Windows10 boton inicio y no wifi no funcionan

#1

Buen día, tengo una laptop dell con windows 10, instalé un programa con un generador de licencias, a partir de entonces me bloquea el boton de inicio, no se conecta a wifi, tengo notificaciones del windows defender que no me deja abrir, corrí un hijack para saber si me pueden ayudar, ya hace dias quité el programa que había instalado e intenté retroceder el windows a una fecha anterior a la instalacion de ese programa pero ya ni eso se puede, me da solo 2 opciones de fechas que son muy recientes y de nada servirían, anteriormente si se veían otras fechas, creo que poco a poco me va bloqueando mas opciones diferentes, adjunto el log file y espero su amable ayuda, gracias de antemano:


    Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

    Platform:  x64 Windows 10 (Home Single Language), 10.0.17134.407 (ReleaseId: 1803), Service Pack: 0
    Time:      25.02.2019 - 09:04 (UTC-06:00)
    Language:  OS: Spanish (0xC0A). Display: Spanish (0xC0A). Non-Unicode: Spanish (0x80A)
    Elevated:  Yes
    Ran by:    Amparo	(group: Administrator) on CASAAMPARO, FirstRun: yes

    Chrome:  70.0.3538.110
    Edge:    11.0.17134.407
    Internet Explorer: 11.0.17134.1
    Default: "C:\WINDOWS\system32\LaunchWinApp.exe" "%1" (Microsoft Edge)

    Boot mode: Normal

    Running processes:
    Number | Path
       1  C:\Program Files (x86)\ClamWin\bin\ClamTray.exe
       1  C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
       1  C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
       1  C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
       1  C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
       1  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
       1  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
       1  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
       1  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
       1  C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
       1  C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
       1  C:\Program Files\Bonjour\mDNSResponder.exe
       1  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
       1  C:\Program Files\Dell\QuickSet\quickset.exe
       1  C:\Program Files\Intel\iCLS Client\HeciServer.exe
       1  C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
       1  C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
       3  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
       1  C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
       1  C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
       1  C:\Program Files\Windows Defender\MSASCuiL.exe
       1  C:\Program Files\rempl\sedsvc.exe
       1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MsMpEng.exe
       1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\NisSrv.exe
       1  C:\Users\Amparo\Desktop\HiJackThis.exe
       1  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
       1  C:\Windows\System32\ApplicationFrameHost.exe
       1  C:\Windows\System32\SearchFilterHost.exe
       1  C:\Windows\System32\SearchIndexer.exe
       1  C:\Windows\System32\SearchProtocolHost.exe
       1  C:\Windows\System32\SecurityHealthService.exe
       1  C:\Windows\System32\SgrmBroker.exe
       1  C:\Windows\System32\WUDFHost.exe
       1  C:\Windows\System32\audiodg.exe
       2  C:\Windows\System32\csrss.exe
       1  C:\Windows\System32\ctfmon.exe
       1  C:\Windows\System32\dasHost.exe
       1  C:\Windows\System32\dwm.exe
       2  C:\Windows\System32\fontdrvhost.exe
       1  C:\Windows\System32\igfxCUIService.exe
       1  C:\Windows\System32\igfxEM.exe
       1  C:\Windows\System32\igfxHK.exe
       1  C:\Windows\System32\igfxTray.exe
       1  C:\Windows\System32\lsass.exe
       1  C:\Windows\System32\services.exe
       1  C:\Windows\System32\sihost.exe
       1  C:\Windows\System32\smartscreen.exe
       1  C:\Windows\System32\smss.exe
       1  C:\Windows\System32\spoolsv.exe
      64  C:\Windows\System32\svchost.exe
       1  C:\Windows\System32\taskhostw.exe
       2  C:\Windows\System32\wbem\WmiPrvSE.exe
       1  C:\Windows\System32\wininit.exe
       1  C:\Windows\System32\winlogon.exe
       1  C:\Windows\explorer.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://dell13.msn.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://dell13.msn.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local
    O2 - HKLM\..\BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
    O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Amparo\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2017/04/12)
    O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] = C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
    O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
    O4 - HKLM\..\Run: [QuickSet] = c:\Program Files\Dell\QuickSet\QuickSet.exe
    O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
    O4 - HKLM\..\Run: [RtHDVBg] = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX4
    O4 - HKLM\..\StartupApproved\Run32: [CLMLServer_For_P2G8] = C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (2018/10/28)
    O4 - HKLM\..\StartupApproved\Run32: [CLVirtualDrive] = C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R (2018/10/28)
    O4 - HKLM\..\StartupApproved\Run32: [RemoteControl10] = C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (2018/10/28)
    O4 - HKLM\..\StartupApproved\Run: [BtPreLoad] = C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtPreLoad.exe (2018/10/28)
    O4 - HKLM\..\StartupApproved\Run: [iTunesHelper] = C:\Program Files\iTunes\iTunesHelper.exe (2017/04/12)
    O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
    O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
    O4 - User Startup: C:\Users\Amparo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk    ->    C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4-32 - HKLM\..\Run: [ClamWin] = C:\Program Files (x86)\ClamWin\bin\ClamTray.exe --logon
    O4-32 - HKLM\..\Run: [IAStorIcon] = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 (file missing)
    O4-32 - HKLM\..\Run: [ISUSScheduler] = C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe -start
    O4-32 - HKLM\..\Run: [QuickTime Task] = C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime
    O9 - Button: HKLM\..\{7815BE26-237D-41A8-A98F-F7BD75F71086}: (no name) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
    O9 - Tools menu item: HKLM\..\{7815BE26-237D-41A8-A98F-F7BD75F71086}: Send by Bluetooth to - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
    O18 - HKLM\Software\Classes\Protocols\Handler\wlpg: [CLSID] = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
    O21 - HKLM\..\ShellIconOverlayIdentifiers\00avast: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
    O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK
    O22 - Task (.job): Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O23 - Service R2: Apple Mobile Device Service - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service R2: AtherosSvc - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
    O23 - Service R2: Intel(R) Capability Licensing Service Interface - c:\Program Files\Intel\iCLS Client\HeciServer.exe
    O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\WINDOWS\system32\igfxCUIService.exe
    O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service R2: Intel(R) Management and Security Application User Notification Service - (UNS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
    O23 - Service R2: Realtek Audio Service - (RtkAudioService) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    O23 - Service R2: Servicio Bonjour - (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service R2: Tecnología de almacenamiento Intel(R) Rapid - (IAStorDataMgrSvc) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service R2: Windows Remediation Service - (sedsvc) - C:\Program Files\rempl\sedsvc.exe
    O23 - Service R2: ZAtheros Wlan Agent - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
    O23 - Service S2: Dell Digital Delivery Service - (DellDigitalDelivery) - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
    O23 - Service S2: Google Update Servicio (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
    O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
    O23 - Service S3: Microsoft Office Diagnostics Service - (odserv) - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    O23 - Service S3: Servicio del iPod - (iPod Service) - C:\Program Files\iPod\bin\iPodService.exe


    --
    End of file - Time spent: 55.2 sec. - 19594 bytes, CRC32: FFFFFFFF. Sign: 龍氖
#2

Realiza los siguientes pasos, , sin cambiar el orden

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware,

Manual Malwarebytes, para que sepas usarlo y configurarlo.

  • Realiza un Análisis Personalizado,marcando Todas las casillas de la derecha y de la Izquierda actualizando si te lo pide.
  • Pulsar en “Eliminar Seleccionados” para enviarlo a la cuarentena y Reinicias el sistema.
  • Para acceder posteriormente al informe del análisis : Informes >> Registro de análisis >> Pulsar en >> Exportar >> Copiar al Portapapeles, y lo pegas en tu respuesta

2) Descarga Adwcleaner en el escritorio.

  • Desactiva tu antivirus :arrow_forward:Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad.

  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • Si no encuentra nada, pulsamos “Omitir Reparación

  • El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"

Puedes mirar su manual >> Manual de Adwcleaner

3) Descarga Ccleaner

Instalalo y ejecútalo. En la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador. Clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad.

Pega los reportes de Malwarebytes, AdwCleaner y comentas como va el problema.


#3

gracias, solo dos dudas: no puedo actualizar los programas ya q no me permite la conexion y segun yo no tengo instalados ningun antivirus, windows defender se considera antivirus? porque tampoco puedo accesarlo como para desactivarlo me cierra la ventana inmediatamente.

#4

Defender es un antivirus ,pero déjalo asi y realizas los pasos

Descarga manualmente las definiciones de Malwarebytes pinchando aqui

#5

aqui de los los archivos de malware y adwcleaner ccleaner no encontro nada, reinicié pero sigue igual, pude conectar a internet por medio de cable directo pero el wifi sigue igual. malware*************************** Malwarebytes

-Detalles del registro-
Fecha del análisis: 25/2/19
Hora del análisis: 17:35
Archivo de registro: 06c157b6-3956-11e9-b0f7-b8ca3abfabc0.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.538
Versión del paquete de actualización: 1.0.9442
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.407)
CPU: x64
Sistema de archivos: NTFS
Usuario: casaamparo\Amparo

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 409388
Amenazas detectadas: 3
Amenazas en cuarentena: 0
Tiempo transcurrido: 6 min, 59 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 3
Generic.Malware/Suspicious, C:\USERS\AMPARO\DOWNLOADS\IROOT_1861 (1).ZIP, Sin acciones por parte del usuario, [0], [392686],1.0.9442
Generic.Malware/Suspicious, C:\USERS\AMPARO\DOWNLOADS\IROOT_1861.ZIP, Sin acciones por parte del usuario, [0], [392686],1.0.9442
Generic.Malware/Suspicious, C:\USERS\AMPARO\DOWNLOADS\ROOT PARA CUALQUIER SMARTPHONE BY TPG.RAR, Sin acciones por parte del usuario, [0], [392686],1.0.9442

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)

(end)

