Windows defender sin protección en tiempo real

Me vas a tener que ayudar un poco con esto ultimo pues no se que es lo que tengo que hacer especificamente

Facundo Termine con los pasos requeridos Rkill y MBAM, adjunto reportes y te cuento que no ejecute la ultima herramienta porque como no encontro ningun malaware, creo no es necesario la reparacion de "fixdamage

Rkill 2.9.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2018 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/25/2018 06:03:44 PM in x64 mode. (Safe Mode)
Windows Version: Windows 10 Home Single Language 

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Real-Time Protection Disabled

   [HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-time Protection]
   "DisableRealtimeMonitoring" = dword:00000001

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * No issues found.

Program finished at: 11/25/2018 06:09:09 PM
Execution time: 0 hours(s), 5 minute(s), and 24 seconds(s)

Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
  main:    v2018.11.25.04
  rootkit: v2018.11.25.04

Windows 10 x64 NTFS (Safe Mode/Networking)
Internet Explorer 11.407.17134.0
Lau :: DESKTOP-LC5E5OJ [administrator]

25-11-2018 18:10:45
mbar-log-2018-11-25 (18-10-45).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 219131
Time elapsed: 24 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Aun sigue el problema

Se importo el codigo ok, reinicie y actualice el windows, detecto una actualizacion del windows defender, inicializando… y quedo en instalacion pendiente como siempre. Todo sigue igual. Si esto no tiene solucion quisiera saber como desinstalo el windows defender y asi instalar otro antivirus

Hola @LadyTremere,

Pregunto, tu licencia de Windows es original? lo pregunto también por si te deja realizar las actualizaciones correctamente y si tienes todas las actualizaciones de Win instaladas a la fecha?

Vuelvo a subirte el Script .REG para que lo ejecutes directamente… es tan fácil como descargarlo en el escritorio, darle clic derecho y ejecutar como administrador > te preguntara si estas segura de realizar los cambios > SI > y luego te dirá que los cambios en el registro fueron realizados.

• Turn_On_Windows_Defender_Antivirus.reg (634 Bytes)

Reinicias y compruebas…

En caso de que luego de reiniciar el problema persista, te queda probar con la herramienta de FixWin10 el cual entre otras cosas, puede reparar Windows Defender.

Salu2

Hola @Marcelo Si, la licencia de windows es original y si tengo todas las actualizaciones al dia. Volvi a subir el script se ejecuto correctamente, reinicie, pero el problema persiste (que actualiza el antivirus, pero la proteccion en tiempo real esta desactivada)

En ese caso la próxima opción que te quedaría por probar es con la herramienta que puse mas arriba llamada FixWin10 la cual tiene la opción de darle Fixt al Windows Defender

Salu2

@Marcelo Probe con la heramienta Fixwin 10 pero fue peor, porque antes tenia el icono en verde y actualizaba, solo que no tenia la proteccion en tiempo real, ahora me sale error en la actualizacion del antivirus y ya no tengo ni siquiera el icono, desaparecio. Actualización de definición para Windows Defender Antivirus – KB2267602 (Definición 1.281.943.0) - Error 0x80070643 Tengo 2 imagenes de lo que me aparece, pero no se como subirlas.

@Facundo @Marcelo Y ahora que hago? ninguna de las opciones dadas me ha podido ayudar, ahora ni siquiera tengo el antivirus, que si lo tenia en primera instancia Por favor alguien que conteste para por lo menos poder regresar al punto en el que estaba antes: tener antivirus sin proteccion en tiempo real.

Hola @LadyTremere

Primeramente, dinos que versión tienes actualmente de Windows 10 y aunque yo personalmente, habiendo antivirus free de mas calidad, no necesito el Defender,vamos a tratar de resolver el problema

Vete a Configuración-sistema-acerca de y pon lo que pone en : especificaciones de windows

Ademas, si no ejecutaste la herramienta fixdamage, indicada anteriormente, realizalo y reinicias el pc y comentas resultados

Gracias por contestarme. Tengo Windows 10 Home Single Language version 1803 version del sistema operativo 17134.441 Que otros antivirus free de mas calidad recomiendas? use el avast y no me sirvio mucho.

Perfecto, vale

Bien, lo del antivirus, cuando acabemos, te recomendare para si quieres, pero ahora vamos a resolver el tema.

Antes, voy a pedirte unos logs para ver que no tengas problemas con el siguiente paso

1- * Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.(en tu caso esto no hará falta…)

• Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) ¿Cómo saber si mi Windows es de 32 o 64 bits?

• Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

• En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

• Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.

2- Descarga al escritorio FSS

Botón derecho - ejecutar como administrador y marcas las casillas:

• Internet Services
• Windows update
• Windows Defender

Pulsas el botón Scan y me pegas el log que se va a generar

Cada log tendrás que ponerlo en una respuesta, incluso el primero de Fabar, dividirlo en dos o mas, según te deje y aplicas:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29.11.2018
Ran by Lau (administrator) on DESKTOP-LC5E5OJ (29-11-2018 12:14:54)
Running from C:\Users\Lau\Desktop
Loaded Profiles: Lau (Available Profiles: defaultuser0 & Lau)
Platform: Windows 10 Home Single Language Version 1803 17134.441 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\LsaIso.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125863.inf_amd64_feb1c0f960ddadcd\igfxCUIService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125863.inf_amd64_feb1c0f960ddadcd\IntelCpHDCPSvc.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
() C:\Program Files (x86)\LG Software\LG Device Manager\DeviceManager.exe
() C:\Program Files (x86)\LG Software\LG Control Center\LGControlCenterSVC.exe
() C:\Program Files (x86)\Platform Manager\PlatformMgrService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125863.inf_amd64_feb1c0f960ddadcd\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125863.inf_amd64_feb1c0f960ddadcd\igfxEM.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(LG Electronics Inc.) C:\Program Files (x86)\LG Software\LG OSD\HotkeyManager.exe
(LG Electronics Inc.) C:\Program Files (x86)\LG Software\LG Reader Mode\ReaderMode.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Opera Software) C:\Users\Lau\AppData\Local\Programs\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Users\Lau\AppData\Local\Programs\Opera\56.0.3051.116\opera_crashreporter.exe
(Opera Software) C:\Users\Lau\AppData\Local\Programs\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Users\Lau\AppData\Local\Programs\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Users\Lau\AppData\Local\Programs\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Users\Lau\AppData\Local\Programs\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Users\Lau\AppData\Local\Programs\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Users\Lau\AppData\Local\Programs\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Users\Lau\AppData\Local\Programs\Opera\56.0.3051.116\opera.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388416 2017-11-30] (Realtek Semiconductor)
HKLM-x32\...\Run: [HotkeyManager] => C:\Program Files (x86)\LG Software\LG OSD\HotkeyManager.exe [199600 2016-10-07] (LG Electronics Inc.)
HKLM-x32\...\Run: [ReaderMode] => C:\Program Files (x86)\LG Software\LG Reader Mode\ReaderMode.exe [3662800 2016-12-05] (LG Electronics Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0a745bb5-b7b1-4423-ae9e-12be1d6ffeea}: [NameServer] 172.98.193.42,192.99.85.244
Tcpip\..\Interfaces\{219692ab-efba-458a-98c4-bf871fce52fa}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{6ea19014-3a82-4300-be31-ca1622153f4d}: [NameServer] 172.98.193.42,192.99.85.244
Tcpip\..\Interfaces\{6ea19014-3a82-4300-be31-ca1622153f4d}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-4282247097-123408342-55159551-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lg17win10.msn.com/?pc=LGTE
HKU\S-1-5-21-4282247097-123408342-55159551-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lg17win10.msn.com/?pc=LGTE
HKU\S-1-5-21-4282247097-123408342-55159551-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lg.com
SearchScopes: HKLM-x32 -> DefaultScope {2CA8917F-21AE-4441-AE30-6A572D00F01D} URL = 
SearchScopes: HKU\S-1-5-21-4282247097-123408342-55159551-1001 -> DefaultScope {2CA8917F-21AE-4441-AE30-6A572D00F01D} URL = 
SearchScopes: HKU\S-1-5-21-4282247097-123408342-55159551-1001 -> {2CA8917F-21AE-4441-AE30-6A572D00F01D} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-10-22] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-10-17] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-17] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-11-03] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-03] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-03] (Microsoft Corporation)

