Mi PC funciona incorrectamente

Hola a todos, foro, tengo una notebook marca Asus con win 10 pro y un antivirus Kaspersky con licencia. Mi PC funciona de forma muy extraña y presenta varios problemas que describiré desde el arranque.

Al iniciar Windows cuando solicita la contraseña de inicio antes aparecía un solo usuario con una imagen determinada y ahora aparece el nombre de ese usuario duplicado, uno con el nombre, la imagen y contraseña de siempre y otro con el mismo nombre pero sin imagen y otra contraseña. Cuando voy al administrador de usuarios solo puedo ver el primero y el nuevo no está y no de que manera darlo de baja.

Posteriormente mientras el sistema arranca se inicia solo el navegador de internet (Google) y los iconos del escritorio no aparecen, solo la foto del escritorio. Además hay aplicaciones que funcionan mal, por ejemplo al abrir un archivo PDF con el Adobe Acrobat Reader, este se cuelga y en la parte superior de la ventana aparece la leyenda (Not Responding), por otro lado el administrador de archivos a veces al recorrer las distintas carpetas también se cuelga con la misma leyenda. Entre otras cosas un puedo apagar la máquina de forma normal ya que queda por horas con la pantalla en negro y la luz de acceso al disco parpadeando, La única manera es manteniendo pulsado por unos segundos el botón de encendido. Por favor alguien podría ayudarme a solucionar el problema, desde ya muchas gracias.

Hola @charito.

Ese equipo siempre tuvo Windows 10 como sistema operativo instalado…??

Cuántos años tiene esa maquina…??

Puedes iniciar el equipo desde el modo seguro de windows…??

No vino con otra versión de windows pero el 4/10/18 microsoft lo cambio a windows 10 pro versión 1809. No te sabría decir cuantos años tiene pero hace mas de un años le cambien el disco por uno SSD y funcionaba muy bien. Si puedo iniciarlo en modo seguro, hasta ahora.

Hola.

Verifica SI cuando accedes al modo seguro de windows también te ocurre que te salgan esos dos usuarios en el inicio cuando te solicita la contraseña…??

Y nos comentas ademas como funciona el equipo desde el modo seguro…??

Cunando ingrese en modo seguro me aparecían los dos usuarios y pude ejecutar aplicaciones que no podía, pero ahora no me deja entrar en modo seguro ya que no termina de arrancar.

Bien… pues vamos a revisar tu maquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado.

Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar ) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :

• CCleaner + Manual.

• Malwarebytes’ Anti-Malware + Manual. revisa en detalle el manual, para que sepas usarlo y configurarlo correctamente.

• AdwCleaner + Manual.

• Junkware Removal Tool.

• Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. Como saber si Mi Windows es de 32 o 64 Bits ?.

Ejecutas las herramientas de una en una y en el orden indicado :

CCleaner.-

• Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

• Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

• Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

• Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

• Realiza un Análisis Personalizado.

• Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

• En el apartado del programa Historial de detecciones encontrarás el informe de MBAM, que debes copiar y pegar en tu próxima respuesta, para poder analizarlo.

AdwCleaner.-

• Ejecuta Adwcleaner.exe.

• Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

• Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

• El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

• El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

• Ejecuta JRT.exe.

• Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

• Si en algún momento te pide Reiniciar hazlo.

• Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

• Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

• Ejecuta FRST.exe.

• En el mensaje de la ventana del Disclaimer, pulsamos Yes

• En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

• Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Poner los informes en tu próxima respuesta de :

• Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado.

Saludos.

El CCleaner lo ejecuté la semana pasada en modo seguro, ya que en modo normal se queda congelado en el 35% del escaneo inicial.

-Detalles del registro-
Fecha del análisis: 25/11/19
Hora del análisis: 12:59
Archivo de registro: 89435df2-0f9c-11ea-8032-f079598187f9.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.750
Versión del paquete de actualización: 1.0.15392
Licencia: Premium

-Información del sistema-
SO: Windows 10 (Build 17763.864)
CPU: x64
Sistema de archivos: NTFS
Usuario: System

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Programador de tareas
Resultado: Completado
Objetos analizados: 330103
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 13 min, 18 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

# -------------------------------
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build:    10-21-2019
# Database: 2019-10-21.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    11-26-2019
# Duration: 00:00:33
# OS:       Windows 10 Pro
# Scanned:  35182
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1502 octets] - [29/08/2019 11:10:00]
AdwCleaner[S01].txt - [1563 octets] - [02/09/2019 09:21:44]
AdwCleaner[C01].txt - [1808 octets] - [02/09/2019 09:31:44]
AdwCleaner_Debug.log - [22536 octets] - [20/11/2019 16:50:46]
AdwCleaner[S02].txt - [1570 octets] - [20/11/2019 16:51:32]
AdwCleaner[C02].txt - [1758 octets] - [20/11/2019 16:51:59]
AdwCleaner[S03].txt - [1693 octets] - [22/11/2019 09:23:59]
AdwCleaner[S04].txt - [1754 octets] - [22/11/2019 09:25:15]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64 
Ran by Hugo Bustos (Administrator) on 26/11/2019 at  8:58:38,84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 1 

Successfully deleted: C:\Users\Hugo Bustos\AppData\Local\pdfforge (Folder) 

Registry: 4 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF293C5A-9F37-49FD-91C4-2B867063FC54} (Registry Value) 
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9F904093-6E18-4536-BF5F-B03689CF00F0} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9F904093-6E18-4536-BF5F-B03689CF00F0} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{EF293C5A-9F37-49FD-91C4-2B867063FC54} (Registry Value) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26/11/2019 at  9:13:44,56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2019 ([color=red]ATTENTION: ====> FRSTversion is 87 days old and could be outdated[/color])
Ran by Hugo Bustos (administrator) on LAPTOP-HUGO (ASUSTeK COMPUTER INC. X455LA) (26-11-2019 09:15:26)
Running from C:\Users\Hugo Bustos\Desktop
Loaded Profiles: Hugo Bustos (Available Profiles: Hugo Bustos)
Platform: Windows 10 Pro Version 1809 17763.864 (X64) Language: Inglés (Estados Unidos)
Default browser not detected!
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111488 2014-09-15] (Intel(R) Software -> Intel Corporation)
HKU\S-1-5-21-1538946994-2881095234-305898846-1005\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1538946994-2881095234-305898846-1005\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [221184 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-22] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2014-03-19] (Broadcom Corporation -> Broadcom Corporation.)
BootExecute: autocheck autochk *  