** *adwcleaner

**********************************

2019-02-25 14:10:20 :  <INFO>      [Application] Closing AdwCleaner
2019-02-25 14:58:05 :  <INFO>      [Application] AdwCleaner  7 . 2 . 7  launched
2019-02-25 14:58:06 :  <INFO>      [MBInstaller] Checking Iris
2019-02-25 14:58:06 :  <INFO>      [IRIS] Making request
2019-02-25 14:58:07 :  <INFO>      [Telemetry] Sending hello
ication updates
2019-02-25 14:58:08 :  <WARNING>   [File Downloader] Error downloading ( QNetworkReply::NetworkError(HostNotFoundError) )
2019-02-25 14:58:08 :  <INFO>      [IRIS] Failed
2019-02-25 14:58:13 :  <INFO>      [Application] Closing AdwCleaner
2019-02-25 14:58:34 :  <INFO>      [Application] AdwCleaner  7 . 2 . 7  launched
2019-02-25 14:58:35 :  <INFO>      [MBInstaller] Checking Iris
2019-02-25 14:58:35 :  <INFO>      [IRIS] Making request
2019-02-25 14:58:36 :  <INFO>      [Telemetry] Sending hello
2019-02-25 14:58:36 :  <INFO>      [AdwUpgrade] Checking application updates
2019-02-25 14:58:36 :  <INFO>      [Telemetry] Status code:  QVariant(Invalid)
rkReply::NetworkError(HostNotFoundError) )
2019-02-25 14:58:36 :  <INFO>      [IRIS] Failed
2019-02-25 14:58:40 :  <INFO>      [Button clicked] Scan
2019-02-25 14:58:40 :  <INFO>      [Scan] Started
2019-02-25 14:58:40 :  <WARNING>   [File Downloader] Error downloading ( QNetworkReply::NetworkError(HostNotFoundError) )
2019-02-25 14:58:40 :  <INFO>      [Scan] Loading local database
2019-02-25 14:58:40 :  <INFO>      [Database] Checking integrity
2019-02-25 14:58:40 :  <INFO>      [Database] Found  2284  families
2019-02-25 14:58:40 :  <INFO>      [Database] Database v "2019-01-25.2"
2019-02-25 14:58:41 :  <INFO>      [Loading paths] Local paths loaded
2019-02-25 14:58:41 :  <INFO>      [Loading paths] Chrome paths loaded
2019-02-25 14:58:41 :  <INFO>      [Loading paths] User Keys loaded
2019-02-25 14:58:41 :  <INFO>      [Module added] Folder
2019-02-25 14:58:41 :  <INFO>      [Module added] File
2019-02-25 14:58:41 :  <INFO>      [Module added] URL
2019-02-25 14:58:41 :  <INFO>      [Module added] Service
2019-02-25 14:58:41 :  <INFO>      [Module added] TaskName
2019-02-25 14:58:41 :  <INFO>      [Module added] TaskContent
2019-02-25 14:58:41 :  <INFO>      [Module added] App Init
2019-02-25 14:58:41 :  <INFO>      [Module added] Classes
2019-02-25 14:58:41 :  <INFO>      [Module added] DNS
2019-02-25 14:58:41 :  <INFO>      [Module added] Firewall
2019-02-25 14:58:41 :  <INFO>      [Module added] GUID
2019-02-25 14:58:41 :  <INFO>      [Module added] IEPolicy
2019-02-25 14:58:41 :  <INFO>      [Module added] RegOther
2019-02-25 14:58:41 :  <INFO>      [Module added] ProductID
2019-02-25 14:58:41 :  <INFO>      [Module added] Software
2019-02-25 14:58:41 :  <INFO>      [Module added] Startup
2019-02-25 14:58:41 :  <INFO>      [Module added] Winlogon
2019-02-25 14:58:41 :  <INFO>      [Module added] WMI
2019-02-25 14:58:41 :  <INFO>      [Module added] Chromium
2019-02-25 14:58:41 :  <INFO>      [Module added] FF
2019-02-25 14:58:41 :  <INFO>      [Module added] RegGeneric
2019-02-25 14:58:41 :  <INFO>      [Module added] FileSystem
2019-02-25 14:58:41 :  <INFO>      [Module initialize] File/Folder
2019-02-25 14:58:41 :  <INFO>      [Module initialize] File/Folder
2019-02-25 14:58:49 :  <INFO>      [Module initialize] URL
2019-02-25 14:58:49 :  <INFO>      [Module initialize] Service
2019-02-25 14:58:49 :  <INFO>      [Module initialize] TaskName
2019-02-25 14:58:50 :  <INFO>      [Module initialize] TaskContent
2019-02-25 14:58:50 :  <INFO>      [Module initialize] App Init
2019-02-25 14:58:50 :  <INFO>      [Module initialize] Classes
2019-02-25 14:58:50 :  <INFO>      [Module initialize] DNS
2019-02-25 14:58:50 :  <INFO>      [Module initialize] Firewall
2019-02-25 14:58:50 :  <INFO>      [Module initialize] GUID
2019-02-25 14:58:50 :  <INFO>      [Module initialize] IEPolicy
2019-02-25 14:58:50 :  <INFO>      [Module initialize] RegOther
2019-02-25 14:58:50 :  <INFO>      [Module initialize] ProductID
2019-02-25 14:58:50 :  <INFO>      [Module initialize] Software
2019-02-25 14:58:50 :  <INFO>      [Module initialize] Startup
2019-02-25 14:58:50 :  <INFO>      [Module Initialized] Winlogon
2019-02-25 14:58:50 :  <INFO>      [Module initialized] WMI
2019-02-25 14:58:50 :  <INFO>      [Module initialize] Chromium
2019-02-25 14:58:50 :  <INFO>      [Module initialize] FF
2019-02-25 14:58:50 :  <INFO>      [Module initialize] RegGeneric
2019-02-25 14:58:50 :  <INFO>      [Module initialize] FileSystem
2019-02-25 14:58:50 :  <INFO>      [Module initialize] Scan Browser
2019-02-25 14:58:50 :  <INFO>      [Module initialize] Scan Browser FF
2019-02-25 14:58:50 :  <INFO>      [Module initialize] FF start pages loaded
2019-02-25 14:58:50 :  <INFO>      [Module initialize] FF search providers loaded
2019-02-25 14:58:50 :  <INFO>      [Module initialize] FF plugin list loaded
2019-02-25 14:58:50 :  <INFO>      [Scan] Exclusions loaded
2019-02-25 14:58:52 :  <INFO>      [Scan] Threat detected:  "PUP.Optional.Legacy" ,  "C:\\Users\\Amparo\\AppData\\LocalLow\\pandasecuritytb" [ "Folder" ]
2019-02-25 14:59:03 :  <INFO>      [Scan] Threat detected:  "PUP.Optional.TheBrightTag" ,  "HKCU\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppContainer\\Storage\\microsoft.microsoftedge_8wekyb3d8bbwe\\Children\\001\\Internet Explorer\\EdpDomStorage\\s.thebrighttag.com" [ "Registry" ]
2019-02-25 14:59:03 :  <INFO>      [Scan] Threat detected:  "PUP.Optional.TheBrightTag" ,  "HKCU\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppContainer\\Storage\\microsoft.microsoftedge_8wekyb3d8bbwe\\Children\\001\\Internet Explorer\\EdpDomStorage\\thebrighttag.com" [ "Registry" ]
2019-02-25 14:59:03 :  <INFO>      [Scan] Threat detected:  "PUP.Optional.TheBrightTag" ,  "HKCU\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppContainer\\Storage\\microsoft.microsoftedge_8wekyb3d8bbwe\\Children\\001\\Internet Explorer\\DOMStorage\\s.thebrighttag.com" [ "Registry" ]
2019-02-25 14:59:03 :  <INFO>      [Scan] Threat detected:  "PUP.Optional.TheBrightTag" ,  "HKCU\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppContainer\\Storage\\microsoft.microsoftedge_8wekyb3d8bbwe\\Children\\001\\Internet Explorer\\DOMStorage\\thebrighttag.com" [ "Registry" ]
2019-02-25 14:59:06 :  <INFO>      [Telemetry] Sending to Influx
2019-02-25 14:59:06 :  <INFO>      [Telemetry] Status code:  QVariant(Invalid)
2019-02-25 14:59:06 :  <INFO>      [Telemetry] Sending to DSE
2019-02-25 14:59:07 :  <INFO>      [Telemetry] Status code:  QVariant(Invalid)
2019-02-25 14:59:07 :  <INFO>      [Scan] Finished
2019-02-25 14:59:16 :  <INFO>      [Button clicked] Clean & repair
2019-02-25 14:59:20 :  <INFO>      [Button clicked] Generic button clicked [ 2 ]
2019-02-25 14:59:20 :  <INFO>      [Cleaning] Started
2019-02-25 14:59:20 :  <WARNING>   [Cleaning] Unable to Open process -  "[System Process]"   0
2019-02-25 14:59:20 :  <WARNING>   [Cleaning] Unable to Open process -  "System"   0
2019-02-25 14:59:20 :  <WARNING>   [Cleaning] Unable to Open process -  "Registry"   0
2019-02-25 14:59:21 :  <WARNING>   [Cleaning] Unable to Open process -  "Memory Compression"   0
2019-02-25 14:59:21 :  <WARNING>   [Cleaning] Unable to Open process -  "SecurityHealthService.exe"   0
2019-02-25 14:59:21 :  <WARNING>   [Cleaning] Unable to Open process -  "NisSrv.exe"   0
2019-02-25 14:59:21 :  <WARNING>   [Cleaning] Unable to Open process -  "SgrmBroker.exe"   0
2019-02-25 14:59:21 :  <INFO>      [Quarantine] Session folder:  "C:\\AdwCleaner\\Quarantine\\v1\\20190225.085921"
2019-02-25 14:59:21 :  <INFO>      [Cleaning] Quarantined:  "PUP.Optional.Legacy" ,  "C:\\Users\\Amparo\\AppData\\LocalLow\\pandasecuritytb" [ "Folder" ]
2019-02-25 14:59:21 :  <INFO>      [Cleaning] Quarantined:  "PUP.Optional.TheBrightTag" ,  "HKCU\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppContainer\\Storage\\microsoft.microsoftedge_8wekyb3d8bbwe\\Children\\001\\Internet Explorer\\EdpDomStorage\\s.thebrighttag.com" [ "Registry" ]
2019-02-25 14:59:22 :  <INFO>      [Cleaning] Quarantined:  "PUP.Optional.TheBrightTag" ,  "HKCU\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppContainer\\Storage\\microsoft.microsoftedge_8wekyb3d8bbwe\\Children\\001\\Internet Explorer\\EdpDomStorage\\thebrighttag.com" [ "Registry" ]
2019-02-25 14:59:22 :  <INFO>      [Cleaning] Quarantined:  "PUP.Optional.TheBrightTag" ,  "HKCU\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppContainer\\Storage\\microsoft.microsoftedge_8wekyb3d8bbwe\\Children\\001\\Internet Explorer\\DOMStorage\\s.thebrighttag.com" [ "Registry" ]
2019-02-25 14:59:22 :  <INFO>      [Cleaning] Quarantined:  "PUP.Optional.TheBrightTag" ,  "HKCU\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppContainer\\Storage\\microsoft.microsoftedge_8wekyb3d8bbwe\\Children\\001\\Internet Explorer\\DOMStorage\\thebrighttag.com" [ "Registry" ]
2019-02-25 14:59:22 :  <INFO>      [Engine Additional Action]  "Delete Tracing Keys"
2019-02-25 14:59:27 :  <INFO>      [Engine Additional Action]  "Reset Winsock"
2019-02-25 14:59:27 :  <INFO>      [Telemetry] Sending to Influx
2019-02-25 14:59:27 :  <INFO>      [Telemetry] Status code:  QVariant(Invalid)
2019-02-25 14:59:27 :  <INFO>      [Telemetry] Sending to DSE
2019-02-25 14:59:27 :  <INFO>      [Telemetry] Status code:  QVariant(Invalid)
2019-02-25 14:59:27 :  <INFO>      [Cleaning] Finished
2019-02-25 14:59:27 :  <WARNING>   QSortFilterProxyModel: invalid inserted rows reported by source model
2019-02-25 14:59:28 :  <INFO>      [Application] Closing AdwCleaner
2019-02-25 23:47:41 :  <INFO>      [Application] AdwCleaner  7 . 2 . 7  launched
2019-02-25 23:47:44 :  <INFO>      [MBInstaller] Checking Iris
2019-02-25 23:47:44 :  <INFO>      [IRIS] Making request
2019-02-25 23:47:45 :  <WARNING>   QSortFilterProxyModel: invalid inserted rows reported by source model
2019-02-25 23:47:45 :  <INFO>      [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-02-25 23:47:45 :  <INFO>      [SslCert] Issued to ("*.malwarebytes.com")
2019-02-25 23:47:45 :  <INFO>      [SslCert] Locality Name ("Santa Clara")
2019-02-25 23:47:45 :  <INFO>      [SslCert] Organization ("Malwarebytes Inc")
2019-02-25 23:47:45 :  <INFO>      [SslCert] Certificate EffectiveDate:  "lun. oct. 2 00:00:00 2017 GMT"
2019-02-25 23:47:45 :  <INFO>      [SslCert] Certificate ExpirationDate:  "mar. oct. 6 12:00:00 2020 GMT"
2019-02-25 23:47:45 :  <INFO>      [SslCert] ALPN: None
2019-02-25 23:47:45 :  <INFO>      [SslCert] Cipher:  "ECDHE-RSA-AES256-GCM-SHA384"
2019-02-25 23:47:45 :  <INFO>      [SslCert] KXE:  "ECDH"
2019-02-25 23:47:45 :  <INFO>      [SslCert] Protocol:  "TLSv1.2"
2019-02-25 23:47:45 :  <WARNING>   [File Downloader] Error downloading ( QNetworkReply::NetworkError(ContentNotFoundError) )
2019-02-25 23:47:45 :  <INFO>      [IRIS] Failed
2019-02-25 23:48:18 :  <INFO>      [Telemetry] Sending NPS Survey
2019-02-25 23:48:20 :  <INFO>      [Button clicked] Close
2019-02-25 23:48:20 :  <INFO>      [Telemetry] Sending hello
ication updates
2019-02-25 23:48:20 :  <INFO>      [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-02-25 23:48:20 :  <INFO>      [SslCert] Issued to ("*.malwarebytes.com")
2019-02-25 23:48:20 :  <INFO>      [SslCert] Locality Name ("Santa Clara")
2019-02-25 23:48:20 :  <INFO>      [SslCert] Organization ("Malwarebytes Inc")
2019-02-25 23:48:20 :  <INFO>      [SslCert] Certificate EffectiveDate:  "lun. oct. 2 00:00:00 2017 GMT"
2019-02-25 23:48:20 :  <INFO>      [SslCert] Certificate ExpirationDate:  "mar. oct. 6 12:00:00 2020 GMT"
2019-02-25 23:48:20 :  <INFO>      [SslCert] ALPN: Yes
2019-02-25 23:48:20 :  <INFO>      [SslCert] Cipher:  "ECDHE-RSA-AES256-GCM-SHA384"
2019-02-25 23:48:20 :  <INFO>      [SslCert] KXE:  "ECDH"
2019-02-25 23:48:20 :  <INFO>      [SslCert] Protocol:  "TLSv1.2"
2019-02-25 23:48:20 :  <INFO>      [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-02-25 23:48:20 :  <INFO>      [SslCert] Issued to ("*.malwarebytes.com")
2019-02-25 23:48:20 :  <INFO>      [SslCert] Locality Name ("Santa Clara")
2019-02-25 23:48:20 :  <INFO>      [SslCert] Organization ("Malwarebytes Inc")