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-4282247097-123408342-55159551-1001 -> hxxps://www.facebook.com/
Edge Session Restore: HKU\S-1-5-21-4282247097-123408342-55159551-1001 -> is enabled.
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.6.0.0_neutral__c1wakc4j0nefm [2018-11-12]
Edge Extension: (Traductor para Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.48.0_neutral__8wekyb3d8bbwe [2018-07-20]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-17] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-11-06] (Adobe Systems Inc.)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.facebook.com/"
CHR Profile: C:\Users\Lau\AppData\Local\Google\Chrome\User Data\Default [2018-11-20]
CHR Extension: (Presentaciones) - C:\Users\Lau\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-23]
CHR Extension: (Documentos) - C:\Users\Lau\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-23]
CHR Extension: (Google Drive) - C:\Users\Lau\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-23]
CHR Extension: (YouTube) - C:\Users\Lau\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-23]
CHR Extension: (Hojas de cálculo) - C:\Users\Lau\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-23]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Lau\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-05]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Lau\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-05]
CHR Extension: (Gmail) - C:\Users\Lau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-23]
CHR Extension: (Chrome Media Router) - C:\Users\Lau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-05]

Opera: 
=======
StartMenuInternet: (HKLM) OperaStable - C:\Users\Lau\AppData\Local\Programs\Opera\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9669920 2018-11-02] (Microsoft Corporation)
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2208888 2016-09-03] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [183568 2016-10-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-08-30] (Intel Corporation)
R2 LG Device Managers; C:\Program Files (x86)\LG Software\LG Device Manager\DeviceManager.exe [81816 2018-01-11] ()
R2 LGControlCenterSVC; C:\Program Files (x86)\LG Software\LG Control Center\LGControlCenterSVC.exe [18384 2016-06-17] ()
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2017-02-13] ()
R2 PlatformMgrService; c:\Program Files (x86)\Platform Manager\PlatformMgrService.exe [29168 2016-12-05] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S4 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-10-26] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [3285520 2018-09-21] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3743648 2017-02-13] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [71232 2016-08-12] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [66624 2016-08-12] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [350272 2016-08-12] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [179472 2016-10-06] (Intel Corporation)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-11] (Microsoft Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2018-04-11] (Intel Corporation)
R3 PlatMgr; C:\WINDOWS\system32\DRIVERS\PlatMgr.sys [66712 2016-12-05] (LG Electronics Inc.)
S3 pmxdrv; C:\windows\system32\drivers\pmxdrv.sys [31152 2017-05-03] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-01] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [777944 2016-04-07] (Realsil Semiconductor Corporation)
R3 Serial; C:\WINDOWS\system32\DRIVERS\wdfserial.sys [80664 2015-03-06] (LG Electronics Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46184 2018-10-26] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [328696 2018-10-26] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60408 2018-10-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-29 12:14 - 2018-11-29 12:16 - 000016400 _____ C:\Users\Lau\Desktop\FRST.txt
2018-11-29 12:14 - 2018-11-29 12:14 - 000000000 ____D C:\FRST
2018-11-29 11:58 - 2018-11-29 11:58 - 002417152 _____ (Farbar) C:\Users\Lau\Desktop\FRST64.exe
2018-11-28 15:18 - 2018-11-28 15:18 - 000048586 _____ C:\Users\Lau\Desktop\WhatsApp Image 2018-11-26 at 6.09.14 PM.jpeg
2018-11-28 15:14 - 2018-11-28 15:14 - 000147705 _____ C:\Users\Lau\Downloads\WhatsApp Image 2018-11-26 at 6.09.14 PM.jpeg
2018-11-28 15:13 - 2018-11-28 15:13 - 000076421 _____ C:\Users\Lau\Desktop\WhatsApp Image 2018-11-28 at 3.05.07 PM.jpeg
2018-11-28 15:05 - 2018-11-28 15:05 - 000137002 _____ C:\Users\Lau\Downloads\WhatsApp Image 2018-11-28 at 3.05.07 PM.jpeg
2018-11-28 12:39 - 2018-11-28 15:44 - 000000000 ____D C:\Users\Lau\Desktop\Nueva carpeta (2)
2018-11-28 10:59 - 2018-11-28 11:02 - 171587456 _____ (Microsoft Corporation) C:\Users\Lau\Desktop\mpam-fe.exe
2018-11-27 16:47 - 2018-11-09 03:15 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-11-27 16:47 - 2018-11-09 03:15 - 004527584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-11-27 16:47 - 2018-11-09 03:14 - 001617120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-11-27 16:47 - 2018-11-09 03:00 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-11-27 16:47 - 2018-11-09 03:00 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-11-27 16:47 - 2018-11-09 02:59 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-11-27 16:47 - 2018-11-09 02:57 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-11-27 16:47 - 2018-11-09 02:56 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-11-27 16:47 - 2018-11-09 02:32 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-11-27 16:47 - 2018-11-09 02:23 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-11-27 16:47 - 2018-11-09 02:21 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-11-27 16:47 - 2018-11-09 02:17 - 002892800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-11-27 16:47 - 2018-11-08 23:56 - 001213472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-11-27 16:47 - 2018-11-08 23:56 - 001040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-11-27 16:47 - 2018-11-08 23:50 - 005624648 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-11-27 16:47 - 2018-11-08 23:49 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-11-27 16:47 - 2018-11-08 23:49 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-11-27 16:47 - 2018-11-08 23:48 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-11-27 16:47 - 2018-11-08 23:48 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-11-27 16:47 - 2018-11-08 23:48 - 003179760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-11-27 16:47 - 2018-11-08 23:47 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-11-27 16:47 - 2018-11-08 23:47 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-11-27 16:47 - 2018-11-08 23:47 - 002822456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-11-27 16:47 - 2018-11-08 23:47 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-11-27 16:47 - 2018-11-08 23:47 - 002571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-11-27 16:47 - 2018-11-08 23:47 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-11-27 16:47 - 2018-11-08 23:31 - 025856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-11-27 16:47 - 2018-11-08 23:24 - 022715904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-11-27 16:47 - 2018-11-08 23:23 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-11-27 16:47 - 2018-11-08 23:22 - 007056896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-11-27 16:47 - 2018-11-08 23:21 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-11-27 16:47 - 2018-11-08 23:21 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-11-27 16:47 - 2018-11-08 23:21 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-11-27 16:47 - 2018-11-08 23:20 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-11-27 16:47 - 2018-11-08 23:19 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-11-27 16:47 - 2018-11-08 23:19 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-11-27 16:47 - 2018-11-08 23:19 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-11-27 16:47 - 2018-11-08 23:18 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-11-27 16:47 - 2018-11-08 23:17 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-11-27 16:47 - 2018-11-08 23:16 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-11-27 16:47 - 2018-11-08 23:16 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-11-27 16:47 - 2018-11-08 23:16 - 001457152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-11-27 16:47 - 2018-11-08 22:46 - 006571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-11-27 16:47 - 2018-11-08 22:46 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-11-27 16:47 - 2018-11-08 22:46 - 004789952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-11-27 16:47 - 2018-11-08 22:46 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-11-27 16:47 - 2018-11-08 22:46 - 002253184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-11-27 16:47 - 2018-11-08 22:38 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-11-27 16:47 - 2018-11-08 22:35 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-11-27 16:47 - 2018-11-08 22:29 - 005883392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-11-27 16:47 - 2018-11-08 22:29 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-11-27 16:47 - 2018-11-08 22:28 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-11-27 16:47 - 2018-11-08 22:26 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-11-27 16:46 - 2018-11-09 03:19 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2018-11-27 16:46 - 2018-11-09 03:19 - 000549736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-11-27 16:46 - 2018-11-09 03:01 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-11-27 16:46 - 2018-11-09 03:00 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-11-27 16:46 - 2018-11-09 02:59 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-11-27 16:46 - 2018-11-09 02:58 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2018-11-27 16:46 - 2018-11-09 02:57 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2018-11-27 16:46 - 2018-11-09 02:56 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-11-27 16:46 - 2018-11-09 02:56 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-11-27 16:46 - 2018-11-09 02:56 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-11-27 16:46 - 2018-11-09 02:56 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-11-27 16:46 - 2018-11-09 02:56 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2018-11-27 16:46 - 2018-11-09 02:55 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-11-27 16:46 - 2018-11-09 02:55 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-11-27 16:46 - 2018-11-09 02:55 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-11-27 16:46 - 2018-11-09 02:54 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2018-11-27 16:46 - 2018-11-09 02:35 - 000443864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-11-27 16:46 - 2018-11-09 02:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-11-27 16:46 - 2018-11-09 02:20 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-11-27 16:46 - 2018-11-09 02:20 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-11-27 16:46 - 2018-11-09 02:19 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2018-11-27 16:46 - 2018-11-09 02:18 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-11-27 16:46 - 2018-11-09 02:18 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-11-27 16:46 - 2018-11-09 02:17 