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06DF60F2-0722-44EC-BB08-CA9B20BFA64F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {0F7D295F-6A1C-49CC-B1DA-1A5266B520A6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286096 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {51E848B4-7873-4C8D-9AF2-9A0479510764} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {59E50B7C-A934-4232-8BC0-BE84EC9FFC9F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Hugo Bustos\Desktop\ESETOnlineScanner_ESL (1).exe [8166712 2019-08-21] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [31232 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
Task: {626F503C-A88E-4CDC-9830-2C37B6359E51} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-21] (Google Inc -> Google Inc.)
Task: {68325FF7-616A-430D-AB6F-50B0AE887A0F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-21] (Google Inc -> Google Inc.)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7186B784-84F1-4768-BBE5-68AF2DD2C541} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286096 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {74C0FCE3-D03A-4811-B509-1DE4FC981339} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {847ACB2F-3F24-4B68-8D5D-B5B05F1CEC36} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [136696 2019-08-18] (Glarysoft LTD -> Glarysoft Ltd)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {939E4972-ECA9-482F-9A55-F86CEEC83797} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Hugo Bustos\Desktop\ESETOnlineScanner_ESL (1).exe [8166712 2019-08-21] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {962A74AE-35A2-4699-985B-36EA6C5B93B8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {97593494-4D80-441C-A720-DB8645792473} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {B5322C64-6FF9-4218-A6DF-64F7354DEEFB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D548A3FC-F94F-4124-9401-3BA2C7716AA6} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2019-09-26] (Kaspersky Lab -> AO Kaspersky Lab)
Task: {F67D09BC-EAE9-4E69-9ACD-BBFDD9A426D1} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [915960 2019-08-18] (Glarysoft LTD -> Glarysoft Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{141ca94c-4ed2-4cad-a28a-334eb6b465be}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{76060e0a-922c-455f-9044-02e21b061103}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{d235bf04-00d1-4006-807c-39a91fbe6360}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1538946994-2881095234-305898846-1005 -> {46B369C5-49CF-42AE-B367-9FE5C0144D94} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\IEExt\ie_plugin.dll [2019-10-28] (Kaspersky Lab -> AO Kaspersky Lab)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2019-08-18] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\IEExt\ie_plugin.dll [2019-10-28] (Kaspersky Lab -> AO Kaspersky Lab)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
======
DownloadDir: C:\Users\Hugo Bustos\Downloads

FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\FFExt\light_plugin_firefox\addon.xpi [2019-09-26]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: synology.com/SurveillanceHelper -> C:\Program Files (x86)\Synology\SurveillanceHelper\1.0.0.5\npSurveillanceHelper_x86_64.dll [2015-04-15] (Synology Inc. -> Synology)
FF Plugin: synology.com/SurveillancePlugin_x86_64 -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.575\npSurveillancePlugin_x86_64.dll [2015-04-15] (Synology Inc. -> Synology)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-08-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-08-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-11] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default [2019-11-25]
CHR Extension: (Presentaciones) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-15]
CHR Extension: (Documentos) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-15]
CHR Extension: (Google Drive) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-15]
CHR Extension: (IBM Security Rapport) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2019-11-15]
CHR Extension: (YouTube) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-15]
CHR Extension: (Adobe Acrobat) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-11-15]
CHR Extension: (Kaspersky Protection) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2019-11-25]
CHR Extension: (Hojas de cálculo) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-15]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-11-15]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-15]
CHR Extension: (Gmail) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-15]
CHR Extension: (Chrome Media Router) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-15]
CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
CHR HKU\S-1-5-21-1538946994-2881095234-305898846-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AVP20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
R2 DptfParticipantDisplayService; C:\WINDOWS\System32\DptfParticipantDisplayService.exe [141944 2014-09-15] (Intel(R) Software -> Intel Corporation)
R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [115656 2014-09-15] (Intel(R) Software -> Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe [116680 2014-09-15] (Intel(R) Software -> Intel Corporation)
R2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [124904 2014-09-15] (Intel(R) Software -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 klvssbridge64_20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\vssbridge64.exe [438928 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE4.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe [619752 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-11-21] (Malwarebytes Inc -> Malwarebytes)
R3 PDF Architect 7; C:\Program Files\PDF Architect 7\ws.exe [2579240 2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 7 Creator; C:\Program Files\PDF Architect 7\creator\common\creator-ws.exe [836904 2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 7 Update Service; C:\Program Files\PDF Architect 7\updater-ws.exe [1825064 2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [3001632 2019-10-06] (IBM -> IBM Corp.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5378320 2019-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2015-02-05] (Synology Inc. -> ) [File not signed]
S3 WD Backup Drive Helper; C:\windows\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Drive Helper; C:\windows\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\windows\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\windows\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-03-22] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [74240 2013-07-05] (Microsoft Windows Hardware Compatibility Publisher -> Alcor Micro, Corp.)
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 DptfDevDisplay; C:\WINDOWS\System32\drivers\DptfDevDisplay.sys [70752 2014-09-15] (Intel(R) Software -> Intel Corporation)
S3 DptfDevDram; C:\WINDOWS\System32\drivers\DptfDevDram.sys [145640 2014-09-15] (Intel(R) Software -> Intel Corporation)
S3 DptfDevFan; C:\WINDOWS\System32\drivers\DptfDevFan.sys [50640 2014-09-15] (Intel(R) Software -> Intel Corporation)
S3 DptfDevGen; C:\WINDOWS\System32\drivers\DptfDevGen.sys [78504 2014-09-15] (Intel(R) Software -> Intel Corporation)
S3 DptfDevPch; C:\WINDOWS\System32\drivers\DptfDevPch.sys [116752 2014-09-15] (Intel(R) Software -> Intel Corporation)
S3 DptfDevPower; C:\WINDOWS\System32\drivers\DptfDevPower.sys [71808 2014-09-15] (Intel(R) Software -> Intel Corporation)
R3 DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [290256 2014-09-15] (Intel(R) Software -> Intel Corporation)
R3 DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [495320 2014-09-15] (Intel(R) Software -> Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2019-11-21] (Malwarebytes Corporation -> Malwarebytes)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31320 2015-07-14] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2019-06-24] (Glarysoft LTD -> Glarysoft Ltd)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. ->  )
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [76624 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [129152 2019-08-02] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [37816 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [251512 2019-10-28] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [516216 2019-09-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1123664 2019-10-17] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\klids.sys [199744 2019-11-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [998016 2019-10-28] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [79184 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45904 2019-03-10] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [48592 2018-03-16] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [251256 2019-10-10] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2019-09-26] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [306248 2019-10-17] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [119744 2019-10-17] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [204520 2019-10-23] (Kaspersky Lab -> AO Kaspersky Lab)
S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [210280 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [232272 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216544 2019-11-21] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-11-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-11-13] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-11-26] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2019-11-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116832 2019-11-22] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 pccsmcfd; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [26112 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [429112 2019-10-06] (IBM -> IBM Corp.)
R1 RapportCerberus_1930415; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1930415.sys [1659544 2019-04-11] (IBM -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [542112 2019-10-06] (IBM -> IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [463408 2019-04-15] (IBM -> IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [610648 2019-04-15] (IBM -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [560568 2019-10-06] (IBM -> IBM Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek Semiconductor Corp -> Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46680 2019-02-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [330936 2019-02-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2019-02-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-26 09:15 - 2019-11-26 09:17 - 000027218 _____ C:\Users\Hugo Bustos\Desktop\FRST.txt
2019-11-26 09:13 - 2019-11-26 09:14 - 000001245 _____ C:\Users\Hugo Bustos\Desktop\JRT.txt
2019-11-26 09:00 - 2019-11-26 09:08 - 000000000 ____D C:\Users\Hugo Bustos\AppData\LocalLow\IGDump
2019-11-26 08:56 - 2019-11-26 08:56 - 000001815 _____ C:\Users\Hugo Bustos\Desktop\AdwCleaner[S05].txt
2019-11-25 17:25 - 2019-11-25 17:25 - 001790024 _____ (Malwarebytes) C:\Users\Hugo Bustos\Downloads\JRT.exe
2019-11-25 17:19 - 2019-11-25 17:20 - 007622344 _____ (Malwarebytes) C:\Users\Hugo Bustos\Downloads\adwcleaner_7.4.2.exe
2019-11-25 17:19 - 2019-11-25 17:20 - 002262016 _____ (Farbar) C:\Users\Hugo Bustos\Downloads\FRST64.exe
2019-11-25 17:16 - 2019-11-25 17:17 - 001790024 _____ (Malwarebytes) C:\Users\Hugo Bustos\Desktop\JRT.exe
2019-11-22 09:40 - 2019-11-26 08:50 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-11-22 09:40 - 2019-11-22 09:40 - 000116832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-11-22 09:26 - 2019-11-26 08:50 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-11-22 09:12 - 2019-11-22 09:12 - 000001160 _____ C:\Users\Hugo Bustos\Desktop\cc_20191122_091230.reg
2019-11-22 08:59 - 2019-11-22 08:59 - 000027038 _____ C:\Users\Hugo Bustos\Desktop\cc_20191122_085939.reg
2019-11-21 14:42 - 2019-11-21 14:42 - 000000000 ____D C:\Users\Hugo Bustos\AppData\Local\cache
2019-11-21 14:41 - 2019-11-21 14:41 - 000216544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-11-20 16:39 - 2019-11-20 16:39 - 000001559 _____ C:\Users\Hugo Bustos\Desktop\Malawarebytes.txt
2019-11-20 10:50 - 2019-11-20 10:52 - 007622344 _____ (Malwarebytes) C:\Users\Hugo Bustos\Desktop\adwcleaner_7.4.2.exe
2019-11-19 15:32 - 2019-11-19 15:32 - 000115398 _____ C:\Users\Hugo Bustos\Documents\bookmarks_19_11_19.html
2019-11-18 13:18 - 2019-11-18 13:19 - 017954184 _____ (Glarysoft Ltd) C:\Users\Hugo Bustos\Downloads\Glary_Utilities_v5.131.0.157.exe
2019-11-18 13:06 - 2019-11-20 17:14 - 000001046 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-11-18 13:06 - 2019-11-18 13:06 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-11-18 13:06 - 2019-11-18 13:06 - 000002892 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-11-18 13:06 - 2019-11-18 13:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-11-18 13:06 - 2019-11-18 13:06 - 000000000 ____D C:\Program Files\CCleaner
2019-11-15 09:59 - 2019-11-20 17:14 - 000000000 ____D C:\Users\Hugo Bustos\AppData\Local\ElevatedDiagnostics
2019-11-15 09:58 - 2019-11-22 09:20 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-11-15 09:20 - 2019-11-22 08:53 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-15 09:20 - 2019-11-22 08:53 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-11-14 16:03 - 2019-11-14 16:03 - 000000741 _____ C:\Users\Hugo Bustos\Desktop\ESET Online Scanner.lnk
2019-11-14 16:02 - 2019-11-14 16:02 - 008166712 _____ (ESET spol. s r.o.) C:\Users\Hugo Bustos\Downloads\esetonlinescanner_esl (2).exe
2019-11-14 16:01 - 2019-11-14 16:02 - 008166712 _____ (ESET spol. s r.o.) C:\Users\Hugo Bustos\Downloads\esetonlinescanner_esl (1).exe
2019-11-13 16:55 - 2019-11-13 16:55 - 000224408 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-11-13 10:26 - 2019-11-13 10:26 - 011724288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2019-11-13 10:26 - 2019-11-13 10:26 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-11-13 10:26 - 2019-11-13 10:26 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-11-13 10:26 - 2019-11-13 10:26 - 003624448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-11-13 10:26 - 2019-11-13 10:26 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-11-13 10:26 - 2019-11-13 10:26 - 001267240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-11-13 10:26 - 2019-11-13 10:26 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-11-13 10:26 - 2019-11-13 10:26 - 001024712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-11-13 10:26 - 2019-11-13 10:26 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2019-11-13 10:26 - 2019-11-13 10:26 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2019-11-13 10:26 - 2019-11-13 10:26 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-11-13 10:26 - 2019-11-13 10:26 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 023455232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 019014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 012960256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 012258816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 007872000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 006547896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 006318328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 006065152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 005770240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 005608336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 004873216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 004661760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 003906560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 003872336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-11-13 10:25 - 2019-11-13 10:25 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 003656792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 003496448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 002918200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-11-13 10:25 - 2019-11-13 10:25 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 002699976 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 002698752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 002628112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-11-13 10:25 - 2019-11-13 10:25 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 002348544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 002072176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 001994976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 001918792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 001677808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 001465472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 001291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-11-13 10:25 - 2019-11-13 10:25 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000808272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-11-13 10:25 - 2019-11-13 10:25 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000661264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-11-13 10:25 - 2019-11-13 10:25 - 000642560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000588816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-11-13 10:25 - 2019-11-13 10:25 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000542320 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000535080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-11-13 10:25 - 2019-11-13 10:25 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000486400 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000481280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-11-13 10:25 - 2019-11-13 10:25 - 000473832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000435512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2019-11-13 10:25 - 2019-11-13 10:25 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-11-13 10:25 - 2019-11-13 10:25 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-11-13 10:25 - 2019-11-13 10:25 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-11-13 10:25 - 2019-11-13 10:25 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000262152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-11-13 10:25 - 2019-11-13 10:25 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-11-13 10:25 - 2019-11-13 10:25 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-11-13 10:25 - 2019-11-13 10:25 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prntvpt.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000112168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2019-11-13 10:25 - 2019-11-13 10:25 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-11-13 10:25 - 2019-11-13 10:25 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usp10.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usp10.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000047616 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compact.exe
