debo realizar los pasos que me indicó o cierro el tema?
Hola
No te preocupes por la tardanza, no hay problema en 
El último paso que te he indicado es solo para revisar si queda alguna infección en el equipo, no hace limpieza, pero si ya se soluciono no haría falta, pero no hay problema si quieres que lo revise, te lo dejo a tu elección,.
Si lo ejecutas nos pones los reportes, si no nos comentas para darte el último paso para cerrar el tema.
Un saludo
Buenas tardes: Te adjunto reporte addition
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Carolina (27-03-2019 15:34:05)
Running from C:\Users\Carolina\Downloads
Windows 10 Home Version 1809 17763.379 (X64) (2019-02-01 22:56:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-3264493433-3611251206-197929902-500 - Administrator - Disabled)
Carolina (S-1-5-21-3264493433-3611251206-197929902-1001 - Administrator - Enabled) => C:\Users\Carolina
DefaultAccount (S-1-5-21-3264493433-3611251206-197929902-503 - Limited - Disabled)
Invitado (S-1-5-21-3264493433-3611251206-197929902-501 - Limited - Disabled)
openpgsvc (S-1-5-21-3264493433-3611251206-197929902-1004 - Limited - Enabled) => C:\Users\openpgsvc.LAPTOP-A6AK8O9F
WDAGUtilityAccount (S-1-5-21-3264493433-3611251206-197929902-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Actualización de NVIDIA 23.23.30.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 23.23.30.0 - NVIDIA Corporation) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden
Application Verifier x64 External Package (HKLM\...\{D9908CED-5ABB-FEE9-FC84-743F4D38637C}) (Version: 10.1.16299.15 - Microsoft) Hidden
BaseX (HKLM-x32\...\BaseX) (Version: - BaseX Team)
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.7007 - CyberLink Corp.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.7417 - CyberLink Corp.)
db4o 7.2 (HKLM-x32\...\{734E3BAE-5661-55D6-8BC0-7ABA7238F272}) (Version: 7.2.000 - db4objects Inc.)
Dia (sólo eliminar) (HKLM-x32\...\Dia) (Version: - )
Discord (HKU\S-1-5-21-3264493433-3611251206-197929902-1001\...\Discord) (Version: 0.0.304 - Discord Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{8738A898-221B-4279-BC87-FEF7938022C1}) (Version: 0.8.8.87 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{D765CF7F-14F9-4C80-B06C-10E68F10EBCC}) (Version: 0.7.2.62 - Dolby Laboratories, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.60 - FileZilla Project)
Git version 2.19.1 (HKLM\...\Git_is1) (Version: 2.19.1 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-3264493433-3611251206-197929902-1001\...\GitHubDesktop) (Version: 1.4.2 - GitHub, Inc.)
GlassFish Server Open Source Edition 4.1.1 (HKLM\...\nbi-glassfish-mod-4.1.1.0.1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.86 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 5520 series Ayuda (HKLM-x32\...\{1C7A291D-1DF6-4DB7-8026-53207B8757BF}) (Version: 27.0.0 - Hewlett Packard)
HP Photosmart 5520 series Estudio para la mejora del producto (HKLM\...\{F3B43F13-E582-46EE-B525-425D670C9939}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Software básico del dispositivo (HKLM\...\{6CD4E3CE-5411-44E6-B21D-77177BB9779A}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Java SE Development Kit 8 Update 161 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180161}) (Version: 8.0.1610.12 - Oracle Corporation)
Java SE Development Kit 8 Update 201 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180201}) (Version: 8.0.2010.9 - Oracle Corporation)
Kits Configuration Installer (HKLM-x32\...\{86E59C8F-61D5-1782-A3CE-60AE7E4D7791}) (Version: 10.1.16299.15 - Microsoft) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo App Explorer (HKU\S-1-5-21-3264493433-3611251206-197929902-1004\...\Host App Service) (Version: 0.272.1.560 - SweetLabs for Lenovo) <==== ATTENTION
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.11328.20158 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3264493433-3611251206-197929902-1001\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{db012557-340e-4a46-adae-81a6b0f6a1e9}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM\...\{EA457B21-F73E-494C-ACAB-524FDE069978}_is1) (Version: 1.28.2 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.17.1298.831 - Microsoft Corporation)
MSI Development Tools (HKLM-x32\...\{973CACA2-E018-065B-0580-F2784802E299}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
MySQL Connector C++ 8.0 (HKLM\...\{2EF0C3FC-E14C-461D-9949-1999FD9AC12E}) (Version: 8.0.12 - Oracle Corporation)
MySQL Connector J (HKLM-x32\...\{F3EEBC22-A0CF-4782-B211-21D5C34FD05E}) (Version: 8.0.12 - Oracle Corporation)
MySQL Connector Net 8.0.12 (HKLM-x32\...\{2668417A-186B-4052-8076-8A5B2E9E0CF2}) (Version: 8.0.12 - Oracle)
MySQL Connector/ODBC 8.0 (HKLM\...\{F0AC8764-4339-484F-9F9A-1881EB8815F4}) (Version: 8.0.12 - Oracle Corporation)
MySQL Documents 8.0 (HKLM-x32\...\{8322FF66-0F09-4E91-B58D-57365C728083}) (Version: 8.0.12 - Oracle Corporation)