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-11-27 16:46 - 2018-11-08 23:56 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-11-27 16:46 - 2018-11-08 23:56 - 000269320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-11-27 16:46 - 2018-11-08 23:49 - 001062712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-11-27 16:46 - 2018-11-08 23:49 - 000723416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-11-27 16:46 - 2018-11-08 23:49 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-11-27 16:46 - 2018-11-08 23:49 - 000565048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-11-27 16:46 - 2018-11-08 23:49 - 000491208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-11-27 16:46 - 2018-11-08 23:49 - 000368656 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-11-27 16:46 - 2018-11-08 23:49 - 000135184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-11-27 16:46 - 2018-11-08 23:49 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-11-27 16:46 - 2018-11-08 23:48 - 002719736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-11-27 16:46 - 2018-11-08 23:48 - 001613288 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-11-27 16:46 - 2018-11-08 23:48 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-11-27 16:46 - 2018-11-08 23:48 - 000899920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-11-27 16:46 - 2018-11-08 23:48 - 000766704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-11-27 16:46 - 2018-11-08 23:48 - 000745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-11-27 16:46 - 2018-11-08 23:48 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-11-27 16:46 - 2018-11-08 23:47 - 002062392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-11-27 16:46 - 2018-11-08 23:47 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-11-27 16:46 - 2018-11-08 23:47 - 001456520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-11-27 16:46 - 2018-11-08 23:47 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-11-27 16:46 - 2018-11-08 23:47 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-11-27 16:46 - 2018-11-08 23:47 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-11-27 16:46 - 2018-11-08 23:47 - 000982400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-11-27 16:46 - 2018-11-08 23:47 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-11-27 16:46 - 2018-11-08 23:47 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-11-27 16:46 - 2018-11-08 23:47 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-11-27 16:46 - 2018-11-08 23:47 - 000594032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-11-27 16:46 - 2018-11-08 23:47 - 000537912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2018-11-27 16:46 - 2018-11-08 23:47 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-11-27 16:46 - 2018-11-08 23:47 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-11-27 16:46 - 2018-11-08 23:47 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-11-27 16:46 - 2018-11-08 23:47 - 000335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-11-27 16:46 - 2018-11-08 23:47 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-11-27 16:46 - 2018-11-08 23:22 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-11-27 16:46 - 2018-11-08 23:22 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2018-11-27 16:46 - 2018-11-08 23:21 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-11-27 16:46 - 2018-11-08 23:21 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-11-27 16:46 - 2018-11-08 23:21 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-11-27 16:46 - 2018-11-08 23:21 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2018-11-27 16:46 - 2018-11-08 23:21 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2018-11-27 16:46 - 2018-11-08 23:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-11-27 16:46 - 2018-11-08 23:20 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-11-27 16:46 - 2018-11-08 23:20 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-11-27 16:46 - 2018-11-08 23:20 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
2018-11-27 16:46 - 2018-11-08 23:20 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-11-27 16:46 - 2018-11-08 23:20 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2018-11-27 16:46 - 2018-11-08 23:20 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-11-27 16:46 - 2018-11-08 23:20 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2018-11-27 16:46 - 2018-11-08 23:19 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-11-27 16:46 - 2018-11-08 23:19 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-11-27 16:46 - 2018-11-08 23:19 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-11-27 16:46 - 2018-11-08 23:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-11-27 16:46 - 2018-11-08 23:19 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-11-27 16:46 - 2018-11-08 23:19 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-11-27 16:46 - 2018-11-08 23:18 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-11-27 16:46 - 2018-11-08 23:18 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-11-27 16:46 - 2018-11-08 23:18 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-11-27 16:46 - 2018-11-08 23:18 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-11-27 16:46 - 2018-11-08 23:18 - 000573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2018-11-27 16:46 - 2018-11-08 23:18 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2018-11-27 16:46 - 2018-11-08 23:18 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2018-11-27 16:46 - 2018-11-08 23:17 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-11-27 16:46 - 2018-11-08 23:17 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-11-27 16:46 - 2018-11-08 23:17 - 001069568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-11-27 16:46 - 2018-11-08 23:17 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-11-27 16:46 - 2018-11-08 23:16 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-11-27 16:46 - 2018-11-08 23:16 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-11-27 16:46 - 2018-11-08 23:16 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-11-27 16:46 - 2018-11-08 23:16 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2018-11-27 16:46 - 2018-11-08 23:16 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-11-27 16:46 - 2018-11-08 23:16 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-11-27 16:46 - 2018-11-08 23:16 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-11-27 16:46 - 2018-11-08 23:16 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-11-27 16:46 - 2018-11-08 23:15 - 001097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-11-27 16:46 - 2018-11-08 23:15 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-11-27 16:46 - 2018-11-08 23:15 - 000933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-11-27 16:46 - 2018-11-08 23:15 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-11-27 16:46 - 2018-11-08 23:15 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-11-27 16:46 - 2018-11-08 23:15 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-11-27 16:46 - 2018-11-08 23:15 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-11-27 16:46 - 2018-11-08 23:15 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-11-27 16:46 - 2018-11-08 23:15 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-11-27 16:46 - 2018-11-08 23:15 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-11-27 16:46 - 2018-11-08 23:07 - 002417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-11-27 16:46 - 2018-11-08 23:07 - 001299704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-11-27 16:46 - 2018-11-08 22:48 - 000550728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-11-27 16:46 - 2018-11-08 22:47 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-11-27 16:46 - 2018-11-08 22:46 - 002161008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-11-27 16:46 - 2018-11-08 22:46 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-11-27 16:46 - 2018-11-08 22:46 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-11-27 16:46 - 2018-11-08 22:46 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-11-27 16:46 - 2018-11-08 22:46 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-11-27 16:46 - 2018-11-08 22:46 - 000721024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-11-27 16:46 - 2018-11-08 22:46 - 000573504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-11-27 16:46 - 2018-11-08 22:46 - 000567048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-11-27 16:46 - 2018-11-08 22:46 - 000129288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-11-27 16:46 - 2018-11-08 22:31 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-11-27 16:46 - 2018-11-08 22:31 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-11-27 16:46 - 2018-11-08 22:31 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-11-27 16:46 - 2018-11-08 22:31 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-11-27 16:46 - 2018-11-08 22:30 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2018-11-27 16:46 - 2018-11-08 22:30 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2018-11-27 16:46 - 2018-11-08 22:29 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-11-27 16:46 - 2018-11-08 22:29 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-11-27 16:46 - 2018-11-08 22:29 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-11-27 16:46 - 2018-11-08 22:29 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-11-27 16:46 - 2018-11-08 22:29 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-11-27 16:46 - 2018-11-08 22:28 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-11-27 16:46 - 2018-11-08 22:28 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-11-27 16:46 - 2018-11-08 22:28 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-11-27 16:46 - 2018-11-08 22:28 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-11-27 16:46 - 2018-11-08 22:28 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-11-27 16:46 - 2018-11-08 22:27 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-11-27 16:46 - 2018-11-08 22:27 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-11-27 16:46 - 2018-11-08 22:27 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-11-27 16:46 - 2018-11-08 22:27 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-11-27 16:46 - 2018-11-08 22:27 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2018-11-27 16:46 - 2018-11-08 22:26 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-11-27 16:46 - 2018-11-08 22:26 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-11-27 16:46 - 2018-11-08 22:26 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-11-27 16:46 - 2018-11-08 22:26 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-11-27 16:46 - 2018-11-08 22:26 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-11-27 16:46 - 2018-11-08 22:26 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-11-27 16:46 - 2018-11-08 22:25 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-11-27 16:46 - 2018-11-08 22:25 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-11-27 16:46 - 2018-11-08 22:25 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-11-27 16:46 - 2018-11-08 22:25 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-11-27 16:46 - 2018-11-08 22:25 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-11-27 16:46 - 2018-11-08 22:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-11-27 16:46 - 2018-11-08 22:01 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-11-27 16:34 - 2018-11-27 16:35 - 000000000 ____D C:\Users\Lau\Desktop\Nueva carpeta
