ups, perdón eso de estar pasando archivos de la laptopa usb pc, aqui va:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.02.2019 01
Ran by Amparo (27-02-2019 06:35:36)
Running from C:\Users\Amparo\Desktop
Windows 10 Home Single Language Version 1803 17134.407 (X64) (2018-06-15 20:11:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-2665212972-797558305-1704637805-500 - Administrator - Enabled) => C:\Users\Administrator
afa (S-1-5-21-2665212972-797558305-1704637805-1002 - Limited - Enabled) => C:\Users\afa
Amparo (S-1-5-21-2665212972-797558305-1704637805-1001 - Administrator - Enabled) => C:\Users\Amparo
DefaultAccount (S-1-5-21-2665212972-797558305-1704637805-503 - Limited - Disabled)
Invitado (S-1-5-21-2665212972-797558305-1704637805-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2665212972-797558305-1704637805-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Application Support (32 bits) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 3.56.76.1867 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.53 - Piriform)
ClamWin Free Antivirus 0.99.4 (HKLM-x32\...\ClamWin Free Antivirus_is1) (Version: - alch)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.2330a - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.2330a - CyberLink Corp.)
CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.2318 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.0.0.4 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.0.0.4 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{D9ED3EFC-AB00-4CE0-ADED-80EE6B1158A7}) (Version: 2.2.2000.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)
Dell Support Center (HKLM\...\PC-Doctor for Windows) (Version: 3.2.6032.39 - PC-Doctor, Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.64 - Synaptics Incorporated)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 3.2.6032.39 - PC-Doctor, Inc.) Hidden
FormatFactory 2.40 (HKLM-x32\...\FormatFactory) (Version: 2.40 - Free Time)
Galería de fotos (HKLM-x32\...\{8F7FECEC-088F-431D-A5FB-2B59E1E69943}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HP USB Disk Storage Format Tool (HKLM-x32\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version: - )
IllustratorCs6 version 16.0 (HKLM-x32\...\{B558D09D-AF45-4008-B73B-409706BC7FF8}_is1) (Version: 16.0 - Nws)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{6F73FF93-0B55-4194-AE45-C19DA1F33E97}) (Version: 6.0.3 - Intel Corporation)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2665212972-797558305-1704637805-1001\...\OneDriveSetup.exe) (Version: 18.192.0920.0015 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
MiniTool Power Data Recovery Free Edition 7.0 (HKLM\...\MiniTool Power Data Recovery Free Edition_is1) (Version: - MiniTool Solution Ltd.)
Movie Maker (HKLM-x32\...\{13F3CEA5-9E2C-4C4E-9F0F-D0DB389CF4A9}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Paquete de controladores de Windows - MediaTek Inc. (usbser) Ports (01/05/2012 2.0000.0.1) (HKLM\...\49D9ABA9270C5BDFD7AE1BEB607D36B26BB90235) (Version: 01/05/2012 2.0000.0.1 - MediaTek Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.218 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.012 - Dell Inc.)