2019-11-13 10:25 - 2019-11-13 10:25 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000023768 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
2019-11-13 10:25 - 2019-11-13 10:25 - 000020144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 022137120 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 009667896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-11-13 10:24 - 2019-11-13 10:24 - 006934016 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 005575168 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 004303872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 004049920 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 003637760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-11-13 10:24 - 2019-11-13 10:24 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-11-13 10:24 - 2019-11-13 10:24 - 003333632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 003082752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 002871824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-11-13 10:24 - 2019-11-13 10:24 - 002848768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-11-13 10:24 - 2019-11-13 10:24 - 002050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 001966096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-11-13 10:24 - 2019-11-13 10:24 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 001751432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 001702600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-11-13 10:24 - 2019-11-13 10:24 - 001666440 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 001644544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 001486472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 001473296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-11-13 10:24 - 2019-11-13 10:24 - 001346216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-11-13 10:24 - 2019-11-13 10:24 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 001262592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 001183504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-11-13 10:24 - 2019-11-13 10:24 - 001050112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-11-13 10:24 - 2019-11-13 10:24 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000862008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-11-13 10:24 - 2019-11-13 10:24 - 000834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000811536 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000773208 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000747536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000591160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000465416 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000427832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2019-11-13 10:24 - 2019-11-13 10:24 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-11-13 10:24 - 2019-11-13 10:24 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-11-13 10:24 - 2019-11-13 10:24 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-11-13 10:24 - 2019-11-13 10:24 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-11-13 10:24 - 2019-11-13 10:24 - 000160272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
2019-11-13 10:24 - 2019-11-13 10:24 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2019-11-13 10:24 - 2019-11-13 10:24 - 000120352 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-11-13 10:24 - 2019-11-13 10:24 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-11-13 10:24 - 2019-11-13 10:24 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000086840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-11-13 10:24 - 2019-11-13 10:24 - 000086744 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-11-13 10:24 - 2019-11-13 10:24 - 000071696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-11-13 10:24 - 2019-11-13 10:24 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2019-11-13 10:24 - 2019-11-13 10:24 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\compact.exe
2019-11-13 10:23 - 2019-11-13 10:23 - 007700696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 007656072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 005573232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 004413936 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-11-13 10:23 - 2019-11-13 10:23 - 003576832 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-11-13 10:23 - 2019-11-13 10:23 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 002109960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 001933408 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 001668784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 001538560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2019-11-13 10:23 - 2019-11-13 10:23 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 001294792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-11-13 10:23 - 2019-11-13 10:23 - 001054224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-11-13 10:23 - 2019-11-13 10:23 - 001022464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000888560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000856424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-11-13 10:23 - 2019-11-13 10:23 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-11-13 10:23 - 2019-11-13 10:23 - 000764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000741688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-11-13 10:23 - 2019-11-13 10:23 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-11-13 10:23 - 2019-11-13 10:23 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-11-13 10:23 - 2019-11-13 10:23 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-11-13 10:23 - 2019-11-13 10:23 - 000536320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000514600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000509968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-11-13 10:23 - 2019-11-13 10:23 - 000505640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000462352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000450632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000445752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-11-13 10:23 - 2019-11-13 10:23 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-11-13 10:23 - 2019-11-13 10:23 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000389408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000385848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000213304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-11-13 10:23 - 2019-11-13 10:23 - 000193336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-11-13 10:23 - 2019-11-13 10:23 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000152896 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000141736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-11-13 10:23 - 2019-11-13 10:23 - 000118480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000090632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000087080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-11-13 10:23 - 2019-11-13 10:23 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-11-13 10:23 - 2019-11-13 10:23 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000036368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-11-13 10:23 - 2019-11-13 10:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-11-13 10:23 - 2019-11-13 10:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-11-13 10:23 - 2019-11-13 10:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-11-13 10:23 - 2019-11-13 10:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-11-13 10:23 - 2019-11-13 10:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-11-13 10:23 - 2019-11-13 10:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-11-13 10:23 - 2019-11-13 10:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-11-13 10:23 - 2019-11-13 10:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-11-13 10:23 - 2019-11-13 10:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-11-13 10:22 - 2019-11-13 10:22 - 001258512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-11-13 10:22 - 2019-11-13 10:22 - 001049608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-11-13 10:22 - 2019-11-13 10:22 - 000667664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-11-13 10:22 - 2019-11-13 10:22 - 000520208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-11-13 10:22 - 2019-11-13 10:22 - 000198968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-11-13 10:22 - 2019-11-13 10:22 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvPlatform.dll
2019-11-13 10:22 - 2019-11-13 10:22 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-11-13 10:22 - 2019-11-13 10:22 - 000061480 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2019-11-12 11:45 - 2019-11-12 11:45 - 000037852 _____ C:\Users\Hugo Bustos\Downloads\20125231455_001_00002_00000122.pdf
2019-11-08 08:32 - 2019-11-08 08:32 - 000045774 _____ C:\Users\Hugo Bustos\Downloads\PRD03101$I00532489C20125231455.PDF
2019-11-08 08:31 - 2019-11-08 08:32 - 000045771 _____ C:\Users\Hugo Bustos\Downloads\PRD03101$I00532488C20125231455.PDF
2019-11-06 10:17 - 2019-11-06 10:17 - 000055364 _____ C:\Users\Hugo Bustos\Downloads\NotaAprobacion_FCA00003-00000002.pdf
2019-11-04 12:59 - 2019-11-04 13:00 - 000003689 _____ C:\Users\Hugo Bustos\Downloads\ReciboPago_20191104130001.pdf
2019-11-04 12:57 - 2019-11-04 12:57 - 000089468 _____ C:\Users\Hugo Bustos\Downloads\Comprobante de pago (4).pdf
2019-11-04 10:02 - 2019-11-04 10:02 - 000038535 _____ C:\Users\Hugo Bustos\Downloads\20125231455_001_00002_00000121.pdf
2019-10-29 15:37 - 2019-10-29 15:37 - 000084018 _____ C:\Users\Hugo Bustos\Downloads\bill (8).pdf
2019-10-29 15:37 - 2019-10-29 15:37 - 000083976 _____ C:\Users\Hugo Bustos\Downloads\bill (9).pdf
2019-10-29 15:35 - 2019-10-29 15:35 - 000081653 _____ C:\Users\Hugo Bustos\Downloads\bill (7).pdf
2019-10-29 15:34 - 2019-10-29 15:34 - 000084893 _____ C:\Users\Hugo Bustos\Downloads\bill (6).pdf
2019-10-29 10:26 - 2019-10-29 10:26 - 000038093 _____ C:\Users\Hugo Bustos\Downloads\20125231455_001_00002_00000120.pdf
2019-10-28 09:16 - 2019-10-28 09:16 - 000083829 _____ C:\Users\Hugo Bustos\Downloads\Comprobante de transferencia (4).pdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-26 09:16 - 2018-03-07 10:15 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-11-26 09:15 - 2019-08-29 14:33 - 000000000 ____D C:\FRST
2019-11-26 09:01 - 2018-09-15 04:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-26 08:55 - 2018-10-04 18:00 - 000792058 _____ C:\WINDOWS\system32\perfh00A.dat
2019-11-26 08:55 - 2018-10-04 18:00 - 000157582 _____ C:\WINDOWS\system32\perfc00A.dat
2019-11-26 08:55 - 2018-10-04 13:20 - 001773366 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-26 08:55 - 2018-09-15 04:31 - 000000000 ____D C:\WINDOWS\INF
2019-11-26 08:51 - 2015-04-21 15:37 - 000000000 __SHD C:\Users\Hugo Bustos\IntelGraphicsProfiles
2019-11-26 08:50 - 2019-09-02 11:29 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-11-26 08:50 - 2018-10-04 13:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-11-26 08:50 - 2018-10-04 13:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-11-25 17:47 - 2015-04-25 12:50 - 000000000 ____D C:\Users\Hugo Bustos\Documents\Archivos de Outlook
2019-11-24 11:10 - 2018-09-15 04:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-24 11:10 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-24 11:05 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-11-23 09:48 - 2015-07-14 12:48 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2019-11-22 12:55 - 2018-10-04 13:14 - 000000000 ____D C:\Users\Hugo Bustos
2019-11-22 09:39 - 2018-09-15 03:09 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2019-11-22 09:32 - 2019-09-09 16:02 - 000000000 ____D C:\Users\Hugo Bustos\AppData\Local\Vivaldi
2019-11-21 14:41 - 2019-07-19 09:44 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-11-21 14:41 - 2019-07-19 09:44 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-11-21 14:41 - 2019-07-19 09:44 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-11-20 17:24 - 2019-08-01 16:39 - 000000000 ____D C:\Users\Hugo Bustos\AppData\Local\PDFCreator
2019-11-20 16:57 - 2015-04-27 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Seguridad Terminal
2019-11-20 16:55 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-11-20 16:55 - 2015-04-23 21:59 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-11-20 13:37 - 2019-09-09 16:14 - 000000194 _____ C:\Users\Hugo Bustos\.vivaldi_reporting_data
2019-11-18 14:41 - 2015-04-27 18:40 - 000002283 _____ C:\Users\Hugo Bustos\Documents\chubut.txt
2019-11-18 13:14 - 2014-05-24 04:06 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-11-18 13:14 - 2014-05-24 04:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2019-11-15 09:20 - 2015-04-21 18:16 - 000000000 ____D C:\Users\Hugo Bustos\AppData\Local\Google
2019-11-15 09:20 - 2015-04-21 18:16 - 000000000 ____D C:\Program Files (x86)\Google
2019-11-14 13:02 - 2015-04-27 15:50 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-11-14 12:01 - 2018-11-13 16:44 - 000000000 ____D C:\WINDOWS\Minidump
2019-11-14 11:05 - 2015-04-20 18:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-11-14 10:59 - 2015-04-20 18:31 - 128443096 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-11-13 19:08 - 2015-09-16 08:36 - 000000000 ___RD C:\Users\Hugo Bustos\3D Objects
2019-11-13 19:08 - 2014-12-05 17:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-11-13 16:55 - 2018-10-04 13:11 - 000447664 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-11-13 16:52 - 2018-09-15 04:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-11-13 16:52 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-11-13 16:52 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-11-13 16:52 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-11-13 16:52 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-11-13 16:52 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-11-13 16:52 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-11-13 16:52 - 2018-09-15 03:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-11-13 16:29 - 2015-04-26 19:45 - 000000000 ____D C:\Users\Hugo Bustos\Documents\MS Servicios
2019-11-13 10:37 - 2017-12-13 14:50 - 000000000 ____D C:\Users\Hugo Bustos\AppData\Local\Packages
2019-11-13 10:32 - 2018-09-15 04:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-11-13 10:23 - 2013-08-22 12:44 - 000408802 __RSH C:\bootmgr
2019-11-05 14:20 - 2018-10-04 13:26 - 000003420 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-11-05 14:20 - 2018-10-04 13:26 - 000003296 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-10-30 13:32 - 2018-07-18 17:15 - 000000000 ____D C:\ProgramData\Packages
2019-10-28 09:02 - 2019-08-02 14:27 - 000998016 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2019-10-28 09:02 - 2019-08-02 14:27 - 000251512 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys

==================== Files in the root of some directories ================

2015-04-21 15:37 - 2018-02-27 09:07 - 000000093 _____ () C:\Users\Hugo Bustos\AppData\Roaming\sp_data.sys
2015-04-30 18:17 - 2019-06-07 08:56 - 000000600 _____ () C:\Users\Hugo Bustos\AppData\Roaming\winscp.rnd
2019-06-03 09:40 - 2019-06-03 09:40 - 000000738 _____ () C:\Users\Hugo Bustos\AppData\Local\recently-used.xbel

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2019
Ran by Hugo Bustos (26-11-2019 09:19:06)
Running from C:\Users\Hugo Bustos\Desktop
Windows 10 Pro Version 1809 17763.864 (X64) (2018-10-04 16:28:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1538946994-2881095234-305898846-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1538946994-2881095234-305898846-503 - Limited - Disabled)
Guest (S-1-5-21-1538946994-2881095234-305898846-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1538946994-2881095234-305898846-1009 - Limited - Enabled)
Hugo Bustos (S-1-5-21-1538946994-2881095234-305898846-1005 - Administrator - Enabled) => C:\Users\Hugo Bustos
WDAGUtilityAccount (S-1-5-21-1538946994-2881095234-305898846-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Kaspersky Anti-Virus (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20056 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\{5CA55DFC-2008-460F-B7A7-FB92100C4494}) (Version: 20.4.10117.43857 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\InstallShield_{5CA55DFC-2008-460F-B7A7-FB92100C4494}) (Version: 20.4.10117.43857 - Alcor Micro Corp.)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
Bluefish 2.2.10 (HKLM-x32\...\Bluefish) (Version: 2.2.10 - The Bluefish Developers)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.228 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.6795 - CDBurnerXP)
CDR Viewer (HKLM-x32\...\{37955B24-82BC-4160-A867-285B87E62519}_is1) (Version:  - IdeaMK)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.52 - Conexant)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
ELAN Touchpad 15.8.4.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.8.4.3 - ELAN Microelectronic Corp.)
FILEminimizer Pictures (HKLM-x32\...\FILEminimizer Pictures_is1) (Version:  - balesio AG)
Free PDF Compressor (HKLM-x32\...\{BFA49A14-EC18-4071-BC13-B43043B09222}_is1) (Version:  - freepdfcompressor.com)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Glary Utilities 5.126 (HKLM-x32\...\Glary Utilities 5) (Version: 5.126.0.151 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8610 Ayuda (HKLM-x32\...\{9DE93C21-F8E2-4072-8BE0-9B217452D0AC}) (Version: 32.0.0 - Hewlett Packard)
HP Officejet Pro 8610 Software básico del dispositivo (HKLM\...\{6739DE85-7829-4091-A6D3-E805B9F4C7F4}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Kaspersky Anti-Virus (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky)
Kaspersky Secure Connection (HKLM-x32\...\{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky)
KB4023057 (HKLM\...\{264FDD69-C4DF-476F-B1B8-7DCEE4AF839B}) (Version: 2.4.0.0 - Microsoft Corporation)
LibreCAD (HKLM-x32\...\LibreCAD) (Version: 2.1.3 - LibreCAD Team)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Office Professional Plus 2013 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 15.0.5189.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1538946994-2881095234-305898846-1005\...\OneDriveSetup.exe) (Version: 19.152.0801.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Nokia Suite (HKLM-x32\...\{88B6F9DE-C80F-4A70-ACF6-BEE933679170}) (Version: 3.8.54.0 - Nokia) Hidden
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5189.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5189.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0C0A-0000-0000000FF1CE}) (Version: 15.0.5189.1000 - Microsoft Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Architect 7 (HKLM-x32\...\PDF Architect 7) (Version: 7.0.24.1546 - pdfforge GmbH)
PDF Architect 7 Create Module (HKLM\...\{502EC982-C990-462A-9D80-A1883FF382CD}) (Version: 7.0.26.3193 - pdfforge GmbH) Hidden
PDF Architect 7 Edit Module (HKLM\...\{10217CEF-741F-4547-8B4A-DC64709C5B9E}) (Version: 7.0.26.3193 - pdfforge GmbH) Hidden
PDF Architect 7 View Module (HKLM\...\{224BCD15-4AE2-4791-A9AF-9B61624CD483}) (Version: 7.0.26.3193 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.5.1 - pdfforge GmbH)
PDFsam Basic (HKLM-x32\...\{910EA44E-8446-405D-BFE1-82F562F847D0}) (Version: 3.30.0.0 - Andrea Vacondio)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1930.429 - Trusteer) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SurveillanceHelper (HKLM-x32\...\{F97CB3AB-2D7B-4D22-8E42-C06AEAF66E93}) (Version: 1.0.0.5 - Synology)
SurveillancePlugin (HKLM-x32\...\{690F7D59-3671-476F-8B90-15C1528EB0A9}) (Version: 1.0.0.575 - Synology)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version:  - )
Trusteer Seguridad Terminal (HKLM-x32\...\Rapport_msi) (Version: 3.5.1930.429 - Trusteer)
WD Backup (HKLM-x32\...\{457EB8FA-4E11-48FC-A17B-7E8AD8AA99F2}) (Version: 1.0.5556.3650 - Western Digital Technologies, Inc) Hidden
WD Backup (HKLM-x32\...\{6cbbe2b9-c94a-400c-92cd-14859a8e4808}) (Version: 1.0.5556.3650 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{163952d1-3ca7-4e98-a686-cc0c227c7447}) (Version: 1.2.0.85 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{25A2CD6E-52B2-4F3C-A121-9C3F47634CAF}) (Version: 1.2.0.85 - Western Digital Technologies, Inc.) Hidden
WD Quick View (HKLM-x32\...\{033267BE-C9E6-41F5-8EE7-4BFF9D5E024A}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{b304f1ed-b08a-4d51-882b-fd651777d297}) (Version: 1.2.0.83 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{E673B8B4-6068-4AAB-8E68-2EE751D3EBA9}) (Version: 1.2.0.83 - Western Digital Technologies, Inc.) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9550 - Broadcom Corporation)
Windows Driver Package - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinSCP 5.15.2 (HKLM-x32\...\winscp3_is1) (Version: 5.15.2 - Martin Prikryl)

Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2018-01-08] (WildTangent Games)
ASUS Welcome -> C:\Program Files\WindowsApps\B9ECED6F.ASUSWelcome_1.0.1.0_x64__qmba6cd70vzyy [2018-01-08] (ASUSTeK COMPUTER INC.)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20206.0_x64__8wekyb3d8bbwe [2019-11-20] (Microsoft Corporation) [MS Ad]
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2018-01-08] (Flipboard)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-06-07] (Microsoft Corporation)
GRU. MI VILLANO FAVORITO: Minion Rush -> C:\Program Files\WindowsApps\GAMELOFTSA.DespicableMeMinionRush_4.1.4.1_x86__0pp20fcewvvtj [2019-11-07] (GAMELOFT  SA)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-15] (HP Inc.)
LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_5.20.2.0_x86__8ptj331gd3tyt [2019-11-07] (LINE Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-09] (Microsoft Corporation) [MS Ad]
Microsoft Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-11] (Microsoft Studios) [MS Ad]
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_1.7.10190.0_x86__8wekyb3d8bbwe [2018-11-29] (Microsoft Studios) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-24] (Microsoft Corporation) [MS Ad]
MSN Finanzas -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-18] (Microsoft Corporation) [MS Ad]
MSN Recetas -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2018-01-08] (Microsoft Corporation) [MS Ad]
MSN Salud -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2018-01-08] (Microsoft Corporation) [MS Ad]
MSN Viajes -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2018-01-08] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.0.0.0_x64__a2t3txkz9j1jw [2019-07-26] (MAGIX)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-25] (Netflix, Inc.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-10] (Twitter Inc.)
Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2018-01-08] (Microsoft Corporation) [MS Ad]
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2018-01-08] (Zinio LLC)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\ShellEx.dll [2019-10-28] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [PDFArchitect7_ManagerExt] -> {21989F59-B260-4302-90C3-E51740E03639} => C:\Program Files\PDF Architect 7\context-menu.dll [2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:/Program Files/PDFCreator/PDFCreatorShell.DLL [2018-11-13] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\ShellEx.dll [2019-10-28] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:/Program Files (x86)/Common Files/AWS/2.1.2.301/ASUSWSContextMenu.dll [2014-02-25] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\ShellEx.dll [2019-10-28] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\ShellEx.dll [2019-10-28] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Hugo Bustos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2018-07-18 15:27 - 2018-07-18 15:27 - 000747520 _____ () [File not signed] C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2017-12-13 10:40 - 2019-03-18 12:13 - 000117248 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2018-12-10 10:29 - 2018-12-10 10:29 - 000438272 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\PDF Architect 7\libcurl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 10:25 - 2019-09-02 11:26 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1538946994-2881095234-305898846-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Hugo Bustos\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\100_0221.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: wuauserv => 3
HKLM\...\StartupApproved\Run: => "DptfPolicyLpmServiceHelper"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run32: => "WD Drive Unlocker"
HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"
HKLM\...\StartupApproved\Run32: => "WDAppManager"
HKLM\...\StartupApproved\Run32: => "WD Quick View"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-1538946994-2881095234-305898846-1005\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6B8A3561-F6A3-4837-A359-D5604C585E7F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{66E9B561-7010-4EF4-BB4D-D04710864C3D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{07D9EA06-4103-4B67-A28B-84FF8CFC792A}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E4D80B7D-EAA2-44DA-A273-B1EBA6C6188E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8BE1E17C-6690-4A74-9AC4-161471CC193E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{909EB978-81B6-4F75-81F1-3C41FA8BCEB9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{872B9C28-0127-4ABC-B817-8EE505A7C7B0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

11-11-2019 13:13:57 Scheduled Checkpoint
18-11-2019 15:00:04 Scheduled Checkpoint
25-11-2019 17:12:05 Scheduled Checkpoint
26-11-2019 08:58:41 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/26/2019 09:10:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_DiagTrack, versión: 10.0.17763.1, marca de tiempo: 0xb900eeff
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17763.831, marca de tiempo: 0x1f1a0210
Código de excepción: 0xcfffffff
Desplazamiento de errores: 0x000000000009fc44
Identificador del proceso con errores: 0xd6c
Hora de inicio de la aplicación con errores: 0x01d5a44faed9e714
Ruta de acceso de la aplicación con errores: C:\WINDOWS\System32\svchost.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: 47eb4e41-2777-4eb7-8d18-d98a3d80bd4f
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (11/26/2019 08:50:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ElanTPCfg64.exe, versión: 1.0.81.1, marca de tiempo: 0x530706ae
Nombre del módulo con errores: ETDApi.dll, versión: 11.9.8.1, marca de tiempo: 0x5464772b
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000002485
Identificador del proceso con errores: 0x25c
Hora de inicio de la aplicación con errores: 0x01d5a44fbd20d040
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe
Ruta de acceso del módulo con errores: C:\Program Files\Elantech\ETDApi.dll
Identificador del informe: 1e54370c-05e5-4dbc-bb5b-428748911735
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (11/26/2019 08:50:22 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfParticipantDisplayService
GetDisplayBrightnessFromPowerSettings:  Could not inform driver of current brightness value.