2018-11-27 12:39 - 2018-11-27 12:39 - 000090512 _____ C:\Users\Lau\Downloads\WhatsApp Image 2018-11-20 at 2.40.32 PM.jpeg
2018-11-27 11:45 - 2018-11-27 11:45 - 000000000 ____D C:\Users\Lau\Desktop\impresion
2018-11-27 11:39 - 2018-11-27 11:39 - 000714068 _____ C:\Users\Lau\Downloads\catalogo nenufar de luz 2018 publicacion1 (1).pdf
2018-11-27 11:34 - 2018-11-27 11:34 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-11-27 11:33 - 2018-11-27 11:33 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-11-27 11:31 - 2018-11-27 11:31 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-11-27 11:30 - 2018-11-27 11:35 - 000000000 ____D C:\ProgramData\Adobe
2018-11-27 11:27 - 2018-11-27 11:34 - 000000000 ____D C:\Users\Lau\AppData\Local\Adobe
2018-11-27 11:10 - 2018-11-27 11:10 - 001337379 _____ C:\Users\Lau\Downloads\paraenviar.zip
2018-11-27 11:00 - 2018-11-27 11:00 - 000490717 _____ C:\Users\Lau\Desktop\Nenufar de luz 2018.pdf
2018-11-26 16:15 - 2018-11-26 16:15 - 000000634 _____ C:\Users\Lau\Downloads\Turn_On_Windows_Defender_Antivirus (1).reg
2018-11-25 18:10 - 2018-11-25 18:38 - 000000000 ____D C:\Users\Lau\Desktop\mbar
2018-11-25 18:10 - 2018-11-25 18:10 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\64322458.sys
2018-11-25 17:56 - 2018-11-25 17:56 - 000000000 ____D C:\WINDOWS\pss
2018-11-25 17:33 - 2018-11-25 18:10 - 000533922 _____ C:\WINDOWS\ntbtlog.txt
2018-11-25 17:33 - 2018-11-25 18:02 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-11-24 18:26 - 2018-11-24 18:26 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\1264E758.sys
2018-11-24 18:22 - 2018-11-25 18:38 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-11-23 11:27 - 2018-11-23 11:27 - 000000000 ____D C:\Users\Lau\AppData\Local\mbam
2018-11-23 11:26 - 2018-11-24 18:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-11-23 11:26 - 2018-11-23 11:26 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-11-23 11:26 - 2018-11-23 11:26 - 000000000 ____D C:\Users\Lau\AppData\Local\mbamtray
2018-11-23 11:26 - 2018-11-23 11:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-11-23 11:26 - 2018-11-23 11:26 - 000000000 ____D C:\Program Files\Malwarebytes
2018-11-23 11:26 - 2018-10-18 08:44 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-11-20 22:17 - 2018-11-20 22:17 - 000001314 _____ C:\Users\Lau\Documents\cc_20181120_221657.reg
2018-11-20 22:15 - 2018-11-20 22:15 - 000023572 _____ C:\Users\Lau\Documents\cc_20181120_221524.reg
2018-11-20 14:32 - 2018-11-20 14:32 - 003714560 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2018-11-19 23:13 - 2018-11-19 23:13 - 000566053 _____ C:\Users\Lau\Downloads\nenufar catalogo.pdf
2018-11-19 23:13 - 2018-11-19 23:13 - 000566053 _____ C:\Users\Lau\Downloads\nenufar catalogo (1).pdf
2018-11-19 22:33 - 2018-11-19 22:33 - 000198054 _____ C:\Users\Lau\Downloads\logo.jpeg
2018-11-19 22:33 - 2018-11-19 22:33 - 000184589 _____ C:\Users\Lau\Downloads\WhatsApp Image 2018-11-19 at 10.32.07 PM.jpeg
2018-11-19 18:49 - 2018-11-19 18:49 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2018-11-19 18:49 - 2018-11-19 18:49 - 000000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2018-11-17 13:20 - 2018-11-17 13:20 - 000002580 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Empresarial.lnk
2018-11-17 13:20 - 2018-11-17 13:20 - 000002531 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-11-17 13:20 - 2018-11-17 13:20 - 000002512 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-11-17 13:20 - 2018-11-17 13:20 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-11-17 13:20 - 2018-11-17 13:20 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-11-17 13:20 - 2018-11-17 13:20 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-11-17 13:20 - 2018-11-17 13:20 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-11-17 13:20 - 2018-11-17 13:20 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-11-17 13:20 - 2018-11-17 13:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2018-11-15 12:59 - 2018-11-01 06:15 - 023861760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-11-15 12:59 - 2018-11-01 06:13 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-11-15 12:59 - 2018-11-01 04:27 - 001017152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-11-15 12:59 - 2018-11-01 04:26 - 003291640 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-11-15 12:59 - 2018-11-01 04:25 - 001784680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-11-15 12:59 - 2018-11-01 04:25 - 001288920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-11-15 12:59 - 2018-11-01 04:00 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-11-15 12:59 - 2018-11-01 01:50 - 000861712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-11-15 12:59 - 2018-11-01 01:48 - 002478872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-11-15 12:58 - 2018-11-01 08:49 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-11-15 12:58 - 2018-11-01 08:46 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-11-15 12:58 - 2018-11-01 08:45 - 001376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-11-15 12:58 - 2018-11-01 08:30 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-11-15 12:58 - 2018-11-01 08:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-11-15 12:58 - 2018-11-01 08:29 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2018-11-15 12:58 - 2018-11-01 08:28 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-11-15 12:58 - 2018-11-01 08:27 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-11-15 12:58 - 2018-11-01 07:09 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-11-15 12:58 - 2018-11-01 06:56 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-11-15 12:58 - 2018-11-01 06:56 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-11-15 12:58 - 2018-11-01 06:53 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-11-15 12:58 - 2018-11-01 04:26 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-11-15 12:58 - 2018-11-01 04:25 - 001190248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-11-15 12:58 - 2018-11-01 04:25 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-11-15 12:58 - 2018-11-01 04:25 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2018-11-15 12:58 - 2018-11-01 04:25 - 000375824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-11-15 12:58 - 2018-11-01 04:25 - 000268088 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-11-15 12:58 - 2018-11-01 04:03 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2018-11-15 12:58 - 2018-11-01 04:02 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2018-11-15 12:58 - 2018-11-01 04:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2018-11-15 12:58 - 2018-11-01 04:00 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-11-15 12:58 - 2018-11-01 03:59 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-11-15 12:58 - 2018-11-01 03:59 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-11-15 12:58 - 2018-11-01 03:59 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2018-11-15 12:58 - 2018-11-01 03:59 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-11-15 12:58 - 2018-11-01 03:59 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2018-11-15 12:58 - 2018-11-01 03:58 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-11-15 12:58 - 2018-11-01 03:58 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-11-15 12:58 - 2018-11-01 03:57 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-11-15 12:58 - 2018-11-01 03:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-11-15 12:58 - 2018-11-01 03:57 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-11-15 12:58 - 2018-11-01 03:57 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-11-15 12:58 - 2018-11-01 03:57 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-11-15 12:58 - 2018-11-01 03:57 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-11-15 12:58 - 2018-11-01 03:56 - 002929664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-11-15 12:58 - 2018-11-01 03:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-11-15 12:58 - 2018-11-01 03:56 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-11-15 12:58 - 2018-11-01 03:54 - 001679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-11-15 12:58 - 2018-11-01 03:54 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-11-15 12:58 - 2018-11-01 03:54 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-11-15 12:58 - 2018-11-01 03:54 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-11-15 12:58 - 2018-11-01 03:53 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-11-15 12:58 - 2018-11-01 03:53 - 001373696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-11-15 12:58 - 2018-11-01 03:53 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-11-15 12:58 - 2018-11-01 03:53 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-11-15 12:58 - 2018-11-01 03:53 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-11-15 12:58 - 2018-11-01 01:50 - 000786288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-11-15 12:58 - 2018-11-01 01:48 - 000880248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-11-15 12:58 - 2018-11-01 01:48 - 000384520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2018-11-15 12:58 - 2018-11-01 01:47 - 001379792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-11-15 12:58 - 2018-11-01 01:47 - 001020064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-11-15 12:58 - 2018-11-01 01:47 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-11-15 12:58 - 2018-11-01 01:33 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-11-15 12:58 - 2018-11-01 01:30 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-11-15 12:58 - 2018-11-01 01:29 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-11-15 12:58 - 2018-11-01 01:29 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-11-15 12:58 - 2018-11-01 01:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2018-11-15 12:58 - 2018-11-01 01:28 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-11-15 12:58 - 2018-11-01 01:27 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-11-15 12:58 - 2018-11-01 01:27 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-11-15 12:58 - 2018-11-01 01:27 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-11-12 20:56 - 2018-11-12 20:56 - 000000000 ____D C:\Users\Lau\Desktop\WhatsApp Video
2018-11-12 20:56 - 2018-11-12 20:56 - 000000000 ____D C:\Users\Lau\Desktop\WhatsApp Images
2018-11-12 16:36 - 2018-11-12 17:52 - 000000000 ____D C:\Users\Lau\Desktop\Camera
2018-11-08 16:13 - 2018-11-08 17:30 - 000001044 _____ C:\Users\Lau\AppData\Roaming\vso_ts_preview.xml
2018-11-08 16:11 - 2018-11-19 22:28 - 000099384 _____ C:\Users\Lau\AppData\Roaming\inst.exe
2018-11-08 16:11 - 2018-11-19 22:28 - 000082816 _____ (VSO Software) C:\Users\Lau\AppData\Roaming\pcouffin.sys
2018-11-08 16:11 - 2018-11-19 22:28 - 000007859 _____ C:\Users\Lau\AppData\Roaming\pcouffin.cat
2018-11-08 16:11 - 2018-11-19 22:28 - 000000000 ____D C:\Users\Lau\AppData\Roaming\Vso
2018-11-08 16:11 - 2018-11-08 16:11 - 000082816 _____ (VSO Software) C:\WINDOWS\system32\Drivers\pcouffin.sys
2018-11-08 15:54 - 2009-10-16 18:19 - 000000330 _____ C:\Users\Lau\Desktop\seriales.txt
2018-11-05 17:44 - 2018-11-05 17:44 - 000387063 _____ C:\Users\Lau\Downloads\ComprobantePago (2).pdf
2018-11-02 21:06 - 2018-11-02 21:06 - 000387075 _____ C:\Users\Lau\Downloads\ComprobantePago (1).pdf
2018-10-30 19:19 - 2018-10-30 19:27 - 000000000 ____D C:\AdwCleaner