QuickTime (HKLM-x32\...\{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}) (Version: 7.66.71.0 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
SmartSound Quicktracks 5 (HKLM-x32\...\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.7 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.7 - SmartSound Software Inc.)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
Update Manager (HKLM-x32\...\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}) (Version: 4.60 - Corel Corporation) Hidden
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
ZTE Driver USB del dispositivo (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2088.1.A01B04 - ZTE Corporation)
ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version: - ZTE Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2665212972-797558305-1704637805-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2665212972-797558305-1704637805-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvAppExt.dll [2012-12-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
ContextMenuHandlers1: [ClamWin] -> {65713842-C410-4f44-8383-BFE01A398C90} => C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll [2008-04-19] () [File not signed]
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-07-11] (CyberLink -> Cyberlink)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-07-11] (CyberLink -> Cyberlink)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ShellContextExt.dll [2012-12-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ClamWin] -> {65713842-C410-4f44-8383-BFE01A398C90} => C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll [2008-04-19] () [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-16] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01EA52DF-5822-4079-9233-FC937D5A2B13} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {18561578-DE5D-4577-9E41-9C128FAEDEEE} - System32\Tasks\{0E56608A-506F-4388-8A03-4E7CD19E89FC} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Amparo\Desktop\photoshop\Adobe Photoshop CS2 español\Adobe Photoshop CS2 CS 2 Final\Photoshop CS2 [AnimaRecordings.com]\Setup.exe" -d "C:\Users\Amparo\Desktop\photoshop\Adobe Photoshop CS2 español\Adobe Photoshop CS2 CS 2 Final\Photoshop CS2 [AnimaRecordings.com]"
Task: {18CFF311-2C60-4871-9211-4DEBBAC16836} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {22189DBB-1D31-4F7A-BE69-C830919ECAA0} - System32\Tasks\{22195C71-C81B-448D-A35F-BA803356E192} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Amparo\Desktop\Adobe Photoshop CS2 español\Adobe Photoshop CS2 CS 2 Final\Photoshop CS2 [AnimaRecordings.com]\Setup.exe" -d "C:\Users\Amparo\Desktop\Adobe Photoshop CS2 español\Adobe Photoshop CS2 CS 2 Final\Photoshop CS2 [AnimaRecordings.com]"
Task: {2593704B-D805-43DA-A850-311B36AF9076} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {294EE34D-06FF-4A8D-B630-513147FE41F5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {2A8FDB19-6821-4E9E-A619-AF2CC93E1DD2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {2AB5CF29-A93A-4FA8-9C76-71598A5C09F5} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {34E6DD10-B827-4533-90E1-C3A840748B75} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {350D5E50-78A0-44B9-BF00-DBA14AB944AF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3FF919C2-2D9B-404C-8C90-4E356852BC7E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {494CDA33-B571-41FA-8D1D-B2ED7F979582} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {4EA4BAA7-8B4F-4BE0-8C4D-03415C752DFB} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {5264D036-1456-4B35-B963-FFE7DD5D2DA8} - System32\Tasks\AdobeAAMUpdater-1.0-casaamparo-Amparo => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {5AE2A300-9D47-4F7E-AAEE-BAC371DC6785} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {6C3FF920-66CD-4AC4-9893-5991B3F70E33} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {76E6C03D-DECF-46B3-91E8-1D7A93B1E008} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7A623E73-F4F4-42C3-A264-33836BE46984} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {837D98A4-2BF7-4CF3-909A-3A435EC81F1A} - \WPD\SqmUpload_S-1-5-21-2665212972-797558305-1704637805-1001 -> No File <==== ATTENTION
Task: {87EDE221-E454-4DF7-B94B-98F0B19DD169} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {90C43EEF-EFF3-4D23-873C-71324DBB8928} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe (Dell Inc. -> Dell, Inc.)