2019-02-25 23:48:20 :  <INFO>      [SslCert] Certificate EffectiveDate:  "lun. oct. 2 00:00:00 2017 GMT"
2019-02-25 23:48:20 :  <INFO>      [SslCert] Certificate ExpirationDate:  "mar. oct. 6 12:00:00 2020 GMT"
2019-02-25 23:48:20 :  <INFO>      [SslCert] ALPN: None
2019-02-25 23:48:20 :  <INFO>      [SslCert] Cipher:  "ECDHE-RSA-AES256-GCM-SHA384"
2019-02-25 23:48:20 :  <INFO>      [SslCert] KXE:  "ECDH"
2019-02-25 23:48:20 :  <INFO>      [SslCert] Protocol:  "TLSv1.2"
2019-02-25 23:48:20 :  <INFO>      [Telemetry] Status code:  QVariant(int, 200)
2019-02-25 23:48:21 :  <INFO>      [SslCert] Issued by ("Let's Encrypt Authority X3")
2019-02-25 23:48:21 :  <INFO>      [SslCert] Issued to ("telemetry-01.adwc.fr33tux.org")
2019-02-25 23:48:21 :  <INFO>      [SslCert] Locality Name ()
2019-02-25 23:48:21 :  <INFO>      [SslCert] Organization ()
2019-02-25 23:48:21 :  <INFO>      [SslCert] Certificate EffectiveDate:  "mié. ene. 30 13:37:59 2019 GMT"
2019-02-25 23:48:21 :  <INFO>      [SslCert] Certificate ExpirationDate:  "mar. abr. 30 13:37:59 2019 GMT"
2019-02-25 23:48:21 :  <INFO>      [SslCert] ALPN: Yes
2019-02-25 23:48:21 :  <INFO>      [SslCert] Cipher:  "ECDHE-RSA-AES256-GCM-SHA384"
2019-02-25 23:48:21 :  <INFO>      [SslCert] KXE:  "ECDH"
2019-02-25 23:48:21 :  <INFO>      [SslCert] Protocol:  "TLSv1.2"
2019-02-25 23:48:21 :  <INFO>      [Telemetry] Status code:  QVariant(int, 204)
2019-02-25 23:48:22 :  <INFO>      [Button clicked] Scan
2019-02-25 23:48:22 :  <INFO>      [Scan] Started
2019-02-25 23:48:22 :  <INFO>      [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-02-25 23:48:22 :  <INFO>      [SslCert] Issued to ("*.malwarebytes.com")
2019-02-25 23:48:22 :  <INFO>      [SslCert] Locality Name ("Santa Clara")
2019-02-25 23:48:22 :  <INFO>      [SslCert] Organization ("Malwarebytes Inc")
2019-02-25 23:48:23 :  <INFO>      [SslCert] Certificate EffectiveDate:  "lun. oct. 2 00:00:00 2017 GMT"
2019-02-25 23:48:23 :  <INFO>      [SslCert] Certificate ExpirationDate:  "mar. oct. 6 12:00:00 2020 GMT"
2019-02-25 23:48:23 :  <INFO>      [SslCert] ALPN: Yes
2019-02-25 23:48:23 :  <INFO>      [SslCert] Cipher:  "ECDHE-RSA-AES256-GCM-SHA384"
2019-02-25 23:48:23 :  <INFO>      [SslCert] KXE:  "ECDH"
2019-02-25 23:48:23 :  <INFO>      [SslCert] Protocol:  "TLSv1.2"
2019-02-25 23:48:23 :  <INFO>      [Database] Downloading database
2019-02-25 23:48:23 :  <INFO>      [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-02-25 23:48:23 :  <INFO>      [SslCert] Issued to ("*.malwarebytes.com")
2019-02-25 23:48:23 :  <INFO>      [SslCert] Locality Name ("Santa Clara")
2019-02-25 23:48:23 :  <INFO>      [SslCert] Organization ("Malwarebytes Inc")
2019-02-25 23:48:23 :  <INFO>      [SslCert] Certificate EffectiveDate:  "lun. oct. 2 00:00:00 2017 GMT"
2019-02-25 23:48:23 :  <INFO>      [SslCert] Certificate ExpirationDate:  "mar. oct. 6 12:00:00 2020 GMT"
2019-02-25 23:48:23 :  <INFO>      [SslCert] ALPN: Yes
2019-02-25 23:48:23 :  <INFO>      [SslCert] Cipher:  "ECDHE-RSA-AES256-GCM-SHA384"
2019-02-25 23:48:23 :  <INFO>      [SslCert] KXE:  "ECDH"
2019-02-25 23:48:23 :  <INFO>      [SslCert] Protocol:  "TLSv1.2"
2019-02-25 23:48:23 :  <INFO>      [Database] Checking integrity
2019-02-25 23:48:23 :  <INFO>      [Database] Found  2287  families
2019-02-25 23:48:23 :  <INFO>      [Database] Database v "2019-02-21.1"
2019-02-25 23:48:24 :  <INFO>      [Loading paths] Local paths loaded
2019-02-25 23:48:24 :  <INFO>      [Loading paths] Chrome paths loaded
2019-02-25 23:48:24 :  <INFO>      [Loading paths] User Keys loaded
2019-02-25 23:48:24 :  <INFO>      [Module added] Folder
2019-02-25 23:48:24 :  <INFO>      [Module added] File
2019-02-25 23:48:24 :  <INFO>      [Module added] URL
2019-02-25 23:48:24 :  <INFO>      [Module added] Service
2019-02-25 23:48:24 :  <INFO>      [Module added] TaskName
2019-02-25 23:48:24 :  <INFO>      [Module added] TaskContent
2019-02-25 23:48:24 :  <INFO>      [Module added] App Init
2019-02-25 23:48:24 :  <INFO>      [Module added] Classes
2019-02-25 23:48:24 :  <INFO>      [Module added] DNS
2019-02-25 23:48:24 :  <INFO>      [Module added] Firewall
2019-02-25 23:48:24 :  <INFO>      [Module added] GUID
2019-02-25 23:48:24 :  <INFO>      [Module added] IEPolicy
2019-02-25 23:48:24 :  <INFO>      [Module added] RegOther
2019-02-25 23:48:24 :  <INFO>      [Module added] ProductID
2019-02-25 23:48:24 :  <INFO>      [Module added] Software
2019-02-25 23:48:24 :  <INFO>      [Module added] Startup
2019-02-25 23:48:24 :  <INFO>      [Module added] Winlogon
2019-02-25 23:48:24 :  <INFO>      [Module added] WMI
2019-02-25 23:48:24 :  <INFO>      [Module added] Chromium
2019-02-25 23:48:24 :  <INFO>      [Module added] FF
2019-02-25 23:48:24 :  <INFO>      [Module added] RegGeneric
2019-02-25 23:48:24 :  <INFO>      [Module added] FileSystem
2019-02-25 23:48:24 :  <INFO>      [Module initialize] File/Folder
2019-02-25 23:48:24 :  <INFO>      [Module initialize] File/Folder
2019-02-25 23:48:40 :  <INFO>      [Module initialize] URL
2019-02-25 23:48:43 :  <INFO>      [Module initialize] Service
2019-02-25 23:48:43 :  <INFO>      [Module initialize] TaskName
2019-02-25 23:48:43 :  <INFO>      [Module initialize] TaskContent
2019-02-25 23:48:43 :  <INFO>      [Module initialize] App Init
2019-02-25 23:48:43 :  <INFO>      [Module initialize] Classes
2019-02-25 23:48:43 :  <INFO>      [Module initialize] DNS
2019-02-25 23:48:43 :  <INFO>      [Module initialize] Firewall
2019-02-25 23:48:43 :  <INFO>      [Module initialize] GUID
2019-02-25 23:48:43 :  <INFO>      [Module initialize] IEPolicy
2019-02-25 23:48:43 :  <INFO>      [Module initialize] RegOther
2019-02-25 23:48:43 :  <INFO>      [Module initialize] ProductID
2019-02-25 23:48:43 :  <INFO>      [Module initialize] Software
2019-02-25 23:48:43 :  <INFO>      [Module initialize] Startup
2019-02-25 23:48:43 :  <INFO>      [Module Initialized] Winlogon
2019-02-25 23:48:43 :  <INFO>      [Module initialized] WMI
2019-02-25 23:48:43 :  <INFO>      [Module initialize] Chromium
2019-02-25 23:48:43 :  <INFO>      [Module initialize] FF
2019-02-25 23:48:43 :  <INFO>      [Module initialize] RegGeneric
2019-02-25 23:48:43 :  <INFO>      [Module initialize] FileSystem
2019-02-25 23:48:44 :  <INFO>      [Module initialize] Scan Browser
2019-02-25 23:48:44 :  <INFO>      [Module initialize] Scan Browser FF
2019-02-25 23:48:44 :  <INFO>      [Module initialize] FF start pages loaded
2019-02-25 23:48:44 :  <INFO>      [Module initialize] FF search providers loaded
2019-02-25 23:48:44 :  <INFO>      [Module initialize] FF plugin list loaded
2019-02-25 23:48:44 :  <INFO>      [Scan] Exclusions loaded
2019-02-25 23:49:11 :  <INFO>      [Telemetry] Sending to Influx
2019-02-25 23:49:11 :  <INFO>      [SslCert] Issued by ("Let's Encrypt Authority X3")
2019-02-25 23:49:11 :  <INFO>      [SslCert] Issued to ("telemetry-01.adwc.fr33tux.org")
2019-02-25 23:49:11 :  <INFO>      [SslCert] Locality Name ()
2019-02-25 23:49:11 :  <INFO>      [SslCert] Organization ()
2019-02-25 23:49:11 :  <INFO>      [SslCert] Certificate EffectiveDate:  "mié. ene. 30 13:37:59 2019 GMT"
2019-02-25 23:49:11 :  <INFO>      [SslCert] Certificate ExpirationDate:  "mar. abr. 30 13:37:59 2019 GMT"
2019-02-25 23:49:11 :  <INFO>      [SslCert] ALPN: Yes
2019-02-25 23:49:11 :  <INFO>      [SslCert] Cipher:  "ECDHE-RSA-AES256-GCM-SHA384"
2019-02-25 23:49:11 :  <INFO>      [SslCert] KXE:  "ECDH"
2019-02-25 23:49:11 :  <INFO>      [SslCert] Protocol:  "TLSv1.2"
2019-02-25 23:49:11 :  <INFO>      [Telemetry] Status code:  QVariant(int, 204)
2019-02-25 23:49:11 :  <INFO>      [Telemetry] Sending to DSE
2019-02-25 23:49:12 :  <INFO>      [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-02-25 23:49:12 :  <INFO>      [SslCert] Issued to ("*.malwarebytes.com")
2019-02-25 23:49:12 :  <INFO>      [SslCert] Locality Name ("San Jose")
2019-02-25 23:49:12 :  <INFO>      [SslCert] Organization ("Malwarebytes Inc.")
2019-02-25 23:49:12 :  <INFO>      [SslCert] Certificate EffectiveDate:  "jue. feb. 22 00:00:00 2018 GMT"
2019-02-25 23:49:12 :  <INFO>      [SslCert] Certificate ExpirationDate:  "mié. abr. 22 12:00:00 2020 GMT"
2019-02-25 23:49:12 :  <INFO>      [SslCert] ALPN: Yes
2019-02-25 23:49:12 :  <INFO>      [SslCert] Cipher:  "ECDHE-RSA-AES256-GCM-SHA384"
2019-02-25 23:49:12 :  <INFO>      [SslCert] KXE:  "ECDH"
2019-02-25 23:49:12 :  <INFO>      [SslCert] Protocol:  "TLSv1.2"
2019-02-25 23:49:12 :  <INFO>      [Telemetry] Status code:  QVariant(int, 201)
2019-02-25 23:49:12 :  <INFO>      [Scan] Finished
2019-02-25 23:49:31 :  <INFO>      [Application] Closing AdwCleaner
2019-02-26 00:13:29 :  <INFO>      [Application] AdwCleaner  7 . 2 . 7  launched
2019-02-26 00:13:33 :  <INFO>      [MBInstaller] Checking Iris
2019-02-26 00:13:33 :  <INFO>      [IRIS] Making request
2019-02-26 00:13:35 :  <INFO>      [MBBanner] Checking Iris
2019-02-26 00:13:35 :  <INFO>      [IRIS] Making request
2019-02-26 00:13:35 :  <INFO>      [AdwUpgrade] Checking application updates
2019-02-26 00:13:35 :  <INFO>      [Telemetry] Sending hello
2019-02-26 00:13:35 :  <WARNING>   QSortFilterProxyModel: invalid inserted rows reported by source model
2019-02-26 00:13:35 :  <INFO>      [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-02-26 00:13:35 :  <INFO>      [SslCert] Issued to ("*.malwarebytes.com")
2019-02-26 00:13:35 :  <INFO>      [SslCert] Locality Name ("Santa Clara")
2019-02-26 00:13:35 :  <INFO>      [SslCert] Organization ("Malwarebytes Inc")
2019-02-26 00:13:35 :  <INFO>      [SslCert] Certificate EffectiveDate:  "lun. oct. 2 00:00:00 2017 GMT"
2019-02-26 00:13:35 :  <INFO>      [SslCert] Certificate ExpirationDate:  "mar. oct. 6 12:00:00 2020 GMT"
2019-02-26 00:13:35 :  <INFO>      [SslCert] ALPN: None
2019-02-26 00:13:35 :  <INFO>      [SslCert] Cipher:  "ECDHE-RSA-AES256-GCM-SHA384"
2019-02-26 00:13:35 :  <INFO>      [SslCert] KXE:  "ECDH"
2019-02-26 00:13:35 :  <INFO>      [SslCert] Protocol:  "TLSv1.2"
2019-02-26 00:13:35 :  <INFO>      [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-02-26 00:13:35 :  <INFO>      [SslCert] Issued to ("*.malwarebytes.com")
2019-02-26 00:13:35 :  <INFO>      [SslCert] Locality Name ("Santa Clara")
2019-02-26 00:13:35 :  <INFO>      [SslCert] Organization ("Malwarebytes Inc")
2019-02-26 00:13:35 :  <INFO>      [SslCert] Certificate EffectiveDate:  "lun. oct. 2 00:00:00 2017 GMT"
2019-02-26 00:13:35 :  <INFO>      [SslCert] Certificate ExpirationDate:  "mar. oct. 6 12:00:00 2020 GMT"
2019-02-26 00:13:35 :  <INFO>      [SslCert] ALPN: None
2019-02-26 00:13:35 :  <INFO>      [SslCert] Cipher:  "ECDHE-RSA-AES256-GCM-SHA384"
2019-02-26 00:13:35 :  <INFO>      [SslCert] KXE:  "ECDH"
2019-02-26 00:13:35 :  <INFO>      [SslCert] Protocol:  "TLSv1.2"
2019-02-26 00:13:36 :  <INFO>      [Telemetry] Status code:  QVariant(int, 200)
2019-02-26 00:13:36 :  <WARNING>   [File Downloader] Error downloading ( QNetworkReply::NetworkError(ContentNotFoundError) )
2019-02-26 00:13:36 :  <INFO>      [IRIS] Failed
2019-02-26 00:13:36 :  <INFO>      [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-02-26 00:13:36 :  <INFO>      [SslCert] Issued to ("*.malwarebytes.com")
2019-02-26 00:13:36 :  <INFO>      [SslCert] Locality Name ("Santa Clara")
2019-02-26 00:13:36 :  <INFO>      [SslCert] Organization ("Malwarebytes Inc")
2019-02-26 00:13:36 :  <INFO>      [SslCert] Certificate EffectiveDate:  "lun. oct. 2 00:00:00 2017 GMT"
2019-02-26 00:13:36 :  <INFO>      [SslCert] Certificate ExpirationDate:  "mar. oct. 6 12:00:00 2020 GMT"
2019-02-26 00:13:36 :  <INFO>      [SslCert] ALPN: Yes
2019-02-26 00:13:36 :  <INFO>      [SslCert] Cipher:  "ECDHE-RSA-AES256-GCM-SHA384"
2019-02-26 00:13:36 :  <INFO>      [SslCert] KXE:  "ECDH"
2019-02-26 00:13:36 :  <INFO>      [SslCert] Protocol:  "TLSv1.2"
2019-02-26 00:13:36 :  <WARNING>   [File Downloader] Error downloading ( QNetworkReply::NetworkError(ContentNotFoundError) )
2019-02-26 00:13:36 :  <INFO>      [IRIS] Failed
2019-02-26 00:13:52 :  <INFO>      [Application] Closing AdwCleaner
#6