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-29 12:00 - 2018-04-11 20:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-29 11:54 - 2018-05-08 20:42 - 001768608 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-29 11:54 - 2018-04-12 13:18 - 000787938 _____ C:\WINDOWS\system32\perfh00A.dat
2018-11-29 11:54 - 2018-04-12 13:18 - 000155554 _____ C:\WINDOWS\system32\perfc00A.dat
2018-11-29 11:54 - 2018-04-11 20:36 - 000000000 ____D C:\WINDOWS\INF
2018-11-29 11:53 - 2017-11-14 21:46 - 000000436 _____ C:\Users\Lau\Desktop\LAU.lnk
2018-11-29 11:50 - 2017-11-14 16:11 - 001589876 _____ C:\Users\Lau\AppData\Roaming\OSD_LOG.txt
2018-11-29 11:49 - 2018-05-08 20:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-29 11:49 - 2017-11-14 16:08 - 000000000 __SHD C:\Users\Lau\IntelGraphicsProfiles
2018-11-29 11:48 - 2018-04-11 18:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-11-29 11:11 - 2018-05-08 20:52 - 000004210 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5C2D6DE9-018B-4B36-A41F-79078BF01E83}
2018-11-29 02:09 - 2018-05-08 20:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-29 00:16 - 2018-03-20 11:10 - 000000000 ____D C:\Users\Lau\Downloads\Nenu
2018-11-29 00:16 - 2017-11-25 22:56 - 000000000 ____D C:\Users\Lau\Downloads\UTORRENT
2018-11-28 21:39 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-11-28 21:38 - 2018-10-26 16:59 - 000001527 _____ C:\WINDOWS\system32\config\VSMIDK
2018-11-28 21:24 - 2018-04-11 20:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-28 21:24 - 2017-11-15 19:45 - 000000000 ____D C:\Users\Lau\AppData\Local\Packages
2018-11-28 12:53 - 2017-12-02 20:17 - 000000000 ____D C:\Users\Lau\AppData\LocalLow\uTorrent
2018-11-28 12:53 - 2017-11-14 22:02 - 000000000 ____D C:\Users\Lau\AppData\Roaming\uTorrent
2018-11-27 17:51 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-11-27 17:18 - 2017-11-15 20:02 - 000000000 ___RD C:\Users\Lau\3D Objects
2018-11-27 17:18 - 2017-01-10 05:15 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-11-27 17:17 - 2018-05-08 20:23 - 000434536 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-11-27 17:13 - 2018-04-11 20:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-11-27 17:13 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-11-27 17:13 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2018-11-27 17:13 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-11-27 17:06 - 2018-04-11 20:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-11-27 13:30 - 2018-05-08 20:52 - 000004004 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1511451544
2018-11-27 12:06 - 2017-11-14 21:52 - 000592416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-11-27 11:34 - 2017-11-25 12:28 - 000000000 ____D C:\Users\Lau\AppData\LocalLow\Adobe
2018-11-27 11:34 - 2017-11-14 16:09 - 000000000 ____D C:\Users\Lau\AppData\Roaming\Adobe
2018-11-26 16:10 - 2017-11-23 18:34 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-25 17:48 - 2018-03-11 17:40 - 000000000 ____D C:\Users\Lau\Desktop\EIGA
2018-11-20 20:20 - 2017-11-26 22:25 - 000000000 ____D C:\Users\Lau\AppData\Roaming\vlc
2018-11-20 19:05 - 2018-02-25 02:21 - 000000000 ____D C:\Users\Lau\AppData\Roaming\dvdcss
2018-11-20 14:32 - 2018-05-08 20:52 - 000004622 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-11-20 14:32 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-11-20 14:32 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-11-19 21:56 - 2017-12-03 17:16 - 000000000 ____D C:\Users\Lau\AppData\Local\ElevatedDiagnostics
2018-11-19 19:17 - 2016-07-16 08:47 - 000000167 _____ C:\WINDOWS\win.ini
2018-11-19 19:07 - 2018-04-11 20:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-11-19 17:07 - 2017-11-15 20:03 - 000000000 ___HD C:\Users\Lau\MicrosoftEdgeBackups
2018-11-17 13:18 - 2017-01-10 05:09 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-11-16 20:00 - 2018-07-11 23:15 - 000834960 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-11-16 20:00 - 2018-07-11 23:15 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-16 11:33 - 2018-04-11 20:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-11-16 11:33 - 2018-04-11 20:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-11-16 11:33 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-11-16 11:33 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-11-16 11:29 - 2017-11-14 23:45 - 000000000 ____D C:\Program Files\rempl
2018-11-16 11:25 - 2018-05-08 20:52 - 000003368 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4282247097-123408342-55159551-1001
2018-11-16 11:24 - 2018-05-08 20:30 - 000002387 _____ C:\Users\Lau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-16 11:24 - 2017-11-14 16:13 - 000000000 ___RD C:\Users\Lau\OneDrive
2018-11-15 16:38 - 2017-11-14 23:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-11-15 16:36 - 2017-11-14 23:41 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-11-09 20:53 - 2018-05-08 20:52 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update