MySQL Examples and Samples 8.0 (HKLM-x32\...\{563F0B86-953B-4170-BAC8-CE2A112B5996}) (Version: 8.0.12 - Oracle Corporation)
MySQL Installer for Windows - Community (HKLM-x32\...\{3B3B28AF-ADAC-4C7A-A567-778FBE73AAB6}) (Version: 1.4.27.0 - Oracle Corporation)
MySQL Router 8.0 (HKLM\...\{B9B39349-5947-4001-9934-FE4C6D3B25BD}) (Version: 8.0.12 - Oracle Corporation)
MySQL Server 8.0 (HKLM\...\{29AEA9CC-3A6A-4F86-8A0E-AC8750F91B69}) (Version: 8.0.12 - Oracle Corporation)
MySQL Shell 8.0.12 (HKLM\...\{D660B1DF-ED82-4027-BA89-CFED870935FB}) (Version: 8.0.12 - Oracle and/or its affiliates)
MySQL Workbench 8.0 CE (HKLM\...\{3D4D54C3-6D4E-435F-8894-2125D900822C}) (Version: 8.0.12 - Oracle Corporation)
NetBeans IDE 8.2 (HKLM\...\nbi-nb-base-8.2.0.0.201609300101) (Version: 8.2 - NetBeans.org)
Node.js (HKLM\...\{C4BE807E-A066-4B2C-9AC2-B12F64192054}) (Version: 8.12.0 - Node.js Foundation)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Odoo 10.0 (HKLM-x32\...\Odoo 10.0) (Version: 10.0 - Odoo S.A.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Oracle Database 11g Express Edition (HKLM\...\{05A7B662-80A3-4EB9-AE1D-89A62449431C}) (Version: 11.2.0 - Oracle Corporation) Hidden
Oracle Database 11g Express Edition (HKLM-x32\...\InstallShield_{05A7B662-80A3-4EB9-AE1D-89A62449431C}) (Version: 11.2.0 - Oracle Corporation)
Oracle VM VirtualBox 5.2.12 (HKLM\...\{128AD467-F107-4FED-A283-F355E74DE103}) (Version: 5.2.12 - Oracle Corporation)
Panel de control de NVIDIA 388.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.75 - NVIDIA Corporation) Hidden
Paquete de compatibilidad redirigido de documentación de Microsoft .NET Framework 4.7.1 (español) (HKLM-x32\...\{927FF4FD-8E47-4022-8545-22FD78FBC2AB}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
PostgreSQL 9.5 (x86) (HKLM-x32\...\PostgreSQL 9.5) (Version: 9.5 - PostgreSQL Global Development Group)
Revo Uninstaller 2.0.6 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.6 - VS Revo Group, Ltd.)
SDK ARM Additions (HKLM-x32\...\{7922BB77-0B59-840A-AC80-D560A34D75C5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{C87DF65C-A672-7E08-A083-E7D48FE8DB70}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
Software para dispositivos de chipset Intel® (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Sublime Text Build 3143 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1030 - SUPERAntiSpyware.com)
Unity (HKLM-x32\...\Unity) (Version: 2018.2.14f1 - Unity Technologies ApS)
Universal CRT Extension SDK (HKLM-x32\...\{A5FA2886-1925-133F-0D41-B9A8ECEA0A2D}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{B739B4C5-EEEC-8E70-0276-38C4779AF398}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A9D6F52C-694E-3E41-7AB8-5BEB644742A5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{E053089E-7953-3219-814F-F485FC151C54}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{B9424F08-0617-C4F6-A798-5A9250C1A738}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D261CEA1-AB8D-9CFA-4407-BCEFC78661AC}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{63FE5FB8-97F3-416F-9F6D-F35D2C5B922B}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Visual Studio Community 2017 (HKLM-x32\...\affdb530) (Version: 15.8.28010.2048 - Microsoft Corporation)
VS Script Debugging Common (HKLM\...\{8B657335-3813-4CF4-A6FE-2AA44BE23F94}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{4C60D242-B039-4DBB-A202-BE55478E8500}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{340226AB-D0EF-4715-A331-AB3A416B5018}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{DC4F558F-90E2-4B9C-8A2B-5DD92EF71F84}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{31312BFA-5D30-4B56-BACB-BFE26CE2E285}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{8EB2C670-04C2-482D-BACD-B4095E27FD39}) (Version: 15.6.27309 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{D98207CC-2AF6-474C-8375-9735AB86B7EB}) (Version: 15.8.28010 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{E70CC1B8-7ED5-4495-9C52-603FE87F38F4}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-3) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wampserver64 3.1.4 (HKLM\...\{wampserver64}_is1) (Version: 3.1.4 - Dominique Ottello aka Otomatic)
WhatsApp (HKU\S-1-5-21-3264493433-3611251206-197929902-1001\...\WhatsApp) (Version: 0.3.2386 - WhatsApp)
WinAppDeploy (HKLM-x32\...\{9690D51C-4435-1C20-7819-66CCAB0F03F9}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{350F0ECD-0783-4529-8797-98F0AD33EAC0}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.16299.15 (HKLM-x32\...\{6195c203-b53c-4bb7-983a-6070a902e704}) (Version: 10.1.16299.15 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{385A1387-A488-9E90-3635-086129610034}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{D7DD3171-DA58-52A1-95B2-4769640855AF}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7336279F-8F8F-5530-A543-3BE963846C0A}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E414A474-0A87-4F66-C409-A4D9857CFD34}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{CE760B86-975B-F514-5673-0ED4332B801B}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{5E67F8BE-D8D2-257F-CE19-419A2D5125C7}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A2AA063E-AF50-A1F5-8925-A06EB1556644}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{7D4C7F4A-02A9-E434-6451-C8787DF28C1F}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{BC467065-9374-5345-DA3F-FCF073304A25}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
