Hola, buen día hace unos días que mi máquina se ha puesto bastante lenta, alguien me puede dar una mano por favor. Desde ya muchas gracias.
1 me gusta
Hola @charito
Vamos a ver si tiene infecciones.
Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:
1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.
- Realiza un Análisis personalizado, actualizando si te lo pide.
- Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
- En el apartado del manual Informes
Informe de análisis encontrarás el reporte de MBAM, clic en Exportar Copiar al portapapeles.
2) Descarga AdwCleaner | InfoSpyware en el escritorio.
- Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus.
- Cierra también todos los programas que tengas abiertos.
- Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
- Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
- Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
- Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
- El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt
3) Descarga CCleaner
- Instala Ccleaner
- Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine clic en ejecutar limpiador
- Clic en la pestaña Registro clic en buscar problemas esperas que termine clic en Reparar Seleccionadas y haces una copia de seguridad
- Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.
Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.
Un saludo
1 me gusta
Hola Daniela, gracias por responder, te comento que tengo instalado Malwarebytes Premiun y se ejecuta diariamente. Te copio los informes y tengo en suspenso esperando tu respuesta la colocación en cuarentena los progames detectados por AdwCleaner.
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 6/8/19
Hora del análisis: 13:59
Archivo de registro: 8749172c-b86b-11e9-a767-f079598187f9.json
-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.11886
Licencia: Premium
-Información del sistema-
SO: Windows 10 (Build 17763.615)
CPU: x64
Sistema de archivos: NTFS
Usuario: System
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Programador de tareas
Resultado: Completado
Objetos analizados: 333799
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 40 min, 41 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 0
(No hay elementos maliciosos detectados)
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-08-07.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-07-2019
# Duration: 00:00:58
# OS: Windows 10 Pro
# Scanned: 35883
# Detected: 38
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Preinstalled Software ] *****
Preinstalled.ASUSLiveUpdate
Preinstalled.ASUSProductRegistration
Preinstalled.ASUSScreenSaver
Preinstalled.ASUSSmartGesture
Preinstalled.ASUSSplendid
Preinstalled.ASUSSupport
Preinstalled.ASUSWebStorage
Preinstalled.SamsungSmartSwitch
Preinstalled.WildTangentGamesBundle
AdwCleaner[S00].txt - [1241 octets] - [03/07/2018 15:23:00]
AdwCleaner[S01].txt - [1310 octets] - [15/11/2018 17:23:21]
AdwCleaner[S02].txt - [1371 octets] - [14/12/2018 12:02:00]
AdwCleaner[S03].txt - [1432 octets] - [12/04/2019 11:01:47]
AdwCleaner[S04].txt - [1493 octets] - [26/04/2019 12:11:15]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########
Hola
Por lo general, esos son programas que vienen preinstalados en los equipos y la mayoría no sirven para nada, pero ahí tienes que decidir tu si quieres o no eliminarlos, revisa el manual y lee el apartado de “Analizar y limpiar”.
Comenta como sigue el funcionamiento del equipo.
Un saludo
Daniela, la máquina sigue muy lenta.
Hola
Descarga Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1] ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]
- Ejecuta FRST.exe.
- En el mensaje de la ventana del Disclaimer, pulsamos Yes
- En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
- Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.
Pon los dos reportes generados.
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).