==================== Files in the root of some directories =======

2018-11-08 16:11 - 2018-11-19 22:28 - 000099384 _____ () C:\Users\Lau\AppData\Roaming\inst.exe
2017-11-14 16:11 - 2018-11-29 11:50 - 001589876 _____ () C:\Users\Lau\AppData\Roaming\OSD_LOG.txt
2018-11-08 16:11 - 2018-11-19 22:28 - 000007859 _____ () C:\Users\Lau\AppData\Roaming\pcouffin.cat
2018-11-08 16:11 - 2018-11-19 22:28 - 000001167 _____ () C:\Users\Lau\AppData\Roaming\pcouffin.inf
2018-11-08 16:12 - 2018-11-19 22:28 - 000000033 _____ () C:\Users\Lau\AppData\Roaming\pcouffin.log
2018-11-08 16:11 - 2018-11-19 22:28 - 000082816 _____ (VSO Software) C:\Users\Lau\AppData\Roaming\pcouffin.sys
2018-11-08 16:13 - 2018-11-08 17:30 - 000001044 _____ () C:\Users\Lau\AppData\Roaming\vso_ts_preview.xml

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-08 20:23

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29.11.2018
Ran by Lau (29-11-2018 12:17:10)
Running from C:\Users\Lau\Desktop
Windows 10 Home Single Language Version 1803 17134.441 (X64) (2018-05-08 23:55:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-4282247097-123408342-55159551-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4282247097-123408342-55159551-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-4282247097-123408342-55159551-1000 - Limited - Disabled) => C:\Users\defaultuser0
Invitado (S-1-5-21-4282247097-123408342-55159551-501 - Limited - Disabled)
Lau (S-1-5-21-4282247097-123408342-55159551-1001 - Administrator - Enabled) => C:\Users\Lau
WDAGUtilityAccount (S-1-5-21-4282247097-123408342-55159551-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4282247097-123408342-55159551-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)
AVS Audio Converter 8.3.1 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 8.3.1.571 - Online Media Technologies Ltd.)
AVS Audio Editor 8.2.1 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 8.2.1.513 - Online Media Technologies Ltd.)
AVS Disc Creator 5.2.7 (HKLM-x32\...\AVS Disc Creator_is1) (Version: 5.2.7.541 - Online Media Technologies Ltd.)
AVS Document Converter 3.1.1 (HKLM-x32\...\AVS Document Converter_is1) (Version: 3.1.1.244 - Online Media Technologies Ltd.)
AVS Image Converter 4.1.1 (HKLM-x32\...\AVS Image Converter_is1) (Version: 4.1.1.285 - Online Media Technologies Ltd.)
AVS Media Player 4.3.3 (HKLM-x32\...\AVS Media Player_is1) (Version: 4.3.3.117 - Online Media Technologies Ltd.)
AVS Photo Editor 2.3.5 (HKLM-x32\...\AVS Photo Editor_is1) (Version: 2.3.5.151 - Online Media Technologies Ltd.)
AVS Registry Cleaner 3.0.4 (HKLM-x32\...\AVS Registry Cleaner_is1) (Version: 3.0.4.274 - Online Media Technologies Ltd.)
AVS Video Converter 9.4.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.4.1.594 - Online Media Technologies Ltd.)
AVS Video Editor 7.4.1 (HKLM-x32\...\AVS Video Editor_is1) (Version: 7.4.1.281 - Online Media Technologies Ltd.)
AVS Video ReMaker 5.0.3 (HKLM-x32\...\AVS Video ReMaker_is1) (Version: 5.0.3.178 - Online Media Technologies Ltd.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.73.1084 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4849 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{7FADF1ED-241A-4F82-B8FD-19BD0A82FFA0}) (Version: 19.11.1639.0649 - Intel Corporation)
Java 8 Update 191 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
LG Control Center (HKLM-x32\...\{41728F94-6203-4F39-AADA-A8C06E6CCA14}) (Version: 1.0.1610.1701 - LG Electronics Inc.)
LG Device Manager (HKLM-x32\...\{29B3EDEF-C8F6-408E-AE67-53AF1B143032}) (Version: 1.0.1801.1101 - LG Electronics Inc.)
LG Easy Guide (HKLM-x32\...\EasyGuide) (Version: 3.1.1701.0901 - LG Electronics Inc.)
LG On Screen Display 3 (HKLM-x32\...\{CDF8BA0D-9707-4F6B-A7A8-D9F536EF49B0}) (Version: 1.0.1610.2001 - LG Electronics Inc.)
LG Reader Mode (HKLM-x32\...\{6BBDD2CD-CCB4-4184-98EE-6A29F911A763}) (Version: 1.0.1612.501 - LG Electronics Inc.)
LG Troubleshooting (HKLM-x32\...\Troubleshooting) (Version: 3.1.1612.2301 - LG Electronics Inc.)
LG Update Center (HKLM-x32\...\{70844FF3-F678-4FDB-90CB-7132F030783E}) (Version: 1.0.1803.2101 - LG Electronics Inc.)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office 365 ProPlus - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.11001.20108 - Microsoft Corporation)
Microsoft Office Hogar y Estudiantes 2016 - es-es (HKLM\...\HomeStudentRetail - es-es) (Version: 16.0.11001.20108 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4282247097-123408342-55159551-1001\...\OneDriveSetup.exe) (Version: 18.192.0920.0015 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 RC Redistributable (x64) - 11.0.50522 (HKLM-x32\...\{54ab72e3-5db0-419f-ab49-a3ae7464756c}) (Version: 11.0.50522.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 RC Redistributable (x86) - 11.0.50522 (HKLM-x32\...\{3184be55-c1cb-41c6-9e2c-e3ee15eed812}) (Version: 11.0.50522.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nero 8 Lite 8.1.1.3 (HKLM-x32\...\Nero8Lite_is1) (Version: 8.1.1.3 - Updatepack.nl)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Opera Stable 56.0.3051.116 (HKLM-x32\...\Opera 56.0.3051.116) (Version: 56.0.3051.116 - Opera Software)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Popcorn-Time (HKU\S-1-5-21-4282247097-123408342-55159551-1001\...\Popcorn-Time) (Version: 0.3.10 - Popcorn Time)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21290 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8311 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Software Intel® PROSet/Wireless (HKLM-x32\...\{66614300-cd9b-4a62-8b18-c97e9562dc3e}) (Version: 19.50.0 - Intel Corporation)
Subtitle Workshop 6.0b (HKLM-x32\...\SubtitleWorkshop) (Version:  - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0-2) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2015-04-06] (Online Media Technologies Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki125863.inf_amd64_feb1c0f960ddadcd\igfxDTCM.dll [2017-12-19] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01D8D9D8-39DE-4A30-ACDC-5130AC7ADCCE} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OnIdle -> No File <==== ATTENTION
Task: {0513363C-24B9-42D7-B9AE-1A757022867A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-11-17] (Microsoft Corporation)
Task: {19520EAA-8DE3-45F2-A2FC-2795374B1942} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-13] (Piriform Ltd)
Task: {1ABE88C9-897C-4E2F-BBC0-12266F8E65CC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-02] (Microsoft Corporation)
Task: {27D2FAAA-8E55-423B-A321-C9407E8510B5} - System32\Tasks\S-1-5-21-4282247097-123408342-55159551-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-11] (Microsoft Corporation)
Task: {2E06A2AC-62F5-45EA-BBC2-6C0B28B44D4C} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OutOfIdle -> No File <==== ATTENTION
Task: {308AD1BE-6F84-4DF3-BD5C-919A4398813E} - System32\Tasks\Opera scheduled Autoupdate 1511451544 => C:\Users\Lau\AppData\Local\Programs\Opera\launcher.exe [2018-11-26] (Opera Software)
Task: {30ABB63C-1CB0-445B-9487-CECC757F3182} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel(R) Corporation)
Task: {38F32FBD-5042-4CCD-B2B7-E6A97D2F60F8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-11-17] (Microsoft Corporation)
Task: {4A8715BF-B202-4386-8401-9C1AB9BE2C74} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-11-17] (Microsoft Corporation)
Task: {5823DE5B-FF61-477B-8112-1360538F6417} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\RunCampaignManager2 -> No File <==== ATTENTION
Task: {59C4B691-BE28-44CB-AC34-64301ABA298E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-26] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {68C14AF1-2C92-4EC8-90C4-035E762B9162} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Unlock -> No File <==== ATTENTION
Task: {71568AD3-EBBC-4A3F-91E8-9BEC28938D20} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-26] (Microsoft Corporation)
Task: {7D02ACD8-CFB6-43C8-B2B2-B00CE1FD1A7C} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Time -> No File <==== ATTENTION
Task: {952096AA-01CD-48F7-96D4-AD29688CD492} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-02] (Microsoft Corporation)
Task: {9C8737BC-E20D-436C-A6F9-AF679C019000} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {9CC0DB1D-1B7C-43B2-B18C-574B76665CF2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-26] (Microsoft Corporation)
Task: {BB312C53-504A-4B7D-9F67-B9FB1E424018} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-20] (Adobe Systems Incorporated)
Task: {BFF91562-A9DA-4489-9210-27D7C0009E49} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-13] (Piriform Ltd)
Task: {CAF97D3A-58F3-48E9-8ABF-EE52B347213D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-17] (Microsoft Corporation)
Task: {CFCF40CA-6162-4259-A56F-1D9AA37E9FF5} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Logon -> No File <==== ATTENTION
Task: {D5646275-9CF8-48E3-B0BE-69E1D536DDC7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-11-17] (Microsoft Corporation)
Task: {DA92C9E0-7D93-4394-AB5E-B43E8792BC23} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-23] (Google Inc.)
Task: {E2E6CA2C-BD8B-4041-AB25-996A051D8D30} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E3C87267-8BEA-475F-A4D3-96FB58A3DFD5} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_pepper.exe [2018-11-20] (Adobe Systems Incorporated)
Task: {F8B4AD53-424A-49A4-9707-5BAEEE31967B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-17] (Microsoft Corporation)
Task: {F920B143-BC45-4534-9359-2901A0941605} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-23] (Google Inc.)
Task: {FC53C04A-C1B1-4A40-B44F-E4DD0A587AA1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-26] (Microsoft Corporation)
Task: {FED917EA-10DE-469F-A6B9-9091E88F0678} - System32\Tasks\LGUpdateCenter => C:\Program Files (x86)\LG Software\LG Update Center\UCUpdate.exe [2018-03-24] (LG Electronics inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-04-11 20:34 - 2018-04-11 20:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2017-01-10 06:28 - 2018-01-11 19:43 - 000081816 _____ () C:\Program Files (x86)\LG Software\LG Device Manager\DeviceManager.exe
2017-01-10 06:27 - 2016-06-17 19:34 - 000018384 _____ () C:\Program Files (x86)\LG Software\LG Control Center\LGControlCenterSVC.exe
2016-12-05 01:19 - 2016-12-05 01:19 - 000029168 _____ () c:\Program Files (x86)\Platform Manager\PlatformMgrService.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2018-04-11 20:34 - 2018-04-11 20:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-11-27 16:47 - 2018-11-08 23:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-11-27 16:47 - 2018-11-08 23:17 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-04 11:14 - 2018-10-04 11:16 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-11-15 11:55 - 2018-11-15 11:56 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-11-15 11:56 - 2018-11-15 11:58 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2017-01-10 06:26 - 2016-10-06 21:47 - 000308224 _____ () C:\Program Files (x86)\LG Software\LG OSD\HkRes.dll
2018-11-27 13:30 - 2018-11-27 13:30 - 104197208 _____ () C:\Users\Lau\AppData\Local\Programs\Opera\56.0.3051.116\opera_browser.dll
2018-11-27 13:30 - 2018-11-27 13:30 - 005082200 _____ () C:\Users\Lau\AppData\Local\Programs\Opera\56.0.3051.116\libglesv2.dll
2018-11-27 13:30 - 2018-11-27 13:30 - 000116824 _____ () C:\Users\Lau\AppData\Local\Programs\Opera\56.0.3051.116\libegl.dll
2016-08-30 05:19 - 2016-08-30 05:19 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 08:47 - 2016-07-16 08:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4282247097-123408342-55159551-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lau\Desktop\Mr-Sunshineo.jpg
DNS Servers: 172.98.193.42 - 192.99.85.244
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-4282247097-123408342-55159551-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