XML Copy Editor version 1.2.1.3 (HKLM\...\XML Copy Editor_is1) (Version: 1.2.1.3 - Zane U. Ji)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3264493433-3611251206-197929902-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxDTCM.dll [2018-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-20] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {14141771-2EC6-4C14-BF2F-7ACA5178FD69} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\69713ac9-a45c-4201-b68c-8020c02cc4a6 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {1E9591F9-C1B0-48BF-8330-AF7417C39FA4} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {222C4867-2C6D-456E-999E-5828ECB38524} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe (Oracle America, Inc. -> Oracle Corporation)
Task: {29545250-F96D-44C1-AADB-D50EF326D14C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {2CDE387B-B218-4518-9945-A11E953206B5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {3408336C-ED62-4B83-8377-AFA9A820E370} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\af350043-c273-4608-a145-608f4b6abfb3 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {3DEBD5A6-7E67-4221-8A53-9797130ECB0F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {43033210-7922-4104-9D59-120A3F663E59} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {4F013395-4BF1-4C83-ACBB-947C07D30DA4} - System32\Tasks\HPCustPartic.exe_{1A55910E-5E59-410E-84ED-CCACB52B9287} => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe (Hewlett Packard -> Hewlett-Packard Co.)
Task: {51BB3212-B8DE-44D5-87B2-4B7A542B7C65} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {62D2E4F7-DC5E-4B2E-B76D-C25B814B5463} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {67B63992-12F0-40AC-A8A2-9E00789B584D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {6B1BFA44-BCE6-4F97-80DF-D2F319E5C2BF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {6E6735EC-BCBC-40B7-8268-F4A0F694BA72} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E818D40-5405-4877-9816-62C5E403541A} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe (CyberLink Corp. -> CyberLink)
Task: {70BD2BD4-42CE-45C7-B89C-24F1E78D4114} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {71E6328F-FD5C-4AA3-A981-E63DC6C46CA1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\48d0e4eb-f7e6-4d0d-9b03-d74654553853 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {73364702-9930-4F31-9692-19AD10588E9A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8D18B0A6-808D-499E-96BE-BD1EC10CEB04} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\Lenovo\Power2Go\CLVDLauncher.exe (CyberLink Corp. -> CyberLink Corp.)
Task: {8D6E82D3-1B5F-4CD4-865B-A0CA77ECF44E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7a328d22-648b-4184-8007-c1e9f94e5877 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {8FA757CD-ED0B-471F-807D-4D01D38959DB} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-3264493433-3611251206-197929902-1001
Task: {95169E98-CE07-4BB5-AADE-8C8C27A4C4DC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A2EDFB65-F143-4A55-8A52-44A886437F29} - System32\Tasks\PDVDServ14 Task => C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe (CyberLink Corp. -> CyberLink Corp.)
Task: {A832A805-DD81-4BE7-9B09-86A51F6EC023} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A84707B5-F632-4C53-90AC-B1208B3A71DC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AA88A6F8-CD35-4F5A-BB6A-414D79372C36} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AAC408E8-CD67-455A-9C73-2B9BFC763854} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {ABF60DB0-4BBA-4416-BAD2-5CFA802D1ADD} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {B6989061-AB4E-433E-8399-87EDB77FF837} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {B762923F-55D1-490B-A189-67357CBA350E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {C07E493C-F841-4804-B454-AFA058C47315} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C1ED31CC-FA05-4B8C-8783-7792C48CC968} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {CBEB65D5-D8E4-4F45-BDBE-9D4B7B7F7162} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {D00F7637-2F6F-4FFF-9E84-F26DA22254CD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D4A53DDD-BA1C-4D81-A498-9FE84A093808} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {DCF78C80-FCB2-48FE-A6C2-3BFD9041F8C8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {DF1B21A2-DA45-446F-B689-F65D20E4F42F} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe (Hewlett Packard -> Hewlett-Packard Co.)