Error: (11/26/2019 08:50:22 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfParticipantDisplayService
SetBrightnessSettingInDriver:  p_handle is NULL.

Error: (11/26/2019 08:50:22 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfParticipantDisplayService
SetDisplayBrightnessViaPowerSettings:  Could not obtain brightness value to set from driver.

Error: (11/26/2019 08:50:22 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfParticipantDisplayService
GetBrightnessSettingFromDriver:  p_handle is NULL.

Error: (11/26/2019 08:50:22 AM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfParticipantDisplayService
ConnectToDptfDisplayDriver:  SetupDiEnumDeviceInterfaces() failed.
Last error = [0x00000103]

Error: (11/25/2019 10:37:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_DiagTrack, versión: 10.0.17763.1, marca de tiempo: 0xb900eeff
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17763.831, marca de tiempo: 0x1f1a0210
Código de excepción: 0xcfffffff
Desplazamiento de errores: 0x000000000009fc44
Identificador del proceso con errores: 0xd8c
Hora de inicio de la aplicación con errores: 0x01d5a2e31cd5214c
Ruta de acceso de la aplicación con errores: C:\WINDOWS\System32\svchost.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: b87dd5bd-19dd-44bc-b94a-2f0010ab6b9f
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


System errors:
=============
Error: (11/26/2019 08:53:48 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/26/2019 08:52:14 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos application-specific no concede el permiso Launch Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.WscBrokerManager
 y APPID 
Unavailable
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (Using LRPC) que se ejecuta en el contenedor de aplicaciones con SID Unavailable (Unavailable). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (11/26/2019 08:52:14 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos application-specific no concede el permiso Launch Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.SecurityAppBroker
 y APPID 
Unavailable
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (Using LRPC) que se ejecuta en el contenedor de aplicaciones con SID Unavailable (Unavailable). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (11/26/2019 08:50:16 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 5:37:35 PM del ‎11/‎25/‎2019 resultó inesperado.

Error: (11/25/2019 05:27:13 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HUGO)
Description: El servidor microsoft.windowscommunicationsapps_16005.12228.20206.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/25/2019 05:19:43 PM) (Source: DCOM) (EventID: 10001) (User: LAPTOP-HUGO)
Description: No se puede iniciar un servidor DCOM: microsoft.windowscommunicationsapps_16005.12228.20206.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca como Unavailable/Unavailable. Error 
"0"
al iniciar este comando:
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20206.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server

Error: (11/25/2019 05:19:42 PM) (Source: DCOM) (EventID: 10001) (User: LAPTOP-HUGO)
Description: No se puede iniciar un servidor DCOM: microsoft.windowscommunicationsapps_16005.12228.20206.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca como Unavailable/Unavailable. Error 
"0"
al iniciar este comando:
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20206.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server

Error: (11/25/2019 05:19:42 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HUGO)
Description: El servidor microsoft.windowscommunicationsapps_16005.12228.20206.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca no se registró con DCOM dentro del tiempo de espera requerido.


Windows Defender:
===================================
Date: 2019-03-22 10:04:58.805
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.287.249.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15700.8
Código de error: 0x8024402c
Descripción del error: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 

Date: 2018-12-13 10:36:24.615
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.263.261.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual: 
Versión de motor anterior: 1.1.14600.4
Código de error: 0x80072efd
Descripción del error: A connection with the server could not be established 

Date: 2018-12-13 10:36:24.614
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.263.261.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual: 
Versión de motor anterior: 1.1.14600.4
Código de error: 0x80072efd
Descripción del error: A connection with the server could not be established 

Date: 2018-12-13 10:36:24.613
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.263.261.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual: 
Versión de motor anterior: 1.1.14600.4
Código de error: 0x80072efd
Descripción del error: A connection with the server could not be established 

Date: 2018-12-13 10:36:21.491
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.263.261.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual: 
Versión de motor anterior: 1.1.14600.4
Código de error: 0x80072efd
Descripción del error: A connection with the server could not be established 

CodeIntegrity:
===================================

Date: 2019-11-26 09:00:23.389
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\WinSCP\DragExt64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-11-26 09:00:23.381
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\WinSCP\DragExt64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-11-26 08:55:09.273
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-11-25 10:25:35.371
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\WinSCP\DragExt64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-11-25 10:25:35.357
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\WinSCP\DragExt64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-11-25 10:22:59.535
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-11-24 13:19:02.906
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\WinSCP\DragExt64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-11-24 13:19:02.890
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\WinSCP\DragExt64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. X455LA.202 10/30/2014
Motherboard: ASUSTeK COMPUTER INC. X455LA
Processor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Percentage of memory in use: 60%
Total physical RAM: 3979.39 MB
Available physical RAM: 1557.45 MB
Total Virtual: 11403.39 MB
Available Virtual: 8704.53 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:211.71 GB) (Free:96.75 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Recovery) (Fixed) (Total:0.5 GB) (Free:0.18 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Restore) (Fixed) (Total:11.27 GB) (Free:11.23 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: E7C45A0F)
Partition 1: (Not Active) - (Size=511 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=211.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Hola.

No parece que tengas problemas muy graves de infecciones y parece más un problema con tu disco duro.

Para verificar como tienes el disco duro de tu equipo, para hacerlo sigue el 3er. MÉTODO: descrito en esta Faq de ayuda ¿Cómo usar CHKDSK para realizar una comprobación del disco?, que es válida también para un Windows 10.

Una vez terminado el proceso, que puede/debe durar bastante rato, debes poner el informe que se habrá guardado por parte de Windows y que tienes que encontrar siguiendo estos pasos ¿Cuándo y cómo usar el visor de eventos (eventvwr.msc)?

Fíjate bien en como es el informe que viene en ese tema, para que busques algo similar y NO pongas cualquier otra cosa.

Nos pones el informe y comentas como sigue el problema del equipo.

Saludos.