Task: {99B38664-C4AB-40D1-AF29-69C0120A43FA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {9E81C30F-C41A-45BA-B363-E8E6A271C368} - System32\Tasks\{264E7B97-724F-4EEF-B532-30E0A6297802} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Amparo\Desktop\Adobe Photoshop CS2 español\Adobe Photoshop CS2 CS 2 Final\Photoshop CS2 [AnimaRecordings.com]\Setup.exe" -d "C:\Users\Amparo\Desktop\Adobe Photoshop CS2 español\Adobe Photoshop CS2 CS 2 Final\Photoshop CS2 [AnimaRecordings.com]"
Task: {A549C872-CEE5-4867-B958-383205527310} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe
Task: {A700A3FE-83A6-4D79-BAD7-40CEADF3D2B0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {AA24120F-9AC3-4D3F-BC0F-FF945222662A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AB9F4071-CA19-4369-A9C3-A5AAFD791E5B} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe
Task: {AE73B26C-0193-45CD-921B-9A9667DEAC17} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {B091A8B6-0E16-4AF4-AA94-11EAC8941EFF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {C772D614-C413-4BC4-863B-CCA58E366CC0} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {DE2CDD66-FCA8-48C8-A9E0-D2E3C3F2DB1B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E6FA1878-EF49-4A45-8489-B8C8F10B7032} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {FF91B6B5-55B5-4632-A7BD-8A8458720B71} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2012-12-28 06:41 - 2012-12-28 06:41 - 000226944 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
2013-03-08 13:09 - 2012-12-25 18:41 - 000081536 _____ (Qualcomm Atheros -> Atheros) [File not signed] C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
2018-11-28 11:09 - 2008-04-19 17:35 - 000080384 _____ () [File not signed] C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll
2012-12-28 06:42 - 2012-12-28 06:42 - 000203392 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\FolderViewImpl.dll
2012-12-28 06:42 - 2012-12-28 06:42 - 000113280 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\utils.dll
2012-12-28 06:42 - 2012-12-28 06:42 - 000033408 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\CommApi.dll
2012-12-28 06:42 - 2012-12-28 06:42 - 000035456 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ipc.dll
2012-12-28 06:42 - 2012-12-28 06:42 - 000027264 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\TCPConnection.dll
2012-12-28 06:42 - 2012-12-28 06:42 - 000290944 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ShellContextExt.dll
2012-12-28 06:42 - 2012-12-28 06:42 - 000107648 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvAppExt.dll
2012-12-28 06:42 - 2012-12-28 06:42 - 001067648 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\OutLookLib.dll
2012-12-28 06:42 - 2012-12-28 06:42 - 000129664 _____ (Qualcomm Atheros -> Atheros Communications) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
2012-12-28 06:42 - 2012-12-28 06:42 - 000063104 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ModuleManager.dll
2012-12-28 06:39 - 2012-12-28 06:39 - 000011264 _____ () [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-12-28 06:39 - 2012-12-28 06:39 - 000063488 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\RfcommLib\rfcommlib.dll
2012-12-28 06:39 - 2012-12-28 06:39 - 000196096 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Audio\audio.dll
2012-12-28 06:42 - 2012-12-28 06:42 - 000083072 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Handsfree.dll
2012-12-28 06:36 - 2012-12-28 06:36 - 000018432 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\DID\DId.dll
2012-12-28 06:39 - 2012-12-28 06:39 - 000090624 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\L2capLib\l2caplib.dll
2012-12-28 06:39 - 2012-12-28 06:39 - 000087552 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\SesMgr\sesmgr.dll
2012-12-28 06:36 - 2012-12-28 06:36 - 000096768 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\goep\goep.dll
2012-12-28 06:39 - 2012-12-28 06:39 - 000177152 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\BIP\BIP.dll
2012-12-28 06:36 - 2012-12-28 06:36 - 000036352 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\FAX\Fax.dll
2012-12-28 06:39 - 2012-12-28 06:39 - 000161792 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\BasicPrintProfile\BPP.dll
2012-12-28 06:36 - 2012-12-28 06:36 - 000303616 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\LE\LE.dll