Revisa las indicaciones de Adwcleaner, pues eso no es el log solicitado

Ademas prueba esto:

Botón derecho sobre icono Wifi del reloj- solucionar problemas

Tambien dime si en modo seguro con red, funciona el Wifi

Faq de Windows ¿Cómo iniciar Windows en Modo Seguro?

#7

Hola, intenté lo del wifi con boton derecho y no pasa nada, entré al modo seguro con funciones de red pero no funciona el wifi tampoco, incluso no me deja entrar en modo seguro con f8 tuve que entrar a configuración actualizacion y reincio avanzado o algo asi.

aqui pego el log correcto:

- ------------------------------

# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build:    01-30-2019
# Database: 2019-01-25.2 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    02-25-2019
# Duration: 00:00:06
# OS:       Windows 10 Home Single Language
# Cleaned:  5
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Users\Amparo\AppData\LocalLow\pandasecuritytb

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\thebrighttag.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\s.thebrighttag.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\thebrighttag.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\s.thebrighttag.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [9261 octets] - [25/02/2019 08:10:20]
AdwCleaner[S00].txt - [2273 octets] - [25/02/2019 08:59:06]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
#8
  • Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

  • En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.

#9

Hola, este es el primer log FRST-----------

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.02.2019 01 Ran by Amparo (administrator) on CASAAMPARO (27-02-2019 06:33:04) Running from C:\Users\Amparo\Desktop Loaded Profiles: Amparo (Available Profiles: Amparo & afa & Administrador) Platform: Windows 10 Home Single Language Version 1803 17134.407 (X64) Language: Español (España, internacional) Default browser: Edge Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MsMpEng.exe
(Qualcomm Atheros -> Atheros) [File not signed] C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\NisSrv.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Qualcomm Atheros -> Atheros Communications) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5757328 2012-10-19] (Dell Inc -> Dell Inc.)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtPreLoad.exe [64640 2012-12-28] (Qualcomm Atheros -> ) [File not signed]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-01] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-03-17] (Apple Inc.) [File not signed]
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation) [File not signed]
HKLM-x32\...\Run: [ClamWin] => C:\Program Files (x86)\ClamWin\bin\ClamTray.exe [86016 2018-03-03] (alch) [File not signed]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] (Qualcomm Atheros -> Atheros Communications) [File not signed]
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2665212972-797558305-1704637805-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19646312 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2665212972-797558305-1704637805-1001\...\MountPoints2: {432db05e-a8c7-11e8-bf4b-b8ca3abfabc0} - "E:\AutoRun.exe" 
HKU\S-1-5-21-2665212972-797558305-1704637805-1001\...\MountPoints2: {9cc2f9e4-881e-11e2-be65-806e6f6e6963} - "D:\Autorun.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\Installer\chrmstp.exe [2019-02-25] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-12-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-12-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
Startup: C:\Users\Amparo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2017-08-28]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [File not signed]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.213.4.14
Tcpip\..\Interfaces\{5ab6d9ee-15f7-4148-a872-9442458fa9bd}: [DhcpNameServer] 10.213.4.14
Tcpip\..\Interfaces\{820a689b-75f0-4c51-93f0-3fa9dd9e4ddf}: [DhcpNameServer] 10.213.4.14