Task: {E4448D36-4411-4D84-A753-F53266F9B301} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe (Lenovo -> Lenovo Group Ltd.)
Task: {E6B51D6B-9DD4-4EAB-A2D2-32E096234DEA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {E6EB6DE9-B72D-44F1-8BFA-6BDA8C73918E} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E9C39042-BC7A-436F-BED5-DCB43016E632} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {F1306219-0DBA-4898-BFA6-65BDB8752376} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F4D4CB69-20DD-4A3B-9C84-B78A86751C0F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Carolina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BaseX\BaseX Client.lnk -> C:\Program Files (x86)\BaseX\bin\basexclient.bat ()
Shortcut: C:\Users\Carolina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BaseX\BaseX Standalone.lnk -> C:\Program Files (x86)\BaseX\bin\basex.bat ()
==================== Loaded Modules (Whitelisted) ==============
2014-05-29 11:14 - 2014-05-29 11:14 - 000522240 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe
2014-05-29 11:14 - 2014-05-29 11:14 - 000350720 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oranro11.dll
2014-05-29 11:14 - 2014-05-29 11:14 - 000157696 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oransgr11.dll
2014-05-29 11:12 - 2014-05-29 11:12 - 000010240 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\orauts.dll
2014-05-29 11:14 - 2014-05-29 11:14 - 000428032 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oranl11.dll
2014-05-29 11:12 - 2014-05-29 11:12 - 001424896 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oracore11.dll
2014-05-29 11:12 - 2014-05-29 11:12 - 000099840 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oraons.dll
2014-05-29 11:14 - 2014-05-29 11:14 - 002033152 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oraldapclnt11.dll
2014-05-29 11:06 - 2014-05-29 11:06 - 016880128 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\orageneric11.dll
2014-05-29 11:14 - 2014-05-29 11:14 - 004532736 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oran11.dll
2014-05-29 11:14 - 2014-05-29 11:14 - 000199168 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\orantcp11.dll
2014-05-29 11:14 - 2014-05-29 11:14 - 000290816 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oranldap11.dll
2014-05-29 11:13 - 2014-05-29 11:13 - 001026048 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oranls11.dll
2014-05-29 11:06 - 2014-05-29 11:06 - 003099136 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oracommon11.dll
2014-05-29 11:13 - 2014-05-29 11:13 - 000112640 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oraunls11.dll
2014-05-29 11:14 - 2014-05-29 11:14 - 001582592 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\orannzsbb11.dll
2014-05-29 11:14 - 2014-05-29 11:14 - 000132608 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\orancrypt11.dll
2014-05-29 11:03 - 2014-05-29 11:03 - 006001664 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oraxml11.dll
2014-05-29 11:14 - 2014-05-29 11:14 - 002022400 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\orazt11.dll
2014-05-29 11:14 - 2014-05-29 11:14 - 000022528 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oranhost11.dll
2014-05-29 11:14 - 2014-05-29 11:14 - 000008704 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\orancds11.dll
2014-05-29 11:14 - 2014-05-29 11:14 - 000712704 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oraztkg11.dll
2014-05-29 11:14 - 2014-05-29 11:14 - 000048128 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\orantns11.dll
2014-05-29 11:06 - 2014-05-29 11:06 - 005309952 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oraclient11.dll
2014-05-29 11:12 - 2014-05-29 11:12 - 005547008 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\orapls11.dll
2014-05-29 11:12 - 2014-05-29 11:12 - 000635904 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oraocr11.dll
2014-05-29 11:13 - 2014-05-29 11:13 - 000236544 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\orasnls11.dll
2014-05-29 11:15 - 2014-05-29 11:15 - 003018752 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\orahasgen11.dll
2014-05-29 11:12 - 2014-05-29 11:12 - 000329728 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oracell11.dll
2014-05-29 11:11 - 2014-05-29 11:11 - 000357888 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\orasql11.dll
2014-05-29 11:12 - 2014-05-29 11:12 - 004142592 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oraplp11.dll
2014-05-29 11:06 - 2014-05-29 11:06 - 000009728 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oravsn11.dll
2014-05-29 11:03 - 2014-05-29 11:03 - 000038400 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oraslax11.dll
2014-05-29 11:12 - 2014-05-29 11:12 - 000699392 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oraocrb11.dll
2014-05-29 11:12 - 2014-05-29 11:12 - 000048640 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oraocrutl11.dll
2014-05-29 11:06 - 2014-05-29 11:06 - 000684032 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\OCI.dll
2014-05-29 11:17 - 2014-05-29 11:17 - 000455680 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oraasmclnt11.dll
2014-05-29 11:14 - 2014-05-29 11:14 - 000094208 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\bin\oranipc11.dll
2014-05-29 11:15 - 2014-05-29 11:15 - 000129024 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\bin\oraclsra11.dll