2012-12-28 06:42 - 2012-12-28 06:42 - 000126080 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\gatts.DLL
2012-12-28 06:42 - 2012-12-28 06:42 - 000085632 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\GattI.dll
2012-12-28 06:39 - 2012-12-28 06:39 - 000091648 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\GapSdp\GapSdp.dll
2012-12-28 06:36 - 2012-12-28 06:36 - 000064512 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Sync\Sync.dll
2012-12-28 06:39 - 2012-12-28 06:39 - 000421888 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\FileTransfer\FileTransfer.dll
2012-12-28 06:36 - 2012-12-28 06:36 - 000084480 _____ () [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
2012-12-28 06:39 - 2012-12-28 06:39 - 000065024 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\OppOperation\OppOperation.dll
2012-12-28 06:39 - 2012-12-28 06:39 - 000055296 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\spp\spp.dll
2012-12-28 06:36 - 2012-12-28 06:36 - 000029696 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\HCRP\Hcrp.dll
2012-12-28 06:41 - 2012-12-28 06:41 - 000012928 _____ (Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
2018-11-15 10:59 - 2018-11-15 10:59 - 000016896 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorDataMgrSvc\01f16f7465bf3a255606efa8c242d8f7\IAStorDataMgrSvc.ni.exe
2018-11-15 11:00 - 2018-11-15 11:00 - 000363520 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\8aab347b90d03310ccb6e24c215b8543\IAStorUtil.ni.dll
2018-11-15 11:00 - 2018-11-15 11:00 - 000073216 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorDataMgr\549a869ae89f1e8782fa1409b91f8d62\IAStorDataMgr.ni.dll
2018-11-15 11:02 - 2018-11-15 11:02 - 001076224 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorViewModel\63f36a944041077f8a9236f5f684f8f1\IAStorViewModel.ni.dll
2018-11-15 11:01 - 2018-11-15 11:01 - 000027136 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\04c7a9268738df402d4645e3822a8659\IAStorDataMgrSvcInterfaces.ni.dll
2018-11-15 11:00 - 2018-11-15 11:00 - 003713536 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSI\63e045f79c8f750659cf60b173f50037\PSI.ni.dll
2018-11-15 11:01 - 2018-11-15 11:01 - 000016384 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\82169135886758c50357a4d0b5b77847\PSIClient.ni.dll
2018-11-15 11:01 - 2018-11-15 11:01 - 000625152 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PsiData\4a5b2b2a3c68ceaf570b012a21fcd996\PsiData.ni.dll
2013-03-08 13:05 - 2012-11-19 05:13 - 000269824 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-03-08 13:05 - 2012-11-19 05:13 - 000467456 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2018-11-15 11:01 - 2018-11-15 11:01 - 000020992 _____ (Intel Corp.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorCommon\bddb5b682175829b536e7ea1c0774de3\IAStorCommon.ni.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 07:25 - 2013-08-22 07:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: %C_EM64T_REDIST11%bin\Intel64;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Common Files\Adobe\AGL;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2665212972-797558305-1704637805-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Amparo\Pictures\3.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: RichVideo64 => 2
MSCONFIG\Services: SynTPEnhService => 2
MSCONFIG\Services: WsAppService => 2
HKLM\...\StartupApproved\Run: => "BtPreLoad"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKU\S-1-5-21-2665212972-797558305-1704637805-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2665212972-797558305-1704637805-1001\...\StartupApproved\Run: => "Skype"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4C1DF8D3-9AF4-4104-8345-00F12ABDAE0C}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{FC4716D4-438E-4873-BF30-CE6664E5183C}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{4703C898-C873-46D2-842B-07335AF04469}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{2023713C-0CED-404A-998E-404FE83C0EB1}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{CF88F42A-E6C9-4051-86B0-95DAB19B2834}] => (Allow) LPort=1900
FirewallRules: [{3BAEC593-87F9-40BD-AE20-B0B30048E515}] => (Allow) LPort=2869