Internet Explorer:
==================
HKU\S-1-5-21-2665212972-797558305-1704637805-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/
HKU\S-1-5-21-2665212972-797558305-1704637805-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com
SearchScopes: HKU\S-1-5-21-2665212972-797558305-1704637805-1001 -> DefaultScope {BC259719-6A4A-41F3-B3C3-CFD20181202F} URL = 
SearchScopes: HKU\S-1-5-21-2665212972-797558305-1704637805-1001 -> {BC259719-6A4A-41F3-B3C3-CFD20181202F} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2016-07-23] (Oracle America, Inc. -> Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2012-12-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-07-23] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2016-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-02-25] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-02-25] (Google Inc -> Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Amparo\AppData\Local\Google\Chrome\User Data\Default [2019-02-25]
CHR Extension: (Presentaciones) - C:\Users\Amparo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Documentos) - C:\Users\Amparo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Google Drive) - C:\Users\Amparo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Amparo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Búsqueda de Google) - C:\Users\Amparo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Hojas de cálculo) - C:\Users\Amparo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Amparo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-14]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Amparo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2018-11-27]
CHR Extension: (Grammarly for Chrome) - C:\Users\Amparo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-02-25]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Amparo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Gmail) - C:\Users\Amparo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\Amparo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc. -> Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
S2 DellDigitalDelivery; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [173056 2012-06-19] (Dell Products, LP.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation -> Intel Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] (CyberLink -> )
S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] (CyberLink -> )
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S4 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [265784 2017-12-19] (Synaptics Incorporated -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-10-22] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-10-22] (Microsoft Corporation -> Microsoft Corporation)
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.2.219\WsAppService.exe [440832 2016-12-07] (Wondershare) [File not signed]
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-25] (Qualcomm Atheros -> Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\WINDOWS\System32\Drivers\wsadb.sys [40808 2017-01-08] (Shenzhen Wondershare Information Technology Co., Ltd. -> Google Inc)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-11] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-02-23] (Bluestack Systems, Inc. -> Bluestack System Inc. )
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink -> CyberLink)
S3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-24] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
R1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation -> EldoS Corporation)
R1 epp; C:\EEK\bin64\epp.sys [142952 2018-11-26] (Emsisoft Ltd -> Emsisoft Ltd)
S3 massfilter_hs; C:\WINDOWS\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (ZTE CORPORATION -> HandSet Incorporated)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R1 MpKsl0e05b246; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D455A8CF-B031-44F2-AD91-6F8DCB91CD56}\MpKsl0e05b246.sys [58120 2019-02-26] (Microsoft Corporation -> Microsoft Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896744 2015-08-14] (Realtek Semiconductor Corp -> Realtek )
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [28040 2012-12-21] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [53816 2017-12-19] (Synaptics Incorporated -> Synaptics Incorporated)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46184 2018-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [328696 2018-10-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60408 2018-10-22] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error(1) reading file: "C:\Users\Amparo\Downloads\Designer Resources "
2019-02-27 06:33 - 2019-02-27 06:34 - 000018997 _____ C:\Users\Amparo\Desktop\FRST.txt
2019-02-27 06:32 - 2019-02-27 06:33 - 000000000 ____D C:\FRST
2019-02-27 06:32 - 2019-02-27 06:21 - 002433536 _____ (Farbar) C:\Users\Amparo\Desktop\FRST64.exe
2019-02-27 06:31 - 2019-02-27 06:31 - 000000000 ____D C:\Users\Amparo\Desktop\ADATA UFD
2019-02-26 15:15 - 2019-02-26 15:19 - 000138548 _____ C:\WINDOWS\ntbtlog.txt
2019-02-25 18:07 - 2019-02-25 18:08 - 000430788 _____ C:\Users\Amparo\Desktop\cc_20190225_180646.reg
2019-02-25 17:53 - 2019-02-27 06:31 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-02-25 17:53 - 2019-02-25 17:53 - 000002880 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-02-25 17:52 - 2019-02-25 17:53 - 000000000 ____D C:\Program Files\CCleaner
2019-02-25 17:52 - 2019-02-25 17:52 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-02-25 17:52 - 2019-02-25 17:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-02-25 17:47 - 2019-02-25 08:00 - 007316688 _____ (Malwarebytes) C:\Users\Amparo\Desktop\adwcleaner_7.2.7.0.exe
2019-02-25 17:46 - 2019-02-25 17:46 - 000001923 _____ C:\Users\Amparo\Desktop\malw log.txt
2019-02-25 17:28 - 2019-02-25 17:28 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-02-25 17:28 - 2019-02-25 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-02-25 17:28 - 2019-02-25 17:28 - 000000000 ____D C:\Program Files\Malwarebytes
2019-02-25 17:28 - 2019-02-25 07:59 - 062142808 _____ (Malwarebytes ) C:\Users\Amparo\Desktop\mb3-setup-consumer-3.7.1.2839-1.0.538-1.0.9412.exe
2019-02-25 17:28 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-02-25 17:28 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-02-25 11:37 - 2018-09-19 22:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-02-25 08:09 - 2019-02-25 08:59 - 000000000 ____D C:\AdwCleaner
2019-02-25 08:09 - 2019-02-25 08:09 - 000000000 ____D C:\Users\Amparo\AppData\Local\mbamtray
2019-02-25 08:09 - 2019-02-25 08:09 - 000000000 ____D C:\Users\Amparo\AppData\Local\mbam
2019-02-25 08:01 - 2019-02-25 07:53 - 007241296 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\Amparo\Desktop\HiJackThis.exe
2019-02-21 11:12 - 2019-02-22 10:18 - 000000000 ____D C:\Users\Amparo\Desktop\Nueva carpeta (2)
2019-02-16 17:40 - 2019-02-16 17:40 - 000000000 ___HD C:\$SysReset

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-27 06:34 - 2016-05-30 20:17 - 000000000 ____D C:\Users\Amparo\AppData\Local\Adobe
2019-02-27 06:30 - 2018-06-14 03:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-26 15:36 - 2018-04-11 17:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-26 15:26 - 2014-11-26 18:59 - 000000000 __SHD C:\Users\Amparo\IntelGraphicsProfiles
2019-02-26 15:25 - 2018-06-15 14:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-02-26 15:25 - 2018-04-11 15:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-02-26 15:20 - 2016-03-12 16:15 - 000000000 ____D C:\Users\Amparo\AppData\Local\ElevatedDiagnostics
2019-02-26 15:16 - 2018-12-20 00:19 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-02-26 15:13 - 2018-04-11 17:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-25 18:33 - 2015-02-05 21:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-25 18:31 - 2015-02-05 21:57 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-25 18:30 - 2017-09-30 17:34 - 000000000 ____D C:\Program Files\rempl
2019-02-25 18:15 - 2018-06-15 13:55 - 001772030 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-25 18:15 - 2018-04-12 10:18 - 000788782 _____ C:\WINDOWS\system32\perfh00A.dat
2019-02-25 18:15 - 2018-04-12 10:18 - 000155876 _____ C:\WINDOWS\system32\perfc00A.dat
2019-02-25 18:15 - 2018-04-11 17:36 - 000000000 ____D C:\WINDOWS\INF
2019-02-25 18:12 - 2018-06-14 03:55 - 005563392 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-25 18:12 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-25 18:04 - 2018-06-07 16:59 - 000000000 ___DC C:\WINDOWS\Panther
2019-02-25 18:04 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-02-25 18:04 - 2015-02-08 10:20 - 000000000 ____D C:\Users\Amparo\AppData\Local\CrashDumps
2019-02-25 17:51 - 2018-06-15 14:09 - 000004210 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{00A09147-FF0C-49DD-9E90-BA8EABE20A05}
2019-02-25 17:30 - 2015-02-04 21:49 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-02-25 17:28 - 2018-04-11 17:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-02-25 12:36 - 2015-02-04 22:10 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-25 12:27 - 2018-06-15 14:09 - 000003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-02-25 12:27 - 2018-06-15 14:09 - 000003432 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-02-25 11:54 - 2018-07-11 13:03 - 000000000 ____D C:\ProgramData\Packages
2019-02-25 11:54 - 2018-04-11 17:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-25 11:44 - 2018-01-21 19:33 - 000000000 ____D C:\Users\Amparo\AppData\Local\Packages
2019-02-25 11:34 - 2015-12-28 13:47 - 000592616 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-02-02 16:53 - 2018-11-14 15:40 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-02-02 16:53 - 2018-11-14 15:40 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2017-04-10 22:22 - 2017-04-10 22:22 - 007639040 _____ () C:\Program Files (x86)\GUTFF16.tmp
2017-04-22 08:14 - 2017-04-22 08:24 - 000007605 _____ () C:\Users\Amparo\AppData\Local\Resmon.ResmonCfg
2016-07-14 00:28 - 2016-11-15 22:27 - 000000169 _____ () C:\Users\Amparo\AppData\Local\uts.ini
2018-10-10 09:09 - 2018-10-10 09:09 - 000000000 _____ () C:\Users\Amparo\AppData\Local\{9B54F33C-807D-4CA4-8E4D-801FF073DB1D}
2015-09-25 22:54 - 2015-09-25 22:54 - 000000000 _____ () C:\Users\Amparo\AppData\Local\{E66A8024-D552-4E6C-BE9A-D98A24DA3665}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-14 03:55

==================== End of FRST.txt ============================
#11

Elimine tu ultimo log, porque repetiste el primero dos veces.

Falta el Addition.txt

#12

ups, perdón eso de estar pasando archivos de la laptopa usb pc, aqui va:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.02.2019 01 Ran by Amparo (27-02-2019 06:35:36) Running from C:\Users\Amparo\Desktop Windows 10 Home Single Language Version 1803 17134.407 (X64) (2018-06-15 20:11:08) Boot Mode: Normal ==========================================================