2014-05-29 11:12 - 2014-05-29 11:12 - 000153088 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\oradbcfg11.dll
2019-01-30 05:53 - 2019-01-30 05:53 - 000023552 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\service\win32_service.exe
2014-05-30 01:03 - 2014-05-30 01:03 - 147110912 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE
2014-05-29 11:05 - 2014-05-29 11:05 - 003220992 _____ (Intel Corporation) [File not signed] c:\oraclexe\app\oracle\product\11.2.0\server\bin\libmmd.dll
2014-05-29 11:03 - 2014-05-29 11:03 - 000210944 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\11.2.0\server\bin\orawwg.dll
2014-05-29 11:06 - 2014-05-29 11:06 - 000106496 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\BIN\ORAIMR11.Dll
2014-05-29 11:14 - 2014-05-29 11:14 - 000104448 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\bin\oranbeq11.dll
2018-06-28 18:22 - 2018-06-28 18:22 - 045210624 _____ () [File not signed] C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe
2018-06-15 13:26 - 2018-06-15 13:26 - 000356864 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\MySQL\MySQL Server 8.0\bin\SSLEAY32.dll
2018-06-15 13:26 - 2018-06-15 13:26 - 002102272 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\MySQL\MySQL Server 8.0\bin\LIBEAY32.dll
2019-01-30 19:33 - 2016-09-15 14:39 - 000080384 _____ (PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 10.0\PostgreSQL\bin\pg_ctl.exe
2019-01-30 05:54 - 2019-01-30 05:54 - 000021504 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\server\odoo-bin.exe
2019-01-30 19:34 - 2016-09-15 14:37 - 004923392 _____ (PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 10.0\PostgreSQL\bin\postgres.exe
2018-01-21 19:00 - 2018-01-21 19:00 - 000000000 ____LMicrosoft Corporation C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2018-01-21 19:00 - 2018-01-21 19:00 - 000000000 ____LMicrosoft Corporation C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2019-02-16 21:19 - 2019-02-16 21:19 - 002795008 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\7284665f71b547014fc8b1a663bcebd0\Newtonsoft.Json.ni.dll
2017-02-06 14:25 - 2017-02-06 14:25 - 001412608 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\FileZilla Server\libeay32.dll
2017-02-06 14:25 - 2017-02-06 14:25 - 000365056 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\FileZilla Server\ssleay32.dll
2017-09-28 18:41 - 2017-09-28 18:41 - 000266240 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
2015-12-05 16:03 - 2015-12-05 16:03 - 002627584 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\Odoo 10.0\service\PYTHON27.DLL
2014-02-15 23:23 - 2014-02-15 23:23 - 000027648 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\service\servicemanager.pyd
2014-02-15 23:23 - 2014-02-15 23:23 - 000110592 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\service\pywintypes27.dll
2014-02-15 23:23 - 2014-02-15 23:23 - 000042496 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\service\win32service.pyd
2014-02-15 23:23 - 2014-02-15 23:23 - 000100352 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\service\win32api.pyd
2014-02-15 23:23 - 2014-02-15 23:23 - 000036864 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\service\win32process.pyd
2019-01-30 19:33 - 2016-09-15 14:38 - 000145408 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\PostgreSQL\bin\LIBPQ.dll
2019-01-30 19:34 - 2015-07-10 10:30 - 001542289 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\Odoo 10.0\PostgreSQL\bin\libintl-8.dll
2019-01-30 19:34 - 2015-07-09 11:58 - 001015942 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\Odoo 10.0\PostgreSQL\bin\libiconv-2.dll
2019-01-30 19:34 - 2016-05-04 14:44 - 000273408 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Odoo 10.0\PostgreSQL\bin\SSLEAY32.dll
2019-01-30 19:34 - 2016-05-04 14:44 - 001207296 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Odoo 10.0\PostgreSQL\bin\LIBEAY32.dll
2015-12-05 16:03 - 2015-12-05 16:03 - 002627584 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\Odoo 10.0\server\PYTHON27.DLL
2015-12-05 16:04 - 2015-12-05 16:04 - 001008128 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\server\_hashlib.pyd
2015-12-05 16:04 - 2015-12-05 16:04 - 000047616 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\server\_socket.pyd
2015-12-05 16:04 - 2015-12-05 16:04 - 001420288 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\server\_ssl.pyd
2014-02-15 23:23 - 2014-02-15 23:23 - 000100352 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\server\win32api.pyd
2014-02-15 23:23 - 2014-02-15 23:23 - 000110592 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\server\pywintypes27.dll
2014-02-15 23:24 - 2014-02-15 23:24 - 000397312 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\server\pythoncom27.dll
2015-12-05 16:03 - 2015-12-05 16:03 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\server\_ctypes.pyd
2015-12-05 16:03 - 2015-12-05 16:03 - 000688128 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\server\unicodedata.pyd
2014-03-06 14:44 - 2014-03-06 14:44 - 002935296 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\server\lxml.etree.pyd
2014-02-15 23:23 - 2014-02-15 23:23 - 000042496 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\server\win32service.pyd
2014-01-08 13:53 - 2014-01-08 13:53 - 001262592 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\server\psycopg2._psycopg.pyd