19-11-2018 19:23:11 Instalador de Módulos de Windows
20-11-2018 21:10:10 Instalador de Módulos de Windows
21-11-2018 22:44:50 Instalador de Módulos de Windows
22-11-2018 23:51:54 Instalador de Módulos de Windows
24-11-2018 00:10:36 Instalador de Módulos de Windows
25-11-2018 02:13:22 Instalador de Módulos de Windows
27-11-2018 12:20:07 Instalador de Módulos de Windows

==================== Faulty Device Manager Devices =============

Name: Microsoft Wi-Fi Direct Virtual Adapter
Description: Adaptador virtual de Wi-Fi Direct de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/25/2018 05:34:40 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Nero\Nero Toolkit\Nero DiscSpeed\DiscSpeed.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.407_none_fb449d63306391e9.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.407_none_42f1d43a44dfbaef.manifest.

Error: (11/25/2018 05:34:34 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" en la línea 1.
La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
La referencia es UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
La definición es UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (11/23/2018 09:06:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_UserDataSvc, versión: 10.0.17134.1, marca de tiempo: 0xa38b9ab2
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.376, marca de tiempo: 0x60d78cf9
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00000000000069d1
Identificador del proceso con errores: 0x2aec
Hora de inicio de la aplicación con errores: 0x01d4833414428921
Ruta de acceso de la aplicación con errores: c:\windows\system32\svchost.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: 3b38ea8a-31c5-4b87-a1a9-e51696059748
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (11/21/2018 07:32:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_WpnUserService, versión: 10.0.17134.1, marca de tiempo: 0xa38b9ab2
Nombre del módulo con errores: NotificationController.dll, versión: 10.0.17134.165, marca de tiempo: 0xe0385185
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000007a24d
Identificador del proceso con errores: 0x8b4
Hora de inicio de la aplicación con errores: 0x01d481ddb41b3322
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\svchost.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\NotificationController.dll
Identificador del informe: a3a74208-e0fe-45fa-b782-1353a1d48b6c
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (11/21/2018 06:03:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_WpnUserService, versión: 10.0.17134.1, marca de tiempo: 0xa38b9ab2
Nombre del módulo con errores: NotificationController.dll, versión: 10.0.17134.165, marca de tiempo: 0xe0385185
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000007a24d
Identificador del proceso con errores: 0x1d88
Hora de inicio de la aplicación con errores: 0x01d481b6010c7298
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\svchost.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\NotificationController.dll
Identificador del informe: ac5a7389-a65d-49ca-87c8-1ac9ae661314
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (11/21/2018 04:54:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa Microsoft.Photos.exe, versión 2018.18091.17210.0, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control.

Identificador de proceso: 2be0

Hora de inicio: 01d481ac93ab3231

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

Identificador de informe: e29b1235-08a7-4dc6-b31e-e444573cecbc

Nombre completo de paquete con errores: Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe

Identificador de aplicación relativa del paquete con errores: App

Error: (11/21/2018 01:19:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_WpnUserService, versión: 10.0.17134.1, marca de tiempo: 0xa38b9ab2
Nombre del módulo con errores: NotificationController.dll, versión: 10.0.17134.165, marca de tiempo: 0xe0385185
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000007a24d
Identificador del proceso con errores: 0x16e8
Hora de inicio de la aplicación con errores: 0x01d481a838a7a37d
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\svchost.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\NotificationController.dll
Identificador del informe: b9527c10-f1fc-4fe4-8cf4-b097f4110cf1
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (11/21/2018 11:40:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_WpnUserService, versión: 10.0.17134.1, marca de tiempo: 0xa38b9ab2
Nombre del módulo con errores: NotificationController.dll, versión: 10.0.17134.165, marca de tiempo: 0xe0385185
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000026083
Identificador del proceso con errores: 0xaf8
Hora de inicio de la aplicación con errores: 0x01d481a8246d569d
Ruta de acceso de la aplicación con errores: c:\windows\system32\svchost.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\NotificationController.dll
Identificador del informe: 07262abc-134b-4b66-ab82-addf489995f0
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


System errors:
=============
Error: (11/29/2018 12:14:12 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1053" al intentar iniciar el servicio WinDefend con argumentos "" para ejecutar el servidor:
{2781761E-28E2-4109-99FE-B9D127C57AFE}

Error: (11/29/2018 12:14:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Windows Defender no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (11/29/2018 12:14:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Windows Defender.

Error: (11/29/2018 11:57:33 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1053" al intentar iniciar el servicio WinDefend con argumentos "" para ejecutar el servidor:
{2781761E-28E2-4109-99FE-B9D127C57AFE}

Error: (11/29/2018 11:57:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Windows Defender no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (11/29/2018 11:57:33 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Windows Defender.

Error: (11/29/2018 11:57:25 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1053" al intentar iniciar el servicio WinDefend con argumentos "" para ejecutar el servidor:
{2781761E-28E2-4109-99FE-B9D127C57AFE}

Error: (11/29/2018 11:57:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Windows Defender no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.


Windows Defender:
===================================
Date: 2018-11-27 15:41:55.206
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {80644948-BF77-4A3F-B577-42E3B4E68E38}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2018-11-27 12:30:36.741
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {24881487-09B5-4C53-85FB-5E0672D6283A}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2018-11-26 15:22:20.716
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {8C7A25F3-B5CA-4ED2-BACE-5FAE646F80B1}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2018-11-26 00:07:18.019
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {C8DFED2E-719F-4010-BB98-6D953F387CE4}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2018-11-25 19:01:44.018
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {EA6F6AA5-7BED-43FD-B931-9599057B2068}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2018-11-25 18:32:37.592
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.281.815.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15400.5
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 

Date: 2018-11-25 18:12:35.855
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.281.815.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15400.5
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 

Date: 2018-11-25 18:02:36.067
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.281.815.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15400.5
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 

Date: 2018-11-25 18:02:27.328
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2018-11-25 17:43:40.957
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.281.812.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15400.5
Código de error: 0x80072742
Descripción del error: Una operación socket encontró una red inactiva. 

CodeIntegrity:
===================================

Date: 2018-11-29 00:32:39.128
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-29 00:32:39.098
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-29 00:32:39.083
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-29 00:32:39.077
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-28 23:19:51.490
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-28 23:18:37.998
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-28 23:18:20.698
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-28 23:18:11.420
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 57%
Total physical RAM: 3955.2 MB
Available physical RAM: 1692.11 MB
Total Virtual: 6387.2 MB
Available Virtual: 3941.32 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:916.24 GB) (Free:826.14 GB) NTFS

\\?\Volume{c4d646e0-a14e-4369-aa3a-a71fdb4c8224}\ (WinRE) (Fixed) (Total:0.88 GB) (Free:0.49 GB) NTFS
\\?\Volume{145793b3-7c92-42de-8bd8-b92dd1bc3f20}\ (Recovery) (Fixed) (Total:13.62 GB) (Free:4.63 GB) NTFS
\\?\Volume{f9b48c99-7318-4642-ac1c-aef69eac671c}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: C31FF652)

Partition: GPT.