==================== Accounts: =============================

Administrador (S-1-5-21-2665212972-797558305-1704637805-500 - Administrator - Enabled) => C:\Users\Administrator
afa (S-1-5-21-2665212972-797558305-1704637805-1002 - Limited - Enabled) => C:\Users\afa
Amparo (S-1-5-21-2665212972-797558305-1704637805-1001 - Administrator - Enabled) => C:\Users\Amparo
DefaultAccount (S-1-5-21-2665212972-797558305-1704637805-503 - Limited - Disabled)
Invitado (S-1-5-21-2665212972-797558305-1704637805-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2665212972-797558305-1704637805-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Application Support (32 bits) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 3.56.76.1867 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.53 - Piriform)
ClamWin Free Antivirus 0.99.4 (HKLM-x32\...\ClamWin Free Antivirus_is1) (Version:  - alch)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.2330a - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.2330a - CyberLink Corp.)
CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.2318 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.0.0.4 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.0.0.4 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{D9ED3EFC-AB00-4CE0-ADED-80EE6B1158A7}) (Version: 2.2.2000.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)
Dell Support Center (HKLM\...\PC-Doctor for Windows) (Version: 3.2.6032.39 - PC-Doctor, Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.64 - Synaptics Incorporated)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 3.2.6032.39 - PC-Doctor, Inc.) Hidden
FormatFactory 2.40 (HKLM-x32\...\FormatFactory) (Version: 2.40 - Free Time)
Galería de fotos (HKLM-x32\...\{8F7FECEC-088F-431D-A5FB-2B59E1E69943}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HP USB Disk Storage Format Tool (HKLM-x32\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version:  - )
IllustratorCs6 version 16.0 (HKLM-x32\...\{B558D09D-AF45-4008-B73B-409706BC7FF8}_is1) (Version: 16.0 - Nws)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{6F73FF93-0B55-4194-AE45-C19DA1F33E97}) (Version: 6.0.3 - Intel Corporation)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2665212972-797558305-1704637805-1001\...\OneDriveSetup.exe) (Version: 18.192.0920.0015 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
MiniTool Power Data Recovery Free Edition 7.0 (HKLM\...\MiniTool Power Data Recovery Free Edition_is1) (Version:  - MiniTool Solution Ltd.)
Movie Maker (HKLM-x32\...\{13F3CEA5-9E2C-4C4E-9F0F-D0DB389CF4A9}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Paquete de controladores de Windows - MediaTek Inc. (usbser) Ports  (01/05/2012 2.0000.0.1) (HKLM\...\49D9ABA9270C5BDFD7AE1BEB607D36B26BB90235) (Version: 01/05/2012 2.0000.0.1 - MediaTek Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.218 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.012 - Dell Inc.)
QuickTime (HKLM-x32\...\{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}) (Version: 7.66.71.0 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
SmartSound Quicktracks 5 (HKLM-x32\...\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.7 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.7 - SmartSound Software Inc.)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
Update Manager (HKLM-x32\...\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}) (Version: 4.60 - Corel Corporation) Hidden
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
ZTE Driver USB del dispositivo (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2088.1.A01B04 - ZTE Corporation)
ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version:  - ZTE Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2665212972-797558305-1704637805-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2665212972-797558305-1704637805-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvAppExt.dll [2012-12-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
ContextMenuHandlers1: [ClamWin] -> {65713842-C410-4f44-8383-BFE01A398C90} => C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll [2008-04-19] () [File not signed]
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-07-11] (CyberLink -> Cyberlink)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-07-11] (CyberLink -> Cyberlink)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ShellContextExt.dll [2012-12-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ClamWin] -> {65713842-C410-4f44-8383-BFE01A398C90} => C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll [2008-04-19] () [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-16] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01EA52DF-5822-4079-9233-FC937D5A2B13} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {18561578-DE5D-4577-9E41-9C128FAEDEEE} - System32\Tasks\{0E56608A-506F-4388-8A03-4E7CD19E89FC} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Amparo\Desktop\photoshop\Adobe Photoshop CS2 español\Adobe Photoshop CS2 CS 2 Final\Photoshop CS2 [AnimaRecordings.com]\Setup.exe" -d "C:\Users\Amparo\Desktop\photoshop\Adobe Photoshop CS2 español\Adobe Photoshop CS2 CS 2 Final\Photoshop CS2 [AnimaRecordings.com]"
Task: {18CFF311-2C60-4871-9211-4DEBBAC16836} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {22189DBB-1D31-4F7A-BE69-C830919ECAA0} - System32\Tasks\{22195C71-C81B-448D-A35F-BA803356E192} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Amparo\Desktop\Adobe Photoshop CS2 español\Adobe Photoshop CS2 CS 2 Final\Photoshop CS2 [AnimaRecordings.com]\Setup.exe" -d "C:\Users\Amparo\Desktop\Adobe Photoshop CS2 español\Adobe Photoshop CS2 CS 2 Final\Photoshop CS2 [AnimaRecordings.com]"
Task: {2593704B-D805-43DA-A850-311B36AF9076} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {294EE34D-06FF-4A8D-B630-513147FE41F5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {2A8FDB19-6821-4E9E-A619-AF2CC93E1DD2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {2AB5CF29-A93A-4FA8-9C76-71598A5C09F5} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {34E6DD10-B827-4533-90E1-C3A840748B75} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {350D5E50-78A0-44B9-BF00-DBA14AB944AF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3FF919C2-2D9B-404C-8C90-4E356852BC7E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {494CDA33-B571-41FA-8D1D-B2ED7F979582} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {4EA4BAA7-8B4F-4BE0-8C4D-03415C752DFB} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {5264D036-1456-4B35-B963-FFE7DD5D2DA8} - System32\Tasks\AdobeAAMUpdater-1.0-casaamparo-Amparo => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {5AE2A300-9D47-4F7E-AAEE-BAC371DC6785} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {6C3FF920-66CD-4AC4-9893-5991B3F70E33} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {76E6C03D-DECF-46B3-91E8-1D7A93B1E008} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7A623E73-F4F4-42C3-A264-33836BE46984} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {837D98A4-2BF7-4CF3-909A-3A435EC81F1A} - \WPD\SqmUpload_S-1-5-21-2665212972-797558305-1704637805-1001 -> No File <==== ATTENTION
Task: {87EDE221-E454-4DF7-B94B-98F0B19DD169} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {90C43EEF-EFF3-4D23-873C-71324DBB8928} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe (Dell Inc. -> Dell, Inc.)
Task: {99B38664-C4AB-40D1-AF29-69C0120A43FA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {9E81C30F-C41A-45BA-B363-E8E6A271C368} - System32\Tasks\{264E7B97-724F-4EEF-B532-30E0A6297802} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Amparo\Desktop\Adobe Photoshop CS2 español\Adobe Photoshop CS2 CS 2 Final\Photoshop CS2 [AnimaRecordings.com]\Setup.exe" -d "C:\Users\Amparo\Desktop\Adobe Photoshop CS2 español\Adobe Photoshop CS2 CS 2 Final\Photoshop CS2 [AnimaRecordings.com]"
Task: {A549C872-CEE5-4867-B958-383205527310} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe
Task: {A700A3FE-83A6-4D79-BAD7-40CEADF3D2B0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {AA24120F-9AC3-4D3F-BC0F-FF945222662A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AB9F4071-CA19-4369-A9C3-A5AAFD791E5B} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe
Task: {AE73B26C-0193-45CD-921B-9A9667DEAC17} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {B091A8B6-0E16-4AF4-AA94-11EAC8941EFF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {C772D614-C413-4BC4-863B-CCA58E366CC0} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {DE2CDD66-FCA8-48C8-A9E0-D2E3C3F2DB1B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E6FA1878-EF49-4A45-8489-B8C8F10B7032} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {FF91B6B5-55B5-4632-A7BD-8A8458720B71} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2012-12-28 06:41 - 2012-12-28 06:41 - 000226944 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
2013-03-08 13:09 - 2012-12-25 18:41 - 000081536 _____ (Qualcomm Atheros -> Atheros) [File not signed] C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
2018-11-28 11:09 - 2008-04-19 17:35 - 000080384 _____ () [File not signed] C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll
2012-12-28 06:42 - 2012-12-28 06:42 - 000203392 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\FolderViewImpl.dll
2012-12-28 06:42 - 2012-12-28 06:42 - 000113280 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\utils.dll
2012-12-28 06:42 - 2012-12-28 06:42 - 000033408 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\CommApi.dll
2012-12-28 06:42 - 2012-12-28 06:42 - 000035456 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ipc.dll
2012-12-28 06:42 - 2012-12-28 06:42 - 000027264 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\TCPConnection.dll
2012-12-28 06:42 - 2012-12-28 06:42 - 000290944 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ShellContextExt.dll
2012-12-28 06:42 - 2012-12-28 06:42 - 000107648 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvAppExt.dll
2012-12-28 06:42 - 2012-12-28 06:42 - 001067648 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\OutLookLib.dll
2012-12-28 06:42 - 2012-12-28 06:42 - 000129664 _____ (Qualcomm Atheros -> Atheros Communications) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
2012-12-28 06:42 - 2012-12-28 06:42 - 000063104 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ModuleManager.dll
2012-12-28 06:39 - 2012-12-28 06:39 - 000011264 _____ () [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-12-28 06:39 - 2012-12-28 06:39 - 000063488 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\RfcommLib\rfcommlib.dll
2012-12-28 06:39 - 2012-12-28 06:39 - 000196096 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Audio\audio.dll
2012-12-28 06:42 - 2012-12-28 06:42 - 000083072 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Handsfree.dll
2012-12-28 06:36 - 2012-12-28 06:36 - 000018432 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\DID\DId.dll
2012-12-28 06:39 - 2012-12-28 06:39 - 000090624 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\L2capLib\l2caplib.dll
2012-12-28 06:39 - 2012-12-28 06:39 - 000087552 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\SesMgr\sesmgr.dll
2012-12-28 06:36 - 2012-12-28 06:36 - 000096768 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\goep\goep.dll
2012-12-28 06:39 - 2012-12-28 06:39 - 000177152 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\BIP\BIP.dll
2012-12-28 06:36 - 2012-12-28 06:36 - 000036352 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\FAX\Fax.dll
2012-12-28 06:39 - 2012-12-28 06:39 - 000161792 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\BasicPrintProfile\BPP.dll
2012-12-28 06:36 - 2012-12-28 06:36 - 000303616 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\LE\LE.dll
2012-12-28 06:42 - 2012-12-28 06:42 - 000126080 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\gatts.DLL
2012-12-28 06:42 - 2012-12-28 06:42 - 000085632 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\GattI.dll
2012-12-28 06:39 - 2012-12-28 06:39 - 000091648 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\GapSdp\GapSdp.dll
2012-12-28 06:36 - 2012-12-28 06:36 - 000064512 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Sync\Sync.dll
2012-12-28 06:39 - 2012-12-28 06:39 - 000421888 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\FileTransfer\FileTransfer.dll
2012-12-28 06:36 - 2012-12-28 06:36 - 000084480 _____ () [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
2012-12-28 06:39 - 2012-12-28 06:39 - 000065024 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\OppOperation\OppOperation.dll
2012-12-28 06:39 - 2012-12-28 06:39 - 000055296 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\spp\spp.dll
2012-12-28 06:36 - 2012-12-28 06:36 - 000029696 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\HCRP\Hcrp.dll
2012-12-28 06:41 - 2012-12-28 06:41 - 000012928 _____ (Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
2018-11-15 10:59 - 2018-11-15 10:59 - 000016896 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorDataMgrSvc\01f16f7465bf3a255606efa8c242d8f7\IAStorDataMgrSvc.ni.exe
2018-11-15 11:00 - 2018-11-15 11:00 - 000363520 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\8aab347b90d03310ccb6e24c215b8543\IAStorUtil.ni.dll
2018-11-15 11:00 - 2018-11-15 11:00 - 000073216 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorDataMgr\549a869ae89f1e8782fa1409b91f8d62\IAStorDataMgr.ni.dll
2018-11-15 11:02 - 2018-11-15 11:02 - 001076224 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorViewModel\63f36a944041077f8a9236f5f684f8f1\IAStorViewModel.ni.dll
2018-11-15 11:01 - 2018-11-15 11:01 - 000027136 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\04c7a9268738df402d4645e3822a8659\IAStorDataMgrSvcInterfaces.ni.dll
2018-11-15 11:00 - 2018-11-15 11:00 - 003713536 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSI\63e045f79c8f750659cf60b173f50037\PSI.ni.dll
2018-11-15 11:01 - 2018-11-15 11:01 - 000016384 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\82169135886758c50357a4d0b5b77847\PSIClient.ni.dll
2018-11-15 11:01 - 2018-11-15 11:01 - 000625152 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PsiData\4a5b2b2a3c68ceaf570b012a21fcd996\PsiData.ni.dll
2013-03-08 13:05 - 2012-11-19 05:13 - 000269824 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-03-08 13:05 - 2012-11-19 05:13 - 000467456 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2018-11-15 11:01 - 2018-11-15 11:01 - 000020992 _____ (Intel Corp.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorCommon\bddb5b682175829b536e7ea1c0774de3\IAStorCommon.ni.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 07:25 - 2013-08-22 07:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: %C_EM64T_REDIST11%bin\Intel64;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Common Files\Adobe\AGL;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2665212972-797558305-1704637805-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Amparo\Pictures\3.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: RichVideo64 => 2
MSCONFIG\Services: SynTPEnhService => 2
MSCONFIG\Services: WsAppService => 2
HKLM\...\StartupApproved\Run: => "BtPreLoad"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKU\S-1-5-21-2665212972-797558305-1704637805-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2665212972-797558305-1704637805-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4C1DF8D3-9AF4-4104-8345-00F12ABDAE0C}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{FC4716D4-438E-4873-BF30-CE6664E5183C}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{4703C898-C873-46D2-842B-07335AF04469}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{2023713C-0CED-404A-998E-404FE83C0EB1}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{CF88F42A-E6C9-4051-86B0-95DAB19B2834}] => (Allow) LPort=1900
FirewallRules: [{3BAEC593-87F9-40BD-AE20-B0B30048E515}] => (Allow) LPort=2869
FirewallRules: [{AEE6CBD3-7BA7-4FB3-B1EF-B52651D0DEB3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{07FD897D-3A6C-420C-B162-0CAC094E5A55}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{4525977C-6982-4969-8415-69E6178C52AF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{143153E8-51E3-4880-9E54-127E1C75D8A4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{B9D9690D-53DB-414C-AAA2-E020E65962E3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7B6271A2-D32D-4767-999A-A1A00CE64C64}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6D9BC4FA-670B-418E-9579-FCE0BA255487}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5D3D79DB-E955-468A-83F1-24B32D3F6D81}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BCFD99B9-AAAC-4BFA-8B8D-CED151B807DD}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{186A95A4-1435-448B-BDAE-2CDC35434BE1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

15-01-2019 22:13:01 Instalador de Módulos de Windows
16-02-2019 15:48:20 Instalador de Módulos de Windows
25-02-2019 07:43:26 Instalador de Módulos de Windows
26-02-2019 15:12:37 Instalador de Módulos de Windows