FirewallRules: [{AEE6CBD3-7BA7-4FB3-B1EF-B52651D0DEB3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{07FD897D-3A6C-420C-B162-0CAC094E5A55}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{4525977C-6982-4969-8415-69E6178C52AF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{143153E8-51E3-4880-9E54-127E1C75D8A4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{B9D9690D-53DB-414C-AAA2-E020E65962E3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7B6271A2-D32D-4767-999A-A1A00CE64C64}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6D9BC4FA-670B-418E-9579-FCE0BA255487}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5D3D79DB-E955-468A-83F1-24B32D3F6D81}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BCFD99B9-AAAC-4BFA-8B8D-CED151B807DD}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{186A95A4-1435-448B-BDAE-2CDC35434BE1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
==================== Restore Points =========================
15-01-2019 22:13:01 Instalador de Módulos de Windows
16-02-2019 15:48:20 Instalador de Módulos de Windows
25-02-2019 07:43:26 Instalador de Módulos de Windows
26-02-2019 15:12:37 Instalador de Módulos de Windows
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/27/2019 06:31:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ShellExperienceHost.exe, versión: 10.0.17134.1, marca de tiempo: 0x5ace103a
Nombre del módulo con errores: twinapi.appcore.dll, versión: 10.0.17134.137, marca de tiempo: 0xb5d50228
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000007247f
Identificador del proceso con errores: 0x124c
Hora de inicio de la aplicación con errores: 0x01d4ce986ec2be84
Ruta de acceso de la aplicación con errores: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\twinapi.appcore.dll
Identificador del informe: 08386164-7bf1-4aae-b34f-e13d4843b348
Nombre completo del paquete con errores: Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: App
Error: (02/27/2019 06:31:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SecHealthUI.exe, versión: 10.0.17134.407, marca de tiempo: 0x5bdaa40b
Nombre del módulo con errores: twinapi.appcore.dll, versión: 10.0.17134.137, marca de tiempo: 0xb5d50228
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000007247f
Identificador del proceso con errores: 0xc38
Hora de inicio de la aplicación con errores: 0x01d4ce984c2368c2
Ruta de acceso de la aplicación con errores: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\twinapi.appcore.dll
Identificador del informe: 9b3997bf-38c4-45f0-a34a-f021fe1a76b5
Nombre completo del paquete con errores: Microsoft.Windows.SecHealthUI_10.0.17134.1_neutral__cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: SecHealthUI
Error: (02/27/2019 06:30:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: backgroundTaskHost.exe, versión: 10.0.17134.1, marca de tiempo: 0xcb43d9c5
Nombre del módulo con errores: twinapi.appcore.dll, versión: 10.0.17134.137, marca de tiempo: 0xb5d50228
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000007247f
Identificador del proceso con errores: 0x1534
Hora de inicio de la aplicación con errores: 0x01d4ce983e195db8
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\backgroundTaskHost.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\twinapi.appcore.dll
Identificador del informe: 19062904-bfed-46bd-9e92-12fa456db15a
Nombre completo del paquete con errores: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: CortanaUI
Error: (02/27/2019 06:30:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: LockApp.exe, versión: 10.0.17134.1, marca de tiempo: 0x5acd88b2
Nombre del módulo con errores: twinapi.appcore.dll, versión: 10.0.17134.137, marca de tiempo: 0xb5d50228
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000007247f
Identificador del proceso con errores: 0x7c4
Hora de inicio de la aplicación con errores: 0x01d4ce983affa593
Ruta de acceso de la aplicación con errores: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\twinapi.appcore.dll
Identificador del informe: 840cd02f-bb66-4f7b-956c-59f569238fed
Nombre completo del paquete con errores: Microsoft.LockApp_10.0.17134.1_neutral__cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: WindowsDefaultLockScreen
Error: (02/26/2019 08:24:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: backgroundTaskHost.exe, versión: 10.0.17134.1, marca de tiempo: 0xcb43d9c5
Nombre del módulo con errores: twinapi.appcore.dll, versión: 10.0.17134.137, marca de tiempo: 0xb5d50228