2014-03-04 18:52 - 2014-03-04 18:52 - 000178176 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\server\_yaml.pyd
2014-03-07 05:00 - 2014-03-07 05:00 - 000798720 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\server\PIL._imaging.pyd
2015-12-05 16:03 - 2015-12-05 16:03 - 000137216 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\server\pyexpat.pyd
2014-03-06 14:56 - 2014-03-06 14:56 - 000026112 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\server\reportlab\lib\_rl_accel.pyd
2013-05-21 21:28 - 2013-05-21 21:28 - 000008192 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\server\markupsafe._speedups.pyd
2015-12-05 16:03 - 2015-12-05 16:03 - 000011264 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\server\select.pyd
2013-11-25 14:27 - 2013-11-25 14:27 - 000036352 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\server\_psutil_mswindows.pyd
2019-01-30 19:34 - 2016-07-27 07:29 - 001773056 _____ () [File not signed] C:\Program Files (x86)\Odoo 10.0\PostgreSQL\bin\libxml2.dll
2019-02-01 21:58 - 2019-02-01 09:56 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-02-01 21:58 - 2019-02-01 09:56 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-02-01 21:58 - 2019-02-01 09:56 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-02-01 21:58 - 2019-02-01 09:56 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-02-01 21:58 - 2019-02-01 09:56 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-02-01 21:58 - 2019-02-01 09:55 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-02-01 21:58 - 2019-02-01 09:56 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-03-11 22:29 - 2019-02-01 09:56 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-03-11 22:29 - 2019-02-01 09:56 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-03-11 22:29 - 2019-02-01 09:56 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-03-11 22:29 - 2019-02-01 09:56 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-02-01 21:58 - 2019-02-01 09:56 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-03-11 22:29 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-03-11 22:29 - 2019-02-01 09:56 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-03-11 22:29 - 2019-02-01 09:56 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-03-11 22:29 - 2019-02-01 09:56 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-03-11 22:29 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-03-11 22:29 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-03-11 22:29 - 2019-02-01 09:56 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-03-11 22:29 - 2019-02-01 09:56 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
2019-03-16 21:21 - 2018-08-12 20:29 - 001255424 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\AppData:CSM [468]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 22:03 - 2019-01-04 19:29 - 000000039 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\oraclexe\app\oracle\product\11.2.0\server\bin;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\BaseX\bin;C:\Program Files\nodejs\;C:\Program Files\Microsoft VS Code\bin;C:\Program Files\Git\cmd
HKU\S-1-5-21-3264493433-3611251206-197929902-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Carolina\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\DSC_0706.JPG
HKU\S-1-5-21-3264493433-3611251206-197929902-1004\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 62.81.16.148 - 62.81.16.213
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run32: => "FileZilla Server Interface"
HKU\S-1-5-21-3264493433-3611251206-197929902-1001\...\StartupApproved\Run: => "Discord"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{C85B6871-E709-4622-BD65-82EE8F2916DA}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{1390FBC8-C1AD-4AD1-97D5-8162A2267729}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3F9840FC-2E10-4CC3-9082-7A80C7D7795F}] => (Block) C:\Program Files\Unity\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{9F74DDB3-B04C-46A6-A646-248736D0C580}] => (Allow) C:\Program Files\Unity\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [UDP Query User{D3A54068-3489-4611-B055-020A92EFCBC3}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [TCP Query User{4F83F2CE-7B0F-4AC5-BA5D-2DFA1338C2D9}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [UDP Query User{AFD390BE-786A-4D5D-A020-B5B2567ECCBB}C:\wamp64\bin\apache\apache2.4.35\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.35\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [TCP Query User{DD8523E2-C4FC-42E9-8BE3-E20E6C538C11}C:\wamp64\bin\apache\apache2.4.35\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.35\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [{BC9857A5-6AE0-4B85-868B-BBC5FD340FFC}] => (Allow) LPort=33060
FirewallRules: [{783BB7AE-0648-4F78-8EDB-C0DF8738636A}] => (Allow) LPort=3306