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/27/2019 06:31:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ShellExperienceHost.exe, versión: 10.0.17134.1, marca de tiempo: 0x5ace103a
Nombre del módulo con errores: twinapi.appcore.dll, versión: 10.0.17134.137, marca de tiempo: 0xb5d50228
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000007247f
Identificador del proceso con errores: 0x124c
Hora de inicio de la aplicación con errores: 0x01d4ce986ec2be84
Ruta de acceso de la aplicación con errores: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\twinapi.appcore.dll
Identificador del informe: 08386164-7bf1-4aae-b34f-e13d4843b348
Nombre completo del paquete con errores: Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: App

Error: (02/27/2019 06:31:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SecHealthUI.exe, versión: 10.0.17134.407, marca de tiempo: 0x5bdaa40b
Nombre del módulo con errores: twinapi.appcore.dll, versión: 10.0.17134.137, marca de tiempo: 0xb5d50228
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000007247f
Identificador del proceso con errores: 0xc38
Hora de inicio de la aplicación con errores: 0x01d4ce984c2368c2
Ruta de acceso de la aplicación con errores: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\twinapi.appcore.dll
Identificador del informe: 9b3997bf-38c4-45f0-a34a-f021fe1a76b5
Nombre completo del paquete con errores: Microsoft.Windows.SecHealthUI_10.0.17134.1_neutral__cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: SecHealthUI

Error: (02/27/2019 06:30:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: backgroundTaskHost.exe, versión: 10.0.17134.1, marca de tiempo: 0xcb43d9c5
Nombre del módulo con errores: twinapi.appcore.dll, versión: 10.0.17134.137, marca de tiempo: 0xb5d50228
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000007247f
Identificador del proceso con errores: 0x1534
Hora de inicio de la aplicación con errores: 0x01d4ce983e195db8
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\backgroundTaskHost.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\twinapi.appcore.dll
Identificador del informe: 19062904-bfed-46bd-9e92-12fa456db15a
Nombre completo del paquete con errores: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: CortanaUI

Error: (02/27/2019 06:30:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: LockApp.exe, versión: 10.0.17134.1, marca de tiempo: 0x5acd88b2
Nombre del módulo con errores: twinapi.appcore.dll, versión: 10.0.17134.137, marca de tiempo: 0xb5d50228
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000007247f
Identificador del proceso con errores: 0x7c4
Hora de inicio de la aplicación con errores: 0x01d4ce983affa593
Ruta de acceso de la aplicación con errores: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\twinapi.appcore.dll
Identificador del informe: 840cd02f-bb66-4f7b-956c-59f569238fed
Nombre completo del paquete con errores: Microsoft.LockApp_10.0.17134.1_neutral__cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: WindowsDefaultLockScreen

Error: (02/26/2019 08:24:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: backgroundTaskHost.exe, versión: 10.0.17134.1, marca de tiempo: 0xcb43d9c5
Nombre del módulo con errores: twinapi.appcore.dll, versión: 10.0.17134.137, marca de tiempo: 0xb5d50228
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000007247f
Identificador del proceso con errores: 0x1488
Hora de inicio de la aplicación con errores: 0x01d4ce4381dfacb4
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\backgroundTaskHost.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\twinapi.appcore.dll
Identificador del informe: ac3fc4ab-3e65-44d8-b36a-c916a15de2b5
Nombre completo del paquete con errores: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: CortanaUI

Error: (02/26/2019 08:24:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SearchUI.exe, versión: 10.0.17134.407, marca de tiempo: 0x5bdaa40f
Nombre del módulo con errores: twinapi.appcore.dll, versión: 10.0.17134.137, marca de tiempo: 0xb5d50228
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000007247f
Identificador del proceso con errores: 0x1624
Hora de inicio de la aplicación con errores: 0x01d4ce4381dabe74
Ruta de acceso de la aplicación con errores: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\twinapi.appcore.dll
Identificador del informe: bd8ad0dc-9603-4522-90b1-de17767af5d0
Nombre completo del paquete con errores: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: CortanaUI

Error: (02/26/2019 08:19:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SecHealthUI.exe, versión: 10.0.17134.407, marca de tiempo: 0x5bdaa40b
Nombre del módulo con errores: twinapi.appcore.dll, versión: 10.0.17134.137, marca de tiempo: 0xb5d50228
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000007247f
Identificador del proceso con errores: 0x390
Hora de inicio de la aplicación con errores: 0x01d4ce42e55eb71a
Ruta de acceso de la aplicación con errores: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\twinapi.appcore.dll
Identificador del informe: 0e6484e7-342a-45d4-92b0-3898ee0ddecd
Nombre completo del paquete con errores: Microsoft.Windows.SecHealthUI_10.0.17134.1_neutral__cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: SecHealthUI

Error: (02/26/2019 08:19:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ShellExperienceHost.exe, versión: 10.0.17134.1, marca de tiempo: 0x5ace103a
Nombre del módulo con errores: twinapi.appcore.dll, versión: 10.0.17134.137, marca de tiempo: 0xb5d50228
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000007247f
Identificador del proceso con errores: 0x98c
Hora de inicio de la aplicación con errores: 0x01d4ce42e249301b
Ruta de acceso de la aplicación con errores: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\twinapi.appcore.dll
Identificador del informe: 67e473ce-0198-4071-888e-d94199d53a5d
Nombre completo del paquete con errores: Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: App


System errors:
=============
Error: (02/27/2019 06:33:30 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (02/27/2019 06:32:00 AM) (Source: DCOM) (EventID: 10010) (User: casaamparo)
Description: El servidor Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy!App no se registró con DCOM dentro del tiempo de espera requerido.

Error: (02/27/2019 06:31:01 AM) (Source: DCOM) (EventID: 10010) (User: casaamparo)
Description: El servidor Microsoft.Windows.SecHealthUI_10.0.17134.1_neutral__cw5n1h2txyewy!SecHealthUI.AppX73bpxf4sp6pxkykmznv2ft8v666ma3ps.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (02/27/2019 06:30:38 AM) (Source: DCOM) (EventID: 10010) (User: casaamparo)
Description: El servidor Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX360dyffbd5crx5cph6sy881bkkccrbr0.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (02/27/2019 06:30:33 AM) (Source: DCOM) (EventID: 10010) (User: casaamparo)
Description: El servidor Microsoft.LockApp_10.0.17134.1_neutral__cw5n1h2txyewy!WindowsDefaultLockScreen no se registró con DCOM dentro del tiempo de espera requerido.

Error: (02/26/2019 08:24:04 PM) (Source: DCOM) (EventID: 10010) (User: casaamparo)
Description: El servidor Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX7gfgmgykbws8x0ccxbt2zeamtttc1ntp.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (02/26/2019 08:24:04 PM) (Source: DCOM) (EventID: 10010) (User: casaamparo)
Description: El servidor Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXynb3eakad12451rv00qxextfnce9sxb8.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (02/26/2019 08:19:42 PM) (Source: DCOM) (EventID: 10010) (User: casaamparo)
Description: El servidor Microsoft.Windows.SecHealthUI_10.0.17134.1_neutral__cw5n1h2txyewy!SecHealthUI.AppX73bpxf4sp6pxkykmznv2ft8v666ma3ps.mca no se registró con DCOM dentro del tiempo de espera requerido.


Windows Defender:
===================================
Date: 2019-02-27 06:31:58.378
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Worm:Win32/Gamarue&threatid=2147650285&enterprise=0
Nombre: Worm:Win32/Gamarue
Id.: 2147650285
Gravedad: Grave
Categoría: Gusano
Ruta de acceso: file:_E:\ \&^^&^&&^&^^&^&&^&^^&^&&^&^^&^^&&.2
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: casaamparo\Amparo
Nombre de proceso: C:\Windows\explorer.exe
Versión de firma: AV: 1.287.760.0, AS: 1.287.760.0, NIS: 1.287.760.0
Versión de motor: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-25 08:08:32.066
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {D6BC3EE2-8706-4DE3-BFEF-B08BCA74F504}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-02-25 08:00:48.470
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {DDE710CB-EBAA-4E98-B718-135EC1825CC3}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-02-25 07:35:48.049
Description: 
Antivirus de Windows Defender detectó un comportamiento sospechoso.
Nombre: Behavior:Win32/ModifiedBootRecord
Id.: 2019692132
Gravedad: Baja
Categoría: Comportamiento sospechoso
Ruta de acceso encontrada: file:_C:\Users\Amparo\AppData\Local\Temp\syslinux.exe; process:_7024
Origen de detección: Equipo local
Tipo de detección: Sospechoso
Fuente de detección: Protección en tiempo real
Estado: Ejecutando
Usuario: casaamparo\Amparo
Nombre de proceso: C:\Users\Amparo\AppData\Local\Temp\syslinux.exe
Id. de firma: 23858570787236
Versión de firma: AV: 1.281.989.0, AS: 1.281.989.0
Versión de motor: 1.1.15400.5
Etiqueta de fidelidad:  Medio
Nombre de archivo de destino:  

Date: 2019-01-01 16:07:21.362
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {30C5EF83-B91D-4B9D-8106-20637876CECE}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-02-26 20:27:21.494
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.287.760.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15700.8
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2019-02-26 15:36:07.958
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.287.760.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15700.8
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2019-02-26 15:15:59.312
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2019-02-26 14:33:14.568
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.287.760.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15700.8
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2019-02-25 19:11:53.948
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.287.760.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15700.8
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-3227U CPU @ 1.90GHz
Percentage of memory in use: 56%
Total physical RAM: 3965.27 MB
Available physical RAM: 1720.12 MB
Total Virtual: 8829.27 MB
Available Virtual: 6800.75 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:450.32 GB) (Free:84.75 GB) NTFS
Drive e: (ADATA UFD) (Removable) (Total:7.23 GB) (Free:0.86 GB) FAT32

\\?\Volume{6962f325-79ed-4331-801e-dd5389a841e2}\ (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.21 GB) NTFS
\\?\Volume{c16bd2f2-478d-4003-82ec-6da968cdfb99}\ () (Fixed) (Total:0.79 GB) (Free:0.35 GB) NTFS
\\?\Volume{ad386204-03a7-4eb7-a55d-c16cabcfd513}\ (PBR Image) (Fixed) (Total:13.51 GB) (Free:0.25 GB) NTFS
\\?\Volume{014242bc-543a-47f6-868f-b2df604fc469}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.43 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 3E164AE9)

Partition: GPT.