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000007247f
Identificador del proceso con errores: 0x1488
Hora de inicio de la aplicación con errores: 0x01d4ce4381dfacb4
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\backgroundTaskHost.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\twinapi.appcore.dll
Identificador del informe: ac3fc4ab-3e65-44d8-b36a-c916a15de2b5
Nombre completo del paquete con errores: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: CortanaUI
Error: (02/26/2019 08:24:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SearchUI.exe, versión: 10.0.17134.407, marca de tiempo: 0x5bdaa40f
Nombre del módulo con errores: twinapi.appcore.dll, versión: 10.0.17134.137, marca de tiempo: 0xb5d50228
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000007247f
Identificador del proceso con errores: 0x1624
Hora de inicio de la aplicación con errores: 0x01d4ce4381dabe74
Ruta de acceso de la aplicación con errores: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\twinapi.appcore.dll
Identificador del informe: bd8ad0dc-9603-4522-90b1-de17767af5d0
Nombre completo del paquete con errores: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: CortanaUI
Error: (02/26/2019 08:19:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SecHealthUI.exe, versión: 10.0.17134.407, marca de tiempo: 0x5bdaa40b
Nombre del módulo con errores: twinapi.appcore.dll, versión: 10.0.17134.137, marca de tiempo: 0xb5d50228
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000007247f
Identificador del proceso con errores: 0x390
Hora de inicio de la aplicación con errores: 0x01d4ce42e55eb71a
Ruta de acceso de la aplicación con errores: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\twinapi.appcore.dll
Identificador del informe: 0e6484e7-342a-45d4-92b0-3898ee0ddecd
Nombre completo del paquete con errores: Microsoft.Windows.SecHealthUI_10.0.17134.1_neutral__cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: SecHealthUI
Error: (02/26/2019 08:19:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ShellExperienceHost.exe, versión: 10.0.17134.1, marca de tiempo: 0x5ace103a
Nombre del módulo con errores: twinapi.appcore.dll, versión: 10.0.17134.137, marca de tiempo: 0xb5d50228
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000007247f
Identificador del proceso con errores: 0x98c
Hora de inicio de la aplicación con errores: 0x01d4ce42e249301b
Ruta de acceso de la aplicación con errores: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\twinapi.appcore.dll
Identificador del informe: 67e473ce-0198-4071-888e-d94199d53a5d
Nombre completo del paquete con errores: Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: App
System errors:
=============
Error: (02/27/2019 06:33:30 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
y APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (02/27/2019 06:32:00 AM) (Source: DCOM) (EventID: 10010) (User: casaamparo)
Description: El servidor Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy!App no se registró con DCOM dentro del tiempo de espera requerido.
Error: (02/27/2019 06:31:01 AM) (Source: DCOM) (EventID: 10010) (User: casaamparo)
Description: El servidor Microsoft.Windows.SecHealthUI_10.0.17134.1_neutral__cw5n1h2txyewy!SecHealthUI.AppX73bpxf4sp6pxkykmznv2ft8v666ma3ps.mca no se registró con DCOM dentro del tiempo de espera requerido.
Error: (02/27/2019 06:30:38 AM) (Source: DCOM) (EventID: 10010) (User: casaamparo)
Description: El servidor Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX360dyffbd5crx5cph6sy881bkkccrbr0.mca no se registró con DCOM dentro del tiempo de espera requerido.
Error: (02/27/2019 06:30:33 AM) (Source: DCOM) (EventID: 10010) (User: casaamparo)
Description: El servidor Microsoft.LockApp_10.0.17134.1_neutral__cw5n1h2txyewy!WindowsDefaultLockScreen no se registró con DCOM dentro del tiempo de espera requerido.
Error: (02/26/2019 08:24:04 PM) (Source: DCOM) (EventID: 10010) (User: casaamparo)
Description: El servidor Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX7gfgmgykbws8x0ccxbt2zeamtttc1ntp.mca no se registró con DCOM dentro del tiempo de espera requerido.
Error: (02/26/2019 08:24:04 PM) (Source: DCOM) (EventID: 10010) (User: casaamparo)
Description: El servidor Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXynb3eakad12451rv00qxextfnce9sxb8.mca no se registró con DCOM dentro del tiempo de espera requerido.