==================== End of Addition.txt ============================

@Miguelgrado Ok, aca esta el ultimo post

Farbar Service Scanner Version: 27-01-2016
Ran by Lau (administrator) on 29-11-2018 at 13:57:45
Running from "C:\Users\Lau\Desktop"
Microsoft Windows 10 Home Single Language  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend: "%SystemRoot%\System32\svchost.exe -k secsvcs".


Windows Defender Disabled Policy: 
==========================


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

• Para hacerlo descarga Delfix en tu escritorio.

• Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

• Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

• Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:

Start
CreateRestorePoint:
CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope {2CA8917F-21AE-4441-AE30-6A572D00F01D} URL = 
SearchScopes: HKU\S-1-5-21-4282247097-123408342-55159551-1001 -> DefaultScope {2CA8917F-21AE-4441-AE30-6A572D00F01D} URL = 
SearchScopes: HKU\S-1-5-21-4282247097-123408342-55159551-1001 -> {2CA8917F-21AE-4441-AE30-6A572D00F01D} URL =
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
Task: {01D8D9D8-39DE-4A30-ACDC-5130AC7ADCCE} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OnIdle -> No File <==== ATTENTION
Task: {2E06A2AC-62F5-45EA-BBC2-6C0B28B44D4C} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OutOfIdle -> No File <==== ATTENTION
Task: {5823DE5B-FF61-477B-8112-1360538F6417} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\RunCampaignManager2 -> No File <==== ATTENTION
Task: {68C14AF1-2C92-4EC8-90C4-035E762B9162} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Unlock -> No File <==== ATTENTION
Task: {7D02ACD8-CFB6-43C8-B2B2-B00CE1FD1A7C} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Time -> No File <==== ATTENTION
Task: {CFCF40CA-6162-4259-A56F-1D9AA37E9FF5} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Logon -> No File <==== ATTENTION
Task: {E2E6CA2C-BD8B-4041-AB25-996A051D8D30} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

• Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro?, para trabajar desde ese modo de windows.

• Ejecutas Frst.exe.

• Presionas el botón Fix y aguardas a que termine.

• La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el problema,

Entras en Windows update y dale a actualizar y comprueba si se actualiza Defender y si ahora funciona bien, o sigue igual.

Fix result of Farbar Recovery Scan Tool (x64) Version: 29.11.2018
Ran by Lau (29-11-2018 16:08:06) Run:1
Running from C:\Users\Lau\Desktop
Loaded Profiles: Lau (Available Profiles: defaultuser0 & Lau)
Boot Mode: Safe Mode (minimal)
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope {2CA8917F-21AE-4441-AE30-6A572D00F01D} URL = 
SearchScopes: HKU\S-1-5-21-4282247097-123408342-55159551-1001 -> DefaultScope {2CA8917F-21AE-4441-AE30-6A572D00F01D} URL = 
SearchScopes: HKU\S-1-5-21-4282247097-123408342-55159551-1001 -> {2CA8917F-21AE-4441-AE30-6A572D00F01D} URL =
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
Task: {01D8D9D8-39DE-4A30-ACDC-5130AC7ADCCE} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OnIdle -> No File <==== ATTENTION
Task: {2E06A2AC-62F5-45EA-BBC2-6C0B28B44D4C} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OutOfIdle -> No File <==== ATTENTION
Task: {5823DE5B-FF61-477B-8112-1360538F6417} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\RunCampaignManager2 -> No File <==== ATTENTION
Task: {68C14AF1-2C92-4EC8-90C4-035E762B9162} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Unlock -> No File <==== ATTENTION
Task: {7D02ACD8-CFB6-43C8-B2B2-B00CE1FD1A7C} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Time -> No File <==== ATTENTION
Task: {CFCF40CA-6162-4259-A56F-1D9AA37E9FF5} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Logon -> No File <==== ATTENTION
Task: {E2E6CA2C-BD8B-4041-AB25-996A051D8D30} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-4282247097-123408342-55159551-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-4282247097-123408342-55159551-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2CA8917F-21AE-4441-AE30-6A572D00F01D} => removed successfully
HKLM\Software\Classes\CLSID\{2CA8917F-21AE-4441-AE30-6A572D00F01D} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01D8D9D8-39DE-4A30-ACDC-5130AC7ADCCE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01D8D9D8-39DE-4A30-ACDC-5130AC7ADCCE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OnIdle" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2E06A2AC-62F5-45EA-BBC2-6C0B28B44D4C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E06A2AC-62F5-45EA-BBC2-6C0B28B44D4C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OutOfIdle" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5823DE5B-FF61-477B-8112-1360538F6417}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5823DE5B-FF61-477B-8112-1360538F6417}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\RunCampaignManager2" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68C14AF1-2C92-4EC8-90C4-035E762B9162}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68C14AF1-2C92-4EC8-90C4-035E762B9162}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Unlock" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D02ACD8-CFB6-43C8-B2B2-B00CE1FD1A7C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D02ACD8-CFB6-43C8-B2B2-B00CE1FD1A7C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Time" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CFCF40CA-6162-4259-A56F-1D9AA37E9FF5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFCF40CA-6162-4259-A56F-1D9AA37E9FF5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Logon" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2E6CA2C-BD8B-4041-AB25-996A051D8D30}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2E6CA2C-BD8B-4041-AB25-996A051D8D30}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-4282247097-123408342-55159551-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-4282247097-123408342-55159551-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.


========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c

========= End of CMD: =========


========= netsh advfirewall reset =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= End of CMD: =========


========= netsh int ipv4 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 42541226 B
Java, Flash, Steam htmlcache => 1777 B
Windows/system/drivers => 5040342 B
Edge => 330908610 B
Chrome => 394669 B
Firefox => 0 B
Opera => 488653990 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 114038 B
LocalService => 0 B
NetworkService => 6327104 B
NetworkService => 0 B
defaultuser0 => 6656 B
Lau => 96911698 B

RecycleBin => 0 B
EmptyTemp: => 934.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:09:40 ====

Sigue todo igual, te adjunto el mensaje de windows update (porque no se como adjuntar imagenes), que tampoco parece estar trabajando ninguna otra actualizacion desde ayer que pase el fixwin.

Ha habido problemas al instalar algunas actualizaciones, lo volveremos a intentar más tarde. Si sigues viendo este mensaje y quieres buscar en la web o ponerte en contacto con el servicio de soporte técnico para obtener más información, esto te puede ser de ayuda: Actualización de definición para Windows Defender Antivirus – KB2267602 (Definición 1.281.1059.0) - Error 0x80070643

No pude salir del modo seguro correctamente (desmarcando “arranque a prueba de errores” y eso) solo se reinicio de inmediato, es necesario que regrese ahi para hacerlo?

No,si ya estas en modo normal esta bien asi

Si abres Windows defender , mira si al darle a actualizar manualmente funciona

Configuración. - seguridad y actualización - seguridad de windows o centro de seguridad

Si no funciona, vete a >> https://www.microsoft.com/en-us/wdsi/definitions

Windows Defender Antivirus for Windows 10 and Windows 8.1 y descarga la de 64 bits y la instalas y reinicia el pc

Luego comprueba como va Windows Defender

Ya ni siquiera dice Windows defender, dice; el servicio de amenazas de ha detenido: Reiniciar ahora. Al hacerlo se queda ahi pegado para siempre. Al entrar desde otro lado dice: Se produjo un error inesperado y hemos encontrado un problema. Intentalo de nuevo. Y asi puede estar por muucho tiempo. Descargue la version manual pero tampoco funciona, simplemente no aparece nada de nada y asi se queda.

Vale, parece que hay mas daños de lo pensado en el sistema

Bien, vamos a ir mas directos

Vete a >> https://www.microsoft.com/es-es/software-download/windows10

Arriba debería ponerte, Windows 10 October 2018 Update ya está disponible

Le das a “actualizar ahora” y sigues las indicaciones

Cualquier duda o problema, me comentas

Muchas gracias @Miguelgrado Por fin tengo la protección en tiempo real nuevamente funcionando y windows update tambien, todo en orden La actualizacion fue la respuesta correcta finalmente Elimino todos los programas utilizados y sus carpetas verdad?