========================================================
Disk: 1 (Size: 7.2 GB) (Disk ID: 04DD5721)
Partition 1: (Active) - (Size=7.2 GB) - (Type=0B)

==================== End of Addition.txt ============================
#13

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

HKU\S-1-5-21-2665212972-797558305-1704637805-1001\...\MountPoints2: {432db05e-a8c7-11e8-bf4b-b8ca3abfabc0} - "E:\AutoRun.exe" 
HKU\S-1-5-21-2665212972-797558305-1704637805-1001\...\MountPoints2: {9cc2f9e4-881e-11e2-be65-806e6f6e6963} - "D:\Autorun.exe" 
SearchScopes: HKU\S-1-5-21-2665212972-797558305-1704637805-1001 -> DefaultScope {BC259719-6A4A-41F3-B3C3-CFD20181202F} URL = 
SearchScopes: HKU\S-1-5-21-2665212972-797558305-1704637805-1001 -> {BC259719-6A4A-41F3-B3C3-CFD20181202F} URL = 
2017-04-10 22:22 - 2017-04-10 22:22 - 007639040 _____ () C:\Program Files (x86)\GUTFF16.tmp
2018-10-10 09:09 - 2018-10-10 09:09 - 000000000 _____ () C:\Users\Amparo\AppData\Local\{9B54F33C-807D-4CA4-8E4D-801FF073DB1D}
2015-09-25 22:54 - 2015-09-25 22:54 - 000000000 _____ () C:\Users\Amparo\AppData\Local\{E66A8024-D552-4E6C-BE9A-D98A24DA3665}
Task: {01EA52DF-5822-4079-9233-FC937D5A2B13} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {18CFF311-2C60-4871-9211-4DEBBAC16836} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2593704B-D805-43DA-A850-311B36AF9076} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {2A8FDB19-6821-4E9E-A619-AF2CC93E1DD2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {2AB5CF29-A93A-4FA8-9C76-71598A5C09F5} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {34E6DD10-B827-4533-90E1-C3A840748B75} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3FF919C2-2D9B-404C-8C90-4E356852BC7E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {5AE2A300-9D47-4F7E-AAEE-BAC371DC6785} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {6C3FF920-66CD-4AC4-9893-5991B3F70E33} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {76E6C03D-DECF-46B3-91E8-1D7A93B1E008} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7A623E73-F4F4-42C3-A264-33836BE46984} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {837D98A4-2BF7-4CF3-909A-3A435EC81F1A} - \WPD\SqmUpload_S-1-5-21-2665212972-797558305-1704637805-1001 -> No File <==== ATTENTION
Task: {87EDE221-E454-4DF7-B94B-98F0B19DD169} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
C:\Program Files\Common Files\AV\avast! Antivirus
Task: {A700A3FE-83A6-4D79-BAD7-40CEADF3D2B0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {AE73B26C-0193-45CD-921B-9A9667DEAC17} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {C772D614-C413-4BC4-863B-CCA58E366CC0} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION



HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro (Aplicable a Windows 10)?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)

  • Ejecutas Frst.exe.

  • Presionas el botón Fix y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el problema

#14

ok pero en el Delfix no selecciono remove tools tampoco? bueno esa ya viene seleccionada

#15

En mis indicaciones lo pone muy claramente que casilla debes únicamente seleccionar

#16

ok disculpa es que no quiero dar por hecho las cosas y ahi va otra duda

ejecuto Ejecutas Frst.exe. pero no le doy scan solo fix? Disculpa de nuevo

#17

Exacto,se indica pulsar Fix

#18

gracias, hice todo el proceso y al reiniciar se pudo conectar a wifi, aunque persiste lo del boton de inicio que no responde y me sigue cerrando la ventana de las notificaciones del windows defender no me deja ni desactivarlo ni verlo siquiera.

Fix result of Farbar Recovery Scan Tool (x64) Version: 25.02.2019 01
    Ran by Amparo (27-02-2019 15:41:10) Run:2
    Running from C:\Users\Amparo\Desktop
    Loaded Profiles: Amparo (Available Profiles: Amparo & afa & Administrador)
    Boot Mode: Safe Mode (minimal)
    ==============================================

    fixlist content:
    *****************
    Start
    CreateRestorePoint:
    CloseProcesses:

    HKU\S-1-5-21-2665212972-797558305-1704637805-1001\...\MountPoints2: {432db05e-a8c7-11e8-bf4b-b8ca3abfabc0} - "E:\AutoRun.exe" 
    HKU\S-1-5-21-2665212972-797558305-1704637805-1001\...\MountPoints2: {9cc2f9e4-881e-11e2-be65-806e6f6e6963} - "D:\Autorun.exe" 
    SearchScopes: HKU\S-1-5-21-2665212972-797558305-1704637805-1001 -> DefaultScope {BC259719-6A4A-41F3-B3C3-CFD20181202F} URL = 
    SearchScopes: HKU\S-1-5-21-2665212972-797558305-1704637805-1001 -> {BC259719-6A4A-41F3-B3C3-CFD20181202F} URL = 
    2017-04-10 22:22 - 2017-04-10 22:22 - 007639040 _____ () C:\Program Files (x86)\GUTFF16.tmp
    2018-10-10 09:09 - 2018-10-10 09:09 - 000000000 _____ () C:\Users\Amparo\AppData\Local\{9B54F33C-807D-4CA4-8E4D-801FF073DB1D}
    2015-09-25 22:54 - 2015-09-25 22:54 - 000000000 _____ () C:\Users\Amparo\AppData\Local\{E66A8024-D552-4E6C-BE9A-D98A24DA3665}
    Task: {01EA52DF-5822-4079-9233-FC937D5A2B13} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {18CFF311-2C60-4871-9211-4DEBBAC16836} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {2593704B-D805-43DA-A850-311B36AF9076} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {2A8FDB19-6821-4E9E-A619-AF2CC93E1DD2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {2AB5CF29-A93A-4FA8-9C76-71598A5C09F5} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
    Task: {34E6DD10-B827-4533-90E1-C3A840748B75} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {3FF919C2-2D9B-404C-8C90-4E356852BC7E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {5AE2A300-9D47-4F7E-AAEE-BAC371DC6785} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
    Task: {6C3FF920-66CD-4AC4-9893-5991B3F70E33} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
    Task: {76E6C03D-DECF-46B3-91E8-1D7A93B1E008} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {7A623E73-F4F4-42C3-A264-33836BE46984} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {837D98A4-2BF7-4CF3-909A-3A435EC81F1A} - \WPD\SqmUpload_S-1-5-21-2665212972-797558305-1704637805-1001 -> No File <==== ATTENTION
    Task: {87EDE221-E454-4DF7-B94B-98F0B19DD169} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    C:\Program Files\Common Files\AV\avast! Antivirus
    Task: {A700A3FE-83A6-4D79-BAD7-40CEADF3D2B0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {AE73B26C-0193-45CD-921B-9A9667DEAC17} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
    Task: {C772D614-C413-4BC4-863B-CCA58E366CC0} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION



    HOSTS:
    REMOVEPROXY:
    EMPTYTEMP:
    CMD: netsh winsock reset
    CMD: ipconfig /renew
    CMD: ipconfig /flushdns
    CMD: bitsadmin /reset /allusers
    CMD: netsh advfirewall reset
    CMD: netsh advfirewall set allprofiles state ON
    CMD: netsh int ipv4 reset
    CMD: netsh int ipv6 reset
    END
    *****************

    Error: Restore point can only be created in normal mode.
    Processes closed successfully.
    HKU\S-1-5-21-2665212972-797558305-1704637805-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{432db05e-a8c7-11e8-bf4b-b8ca3abfabc0} => not found
    HKLM\Software\Classes\CLSID\{432db05e-a8c7-11e8-bf4b-b8ca3abfabc0} => not found
    HKU\S-1-5-21-2665212972-797558305-1704637805-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9cc2f9e4-881e-11e2-be65-806e6f6e6963} => removed successfully
    HKLM\Software\Classes\CLSID\{9cc2f9e4-881e-11e2-be65-806e6f6e6963} => not found
    "HKU\S-1-5-21-2665212972-797558305-1704637805-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => not found
    HKU\S-1-5-21-2665212972-797558305-1704637805-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BC259719-6A4A-41F3-B3C3-CFD20181202F} => not found
    HKLM\Software\Classes\CLSID\{BC259719-6A4A-41F3-B3C3-CFD20181202F} => not found
    "C:\Program Files (x86)\GUTFF16.tmp" => not found
    "C:\Users\Amparo\AppData\Local\{9B54F33C-807D-4CA4-8E4D-801FF073DB1D}" => not found
    "C:\Users\Amparo\AppData\Local\{E66A8024-D552-4E6C-BE9A-D98A24DA3665}" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01EA52DF-5822-4079-9233-FC937D5A2B13}" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18CFF311-2C60-4871-9211-4DEBBAC16836}" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2593704B-D805-43DA-A850-311B36AF9076}" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A8FDB19-6821-4E9E-A619-AF2CC93E1DD2}" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2AB5CF29-A93A-4FA8-9C76-71598A5C09F5}" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34E6DD10-B827-4533-90E1-C3A840748B75}" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FF919C2-2D9B-404C-8C90-4E356852BC7E}" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AE2A300-9D47-4F7E-AAEE-BAC371DC6785}" => not found
    "C:\WINDOWS\System32\Tasks\AVAST Software\Avast settings backup" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Avast settings backup" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C3FF920-66CD-4AC4-9893-5991B3F70E33}" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76E6C03D-DECF-46B3-91E8-1D7A93B1E008}" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A623E73-F4F4-42C3-A264-33836BE46984}" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{837D98A4-2BF7-4CF3-909A-3A435EC81F1A}" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-2665212972-797558305-1704637805-1001" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87EDE221-E454-4DF7-B94B-98F0B19DD169}" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => not found
    "C:\Program Files\Common Files\AV\avast! Antivirus" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A700A3FE-83A6-4D79-BAD7-40CEADF3D2B0}" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE73B26C-0193-45CD-921B-9A9667DEAC17}" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C772D614-C413-4BC4-863B-CCA58E366CC0}" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
    C:\Windows\System32\Drivers\etc\hosts => moved successfully
    Hosts restored successfully.

    ========= RemoveProxy: =========

    "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
    "HKU\S-1-5-21-2665212972-797558305-1704637805-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
    "HKU\S-1-5-21-2665212972-797558305-1704637805-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


    ========= End of RemoveProxy: =========


    ========= netsh winsock reset =========


    El cat logo Winsock se restableci¢ correctamente.
    Debe reiniciar el equipo para completar el restablecimiento.


    ========= End of CMD: =========


    ========= ipconfig /renew =========


    Configuraci¢n IP de Windows


    ========= End of CMD: =========


    ========= ipconfig /flushdns =========


    Configuraci¢n IP de Windows

    No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.


    ========= End of CMD: =========


    ========= bitsadmin /reset /allusers =========


    BITSADMIN version 3.0
    BITS administration utility.
    (C) Copyright Microsoft Corp.

    Unable to connect to BITS - 0x8007043c

    ========= End of CMD: =========


    ========= netsh advfirewall reset =========


    Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


    ========= End of CMD: =========


    ========= netsh advfirewall set allprofiles state ON =========


    Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


    ========= End of CMD: =========


    ========= netsh int ipv4 reset =========

    No hay valores configurados por el usuario para restablecer.


    ========= End of CMD: =========


    ========= netsh int ipv6 reset =========

    No hay valores configurados por el usuario para restablecer.


    ========= End of CMD: =========


    =========== EmptyTemp: ==========

    BITS transfer queue => 9461760 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12656522 B
    Java, Flash, Steam htmlcache => 0 B
    Windows/system/drivers => 3414 B
    Edge => 0 B
    Chrome => 0 B
    Firefox => 0 B
    Opera => 0 B

    Temp, IE cache, history, cookies, recent:
    Default => 0 B
    Users => 0 B
    ProgramData => 0 B
    Public => 0 B
    systemprofile => 0 B
    systemprofile32 => 0 B
    LocalService => 0 B
    LocalService => 0 B
    NetworkService => 3796 B
    NetworkService => 0 B
    Amparo => 19823 B
    afa => 0 B
    Administrator => 0 B

    RecycleBin => 341 B
    EmptyTemp: => 21.1 MB temporary data Removed.

    ================================


    The system needed a reboot.

    ==== End of Fixlog 15:41:40 ====
#19

Vale, pues para solucionar todos esos problemas, vete a :

https://www.microsoft.com/es-es/software-download/windows10

Dale a actualizar ahora, y pon la ultima versión de Windows 10, o realizarlo desde Windows update, que debería salir la opción de la ultima version.

Actualiza el sistema, y desde windows update, todo lo que tengas pendiente y tu sistema funcionara de nuevo

Comentas el resultado

#20

Hola, ya funciona bien muchas gracias, ahora solo quisiera saber qué hago en cuestión de antivirus? me quedé con adwcleaner, malware
Malware solo está disponible por 10 días mas, ¿que me pueden recomendar , existe algo gratuito que sirva de verdad? Espero su amable respuesta Gracias