Error: (02/26/2019 08:19:42 PM) (Source: DCOM) (EventID: 10010) (User: casaamparo)
Description: El servidor Microsoft.Windows.SecHealthUI_10.0.17134.1_neutral__cw5n1h2txyewy!SecHealthUI.AppX73bpxf4sp6pxkykmznv2ft8v666ma3ps.mca no se registró con DCOM dentro del tiempo de espera requerido.
Windows Defender:
===================================
Date: 2019-02-27 06:31:58.378
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Worm:Win32/Gamarue&threatid=2147650285&enterprise=0
Nombre: Worm:Win32/Gamarue
Id.: 2147650285
Gravedad: Grave
Categoría: Gusano
Ruta de acceso: file:_E:\ \&^^&^&&^&^^&^&&^&^^&^&&^&^^&^^&&.2
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: casaamparo\Amparo
Nombre de proceso: C:\Windows\explorer.exe
Versión de firma: AV: 1.287.760.0, AS: 1.287.760.0, NIS: 1.287.760.0
Versión de motor: AM: 1.1.15700.8, NIS: 1.1.15700.8
Date: 2019-02-25 08:08:32.066
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {D6BC3EE2-8706-4DE3-BFEF-B08BCA74F504}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-02-25 08:00:48.470
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {DDE710CB-EBAA-4E98-B718-135EC1825CC3}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-02-25 07:35:48.049
Description:
Antivirus de Windows Defender detectó un comportamiento sospechoso.
Nombre: Behavior:Win32/ModifiedBootRecord
Id.: 2019692132
Gravedad: Baja
Categoría: Comportamiento sospechoso
Ruta de acceso encontrada: file:_C:\Users\Amparo\AppData\Local\Temp\syslinux.exe; process:_7024
Origen de detección: Equipo local
Tipo de detección: Sospechoso
Fuente de detección: Protección en tiempo real
Estado: Ejecutando
Usuario: casaamparo\Amparo
Nombre de proceso: C:\Users\Amparo\AppData\Local\Temp\syslinux.exe
Id. de firma: 23858570787236
Versión de firma: AV: 1.281.989.0, AS: 1.281.989.0
Versión de motor: 1.1.15400.5
Etiqueta de fidelidad: Medio
Nombre de archivo de destino:
Date: 2019-01-01 16:07:21.362
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {30C5EF83-B91D-4B9D-8106-20637876CECE}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-02-26 20:27:21.494
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.287.760.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.15700.8
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
Date: 2019-02-26 15:36:07.958
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.287.760.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.15700.8
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
Date: 2019-02-26 15:15:59.312
Description:
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.
Date: 2019-02-26 14:33:14.568
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.287.760.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.15700.8
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
Date: 2019-02-25 19:11:53.948
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.287.760.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.15700.8
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-3227U CPU @ 1.90GHz
Percentage of memory in use: 56%
Total physical RAM: 3965.27 MB
Available physical RAM: 1720.12 MB
Total Virtual: 8829.27 MB
Available Virtual: 6800.75 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:450.32 GB) (Free:84.75 GB) NTFS
Drive e: (ADATA UFD) (Removable) (Total:7.23 GB) (Free:0.86 GB) FAT32
\\?\Volume{6962f325-79ed-4331-801e-dd5389a841e2}\ (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.21 GB) NTFS
\\?\Volume{c16bd2f2-478d-4003-82ec-6da968cdfb99}\ () (Fixed) (Total:0.79 GB) (Free:0.35 GB) NTFS
\\?\Volume{ad386204-03a7-4eb7-a55d-c16cabcfd513}\ (PBR Image) (Fixed) (Total:13.51 GB) (Free:0.25 GB) NTFS
\\?\Volume{014242bc-543a-47f6-868f-b2df604fc469}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.43 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 3E164AE9)
Partition: GPT.
========================================================
Disk: 1 (Size: 7.2 GB) (Disk ID: 04DD5721)
Partition 1: (Active) - (Size=7.2 GB) - (Type=0B)
==================== End of Addition.txt ============================