FirewallRules: [{2074A109-882B-4658-AEEA-02DA7B773AB7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{43F5B52D-C092-48AD-A9E1-CC26B87387B0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CC06CD36-8AE0-4277-B2C7-4448461B8C37}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{033D3731-E0FC-4B20-8F93-E8264B27BCD6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CE224BF8-60FC-4A46-AB46-F7B5DB6297C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8C863891-3B20-4766-9625-4A75060F824D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{41245A45-1385-4BD5-9C8A-B11FA19CFA00}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{47E5F6EF-E970-4B0D-AA8D-B1472D8B2299}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B85C8F91-5DB1-4E29-9A6E-B5E306036388}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{33864C9C-A14D-4430-B4E8-D1241FA78154}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{D9AC1D5D-FE10-44DE-B215-9F7EFA3A714C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{91FB36C9-9095-400E-BD67-C71B34F9BB1E}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{AA3FCFB7-80ED-4555-AB34-A2EB2F2F39DB}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{220DAD40-6E44-4958-9905-84839DB026CE}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{A88258EC-FF1D-4334-88A9-20731E50BA71}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{3299499A-955C-4E4F-B8C2-2E1F486A7F8E}C:\users\carolina\eclipse\jee-oxygen\eclipse\eclipse.exe] => (Allow) C:\users\carolina\eclipse\jee-oxygen\eclipse\eclipse.exe () [File not signed]
FirewallRules: [UDP Query User{24954EFD-E379-4A5A-80AD-0A904E6E3551}C:\users\carolina\eclipse\jee-oxygen\eclipse\eclipse.exe] => (Allow) C:\users\carolina\eclipse\jee-oxygen\eclipse\eclipse.exe () [File not signed]
FirewallRules: [TCP Query User{19F0A3B4-7BBD-418F-99CC-9A94D1F825EC}C:\program files\unity\editor\data\tools\nodejs\node.exe] => (Allow) C:\program files\unity\editor\data\tools\nodejs\node.exe (Node.js Foundation -> Node.js) [File not signed]
FirewallRules: [UDP Query User{CC6D10F9-C822-4551-9F17-6E28662626CD}C:\program files\unity\editor\data\tools\nodejs\node.exe] => (Allow) C:\program files\unity\editor\data\tools\nodejs\node.exe (Node.js Foundation -> Node.js) [File not signed]
FirewallRules: [TCP Query User{BD520BFE-3157-40AF-B57F-E45876115B72}C:\program files\unity\editor\data\mono\bin\mono.exe] => (Allow) C:\program files\unity\editor\data\mono\bin\mono.exe () [File not signed]
FirewallRules: [UDP Query User{F6AB7F76-A364-440B-BE7A-658646452619}C:\program files\unity\editor\data\mono\bin\mono.exe] => (Allow) C:\program files\unity\editor\data\mono\bin\mono.exe () [File not signed]
FirewallRules: [TCP Query User{BB47E467-5DE8-4155-9309-5A92AB4A6984}C:\program files\java\jdk1.8.0_201\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_201\bin\java.exe
FirewallRules: [UDP Query User{1499C23B-FF0F-41CD-BCFD-1427D722D481}C:\program files\java\jdk1.8.0_201\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_201\bin\java.exe
FirewallRules: [{78B7160B-BC64-43DF-9174-2957C1586FF9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.101.348.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EB0F7D38-C5FC-42BE-AA10-F4AF2852D427}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.101.348.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C1702051-5898-44A5-B4D6-11960CBD1C29}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.101.348.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{99EEEF78-2E4A-44B4-90A7-84D070739C2E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.101.348.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D271F25E-C338-425C-A719-67D97A40BA04}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.101.348.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5EBB97AC-4230-4A56-9A18-4631F5AF164E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.101.348.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8709666C-318F-4E22-B861-CF4CD9B0C10E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.101.348.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F094A177-D275-4991-9B01-6A6A15192D12}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.101.348.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6642961B-3E87-424C-8CE2-81D03A87002B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{7C5433C4-ACF2-43DD-B3BC-00A7C4EE59B2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B7592541-F045-4BA6-8527-A40373E8045E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{40730F66-B0C5-436B-BA78-2095F1CE6378}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E71736D1-787D-4B1A-8D83-2809ABB9EA1F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{68D2C10B-B1DE-44FC-AE5C-E3A5438212EC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8B6941B0-320C-4B3D-92A8-5EC7C0AAD441}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6A707458-C664-4D58-91F3-6F4FFCA6EB62}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{31EA876F-4BE6-47F2-B250-59D25667A868}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
==================== Restore Points =========================
13-02-2019 17:27:06 Windows Update
12-03-2019 08:04:42 Punto de control programado
24-03-2019 15:30:18 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/24/2019 04:11:34 PM) (Source: odoo-server-10.0) (EventID: 3) (User: )
Description: The instance's SvcRun() method failed
Traceback (most recent call last):
File "win32serviceutil.pyo", line 835, in SvcRun
File "win32_service.pyo", line 42, in SvcDoRun
SystemExit: 255
%2: %3
Error: (03/24/2019 04:11:27 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1512) (User: NT AUTHORITY)
Description: Windows no puede descargar su archivo de Registro. No se ha liberado la memoria usada por el Registro. La causa de este problema suelen ser servicios ejecutándose como cuentas de usuario. Intente configurar los servicios para ejecutarse en la cuenta LocalService o NetworkService.
DETALLE - Acceso denegado.