Hola Perdón por la demora pero he estado muy ocupado con otros temas. Te adjunto el informe solicitado, te comento que la PC sigue igual. Lo que he notado que los iconos del escritorio aparecen cuando inicio el Explorador de Archivos, pero este se cuelga cuando quiero seleccionar un archivo en particular, al cerrar esta aplicación tanto el escritorio como la barra de tareas se ponen en negro y navegando con las teclas alt tab puedo ir a las otras aplicaciones que estaban abiertas y funcionan.

Nombre de registro:Application
Origen:        Microsoft-Windows-Wininit
Fecha:         27/11/2019 09:07:09 a.m.
Id. del evento:1001
Categoría de la tarea:Ninguno
Nivel:         Información
Palabras clave:Clásico
Usuario:       No disponible
Equipo:        Laptop-Hugo
Descripción:


Checking file system on C:
The type of the file system is NTFS.
Volume label is OS.

One of your disks needs to be checked for consistency. You
may cancel the disk check, but it is strongly recommended
that you continue.
Windows will now check the disk.                         

Stage 1: Examining basic file system structure ...
  617984 file records processed.                                                        


File verification completed.
  21368 large file records processed.                                   


  0 bad file records processed.                                     



Stage 2: Examining file name linkage ...
  3887 reparse records processed.                                      


  801618 index entries processed.                                                       


Index verification completed.
  0 unindexed files scanned.                                        


  0 unindexed files recovered to lost and found.                    


  3887 reparse records processed.                                      



Stage 3: Examining security descriptors ...
Cleaning up 2791 unused index entries from index $SII of file 0x9.
Cleaning up 2791 unused index entries from index $SDH of file 0x9.
Cleaning up 2791 unused security descriptors.
Security descriptor verification completed.
  91818 data files processed.                                           


CHKDSK is verifying Usn Journal...
  36700568 USN bytes processed.                                                           


Usn Journal verification completed.

Stage 4: Looking for bad clusters in user file data ...
  617968 files processed.                                                               


File data verification completed.

Stage 5: Looking for bad, free clusters ...
  25113355 free clusters processed.                                                       


Free space verification is complete.

Windows has scanned the file system and found no problems.
No further action is required.

 221994048 KB total disk space.
 120589064 KB in 314549 files.
    218340 KB in 91819 indexes.
         0 KB in bad sectors.
    733220 KB in use by the system.
     65536 KB occupied by the log file.
 100453424 KB available on disk.

      4096 bytes in each allocation unit.
  55498512 total allocation units on disk.
  25113356 allocation units available on disk.

Internal Info:
00 6e 09 00 2c 33 06 00 c0 58 0b 00 00 00 00 00  .n..,3...X......
c6 0e 00 00 69 00 00 00 00 00 00 00 00 00 00 00  ....i...........

Windows has finished checking your disk.
Please wait while your computer restarts.

Hola.

Pues tampoco parece que sean problemas en tu disco duro.

Intenta actualizar a la ultima version de windows descargando la ultima version que existe de Windows 10, hazlo desde la página oficial y usando el botón azul de “Actualizar ahora” y guardas el ejecutable en tu escritorio.

Luego lo ejecutas pulsando con botón derecho y seleccionando como “Administrador”, sigues TODOS los pasos que se vayan solicitando y después del REINICIO que te pedirá seguirá el proceso de actualizacion de W10 y tras varios REINICIOS más se terminará la instalación de la ultima version de W10(v1909).

Pruebala y nos comentas.

Saludos.

Hola Javier. Bueno actualicé windows y por ahora esta funcionando casi todo bien, el problema que encontré es que no puedo ejecutar el navegador Google Chrome, luego de hacer click en la aplicación esta no se abre, lo hice desde el ícono del escritorio y buscando el ejecutable e intentar abrirlo como administrador pero sin resultado ni mensaje alguno, sí puedo ejecutar internet explorer y edge. También sigo con los dos usuarios al iniciar la máquina y realmente si pudiera hacerlo directamente sin que me pida clave sería lo mejor y sino tratar de eliminar el usuario que apareció últimamente. Saludos

Hola @charito.

Vamos a revisar primero lo del usuario, para hacerlo sigue estos pasos :

Pulsa las teclas "Win + R" y en la ventana que saldrá escribes "control userpasswords2" sin las comillas y pulsamos Intro.

Cuando te aparezca el panel de Cuentas de Usuarios revisa los usuarios que tienes en él y nos dices cuantos son y cuales, pero NO hagas nada hasta comentarnos.

Pon una imagen de esa información Como Insertar una imagen.

Saludos.

Te paso la imagen.

image463×510 17.6 KB

Te comento que cuando inicié la PC quise ejecutar CCleaner y me indicó que Googlo Chrome se está ejecutando y si quería cerrar la aplicación, respondí que si pero después de un rato no logró cerrarlo y luego después de cancelar esto el programa se ejecutó hasta un 3% y quedó congelado.

Hola.

Unas preguntas, TU puedes acceder a esos dos usuarios en el momento de la identificación o inicio del sistema…??

Te sabes además las contraseñas(si existiesen) de esos dos usuarios…??

Has accedido con cualquiera de los dos al sistema y tienes-notas alguna diferencia en ele quipo…??

Mirá solo he podido ingresar con el que está resaltado de azul en la imagen, del otro usuario no se ni siquiera la contraseña. Solo sé la contraseña del que utilizo.

Y cómo diferencias TU entre uno y otro…??

Los dos son exactamente iguales en cuanto a “Nombre”…??

Porque el que yo uso tiene una imagen y además la contraseña solo funciona en ese perfil.

Perfecto… pero insisto, en la imagen que pusiste del “Panel de Cuentas de Usuario” que YO vea NO se ve esa imagen con la que TÚ diferencias y por lo tanto YO NO veo diferencia entre ellos.

Te lo digo porque lo que quiero proponerte que hagas, es que elimines el usuario que NO corresponda con el tuyo… pero NO quiero que NOS equivoquemos y eliminemos el que NO és y luego NO puedas acceder a TU equipo.

Evidentemente por lo que veo, ese usuario que tienes “marcado” en azul NO tiene habilitada la opción de “Quitar” y eso ocurre cuando el usuario es el “activo” con el que estás identificado, siempre que TODO fuese como normalmente es, que en tu caso NO parece que lo sea.

Pero por otra parte tampoco tienes operativas las opciones de “Agregar” y la de “Propiedades” y teóricamente, al menos, la de “Agregar” debería estar habilitada y NO en “gris”, y la de “Propiedades” también debería estar activa.

Otra opción que puedes verificar es consultando los “Perfiles de Usuario” para ver que nos aparece en esa parte, para hacerlo sigue estos pasos :

Pulsa las teclas "Win + R" y en la ventana que saldrá escribes "SYSDM.CPL" sin las comillas y pulsamos Intro.

Cuando te aparezca la ventana de Propiedades del sistema pulsas en la pestaña de “Opciones avanzadas” y después en el botón de “Configuración” del apartado “Perfiles de usuario”.

Agranda-Desplaza o Estira el texto del nombre del usuario para que se pueda visualizar completo y luego nos pones una imagen de esa ventana Como Insertar una imagen.

Saludos.