Error: (03/24/2019 04:11:27 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1512) (User: NT AUTHORITY)
Description: Windows no puede descargar su archivo de Registro. No se ha liberado la memoria usada por el Registro. La causa de este problema suelen ser servicios ejecutándose como cuentas de usuario. Intente configurar los servicios para ejecutarse en la cuenta LocalService o NetworkService.
DETALLE - Acceso denegado.
Error: (03/24/2019 03:22:04 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: LAPTOP-A6AK8O9F)
Description: microsoft.windows.authhost.a_8wekyb3d8bbwe-2147024893
Error: (03/24/2019 03:22:02 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: LAPTOP-A6AK8O9F)
Description: Microsoft.VCLibs.140.00_8wekyb3d8bbwe-2147024893
Error: (03/24/2019 03:22:02 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: LAPTOP-A6AK8O9F)
Description: Microsoft.VCLibs.140.00.UWPDesktop_8wekyb3d8bbwe-2147024893
Error: (03/24/2019 03:22:02 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: LAPTOP-A6AK8O9F)
Description: Microsoft.VCLibs.120.00_8wekyb3d8bbwe-2147024893
Error: (03/24/2019 03:22:02 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: LAPTOP-A6AK8O9F)
Description: Microsoft.UI.Xaml.2.0_8wekyb3d8bbwe-2147024893
System errors:
=============
Error: (03/27/2019 03:28:04 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-A6AK8O9F)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
y APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
al usuario LAPTOP-A6AK8O9F\Carolina con SID (S-1-5-21-3264493433-3611251206-197929902-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (03/27/2019 03:19:44 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-A6AK8O9F)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
y APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
al usuario LAPTOP-A6AK8O9F\Carolina con SID (S-1-5-21-3264493433-3611251206-197929902-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (03/27/2019 03:14:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
y APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (03/27/2019 03:14:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
y APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (03/26/2019 06:19:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80073d02: ApplicationSet-9PB2MZ1ZMB1S-AppleInc.iTunes.
Error: (03/26/2019 06:10:18 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-A6AK8O9F)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
y APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
al usuario LAPTOP-A6AK8O9F\Carolina con SID (S-1-5-21-3264493433-3611251206-197929902-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID SpotifyAB.SpotifyMusic_1.101.348.0_x86__zpdnekdrzrea0 (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (03/26/2019 06:03:16 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-A6AK8O9F)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
y APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
al usuario LAPTOP-A6AK8O9F\Carolina con SID (S-1-5-21-3264493433-3611251206-197929902-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (03/26/2019 06:00:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
y APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Windows Defender:
===================================
Date: 2019-03-24 17:38:36.895
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {29B0A2CD-CFA2-4CAA-982A-21A555205909}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-03-24 17:21:22.990
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {C3568B1C-E994-40C4-9257-F2488F078458}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-03-24 17:15:30.560
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {005BB88D-57F1-4A65-B017-2CEFF59564E2}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-03-18 20:48:21.352
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {3BA85470-95AE-4A4F-8512-F2E94377148E}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-03-14 19:32:13.017
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {24A59131-8086-4326-B2F1-56A239801028}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-03-26 18:12:56.060
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.291.400.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.15800.1
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
Date: 2019-03-14 17:27:07.288
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.289.1157.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.15700.9
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores
Date: 2019-03-14 17:16:58.251
Description:
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.
Date: 2019-03-14 16:18:04.912
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.289.1157.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.15700.9
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores
Date: 2019-03-14 16:07:52.934
Description:
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.
CodeIntegrity:
===================================
Date: 2019-03-11 19:55:29.131
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-03-11 19:55:27.349
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-02 00:05:12.124
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2019-02-02 00:00:47.033
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2019-02-02 00:00:37.387
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2019-02-01 23:59:10.602
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2019-02-01 23:59:05.146
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2019-02-01 23:58:55.441
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz
Percentage of memory in use: 38%
Total physical RAM: 16258.72 MB
Available physical RAM: 9985.34 MB
Total Virtual: 18690.72 MB
Available Virtual: 12438 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:905.27 GB) (Free:745.14 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.87 GB) NTFS
\\?\Volume{189116c3-03e0-4277-95e3-3184908e1afc}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.51 GB) NTFS
\\?\Volume{8f5e09d5-22e9-4a13-9af6-b2a98eb20c0c}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7D4F0DC5)
Partition: GPT.
==================== End of Addition.txt ============================
Hola
Falta el reporte Frst.txt, pon lo también para revisarlo.
Un saludo
Me da error. Lo vuelvo a intentar
Sigue dando error lo sentimos, pero los usuarios nuevos solo pueden mencionar a 2 usuarios e un post no sé a que se refiere
Hola
Adjunta el reporte en el tema como se indica aquí:
Un saludo
Hola @Cbermudo
Sigue estos pasos, para eliminar las herramientas utilizadas:
Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.
-
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)
-
Marca todas las casillas, y pulsas en Run
Se abrirá el informe (DelFix.txt), puedes cerrarlo.
Confirma si sigue todo bien, en relación al problema planteado.
Un saludo