Un saludo
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-08-2019
Ran by Hugo Bustos (administrator) on LAPTOP-HUGO (ASUSTeK COMPUTER INC. X455LA) (12-08-2019 12:15:51)
Running from C:\Users\Hugo Bustos\Desktop
Loaded Profiles: Hugo Bustos & (Available Profiles: Hugo Bustos)
Platform: Windows 10 Pro Version 1809 17763.615 (X64) Language: Inglés (Estados Unidos)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUS Cloud Corporation) [File not signed] C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportHelper.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfParticipantDisplayService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avpui.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\excel.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19071.866.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\creator\common\creator-ws.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\updater-ws.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\ws.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Synology Inc. -> ) [File not signed] C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111488 2014-09-15] (Intel(R) Software -> Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1538946994-2881095234-305898846-1005\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2019-08-04] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-1538946994-2881095234-305898846-1005\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1538946994-2881095234-305898846-1005\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [221184 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1538946994-2881095234-305898846-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08122019100005662\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2019-08-04] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-1538946994-2881095234-305898846-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08122019100005662\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1538946994-2881095234-305898846-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08122019100005662\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Hugo Bustos\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-1538946994-2881095234-305898846-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08122019100005662\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Hugo Bustos\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-1538946994-2881095234-305898846-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08122019100005662\...\RunOnce: [Uninstall 19.103.0527.0003\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Hugo Bustos\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64"
HKU\S-1-5-21-1538946994-2881095234-305898846-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08122019100005662\...\RunOnce: [Uninstall 19.103.0527.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Hugo Bustos\AppData\Local\Microsoft\OneDrive\19.103.0527.0003"
HKU\S-1-5-21-1538946994-2881095234-305898846-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08122019100005662\...\RunOnce: [Application Restart #0] => C:\Program Files\Microsoft Office 15\root\office15\excel.exe [25752152 2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1538946994-2881095234-305898846-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08122019100005662\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [221184 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-09] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2014-03-19] (Broadcom Corporation -> Broadcom Corporation.)
BootExecute: autocheck autochk *
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04235D5A-1C86-4F83-8DF5-DCB1D71B6AC8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {51E848B4-7873-4C8D-9AF2-9A0479510764} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [31232 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
Task: {626F503C-A88E-4CDC-9830-2C37B6359E51} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-21] (Google Inc -> Google Inc.)
Task: {68325FF7-616A-430D-AB6F-50B0AE887A0F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-21] (Google Inc -> Google Inc.)
Task: {68E4508B-84ED-4F46-B3F7-15AB2411DDAD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {6B4626D5-A7DD-43D2-BCC3-6BF202D1FF0C} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [915960 2019-08-04] (Glarysoft LTD -> Glarysoft Ltd)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8FBC4EB5-AB95-4659-BD96-B7CC8B31ED50} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {A4FC1553-0033-4AA6-B9C4-7F1CFA6A62B5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [292952 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {BFFE81D9-F354-45E8-B293-0F0B7A8F31B5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {C29F81D9-75AF-47D2-8AD0-31EB9956DC2E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C34D709B-FFA7-485F-8EA8-58F71A8E159B} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18400 2017-03-09] (ASUSTeK Computer Inc. -> AsusTek)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {DB9A4131-59C2-4862-A84D-00F7DC2451E4} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [136688 2019-08-04] (Glarysoft LTD -> Glarysoft Ltd)
Task: {FB2CD860-2DFA-423B-BF27-EF8340EED87D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [292952 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{141ca94c-4ed2-4cad-a28a-334eb6b465be}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{76060e0a-922c-455f-9044-02e21b061103}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{d235bf04-00d1-4006-807c-39a91fbe6360}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: PDF Architect 7 Helper -> {2B035CAB-1F3D-4DE6-A32D-39B9E5F456D0} -> C:\Program Files\PDF Architect 7\creator\plugins\IEAddin\creator-ie-helper.dll [2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\IEExt\ie_plugin.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
BHO-x32: PDF Architect 7 Helper -> {2B035CAB-1F3D-4DE6-A32D-39B9E5F456D0} -> C:\Program Files (x86)\PDF Architect 7\creator\plugins\IEAddin\creator-ie-helper.dll [2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-08-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-08-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\IEExt\ie_plugin.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\IEExt\ie_plugin.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM - PDF Architect 7 Toolbar - {61E612A7-2382-4570-8D3F-42BC136DDAD7} - C:\Program Files\PDF Architect 7\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\IEExt\ie_plugin.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 - PDF Architect 7 Toolbar - {61E612A7-2382-4570-8D3F-42BC136DDAD7} - C:\Program Files (x86)\PDF Architect 7\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\Hugo Bustos\Downloads
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-04-18]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: synology.com/SurveillanceHelper -> C:\Program Files (x86)\Synology\SurveillanceHelper\1.0.0.5\npSurveillanceHelper_x86_64.dll [2015-04-15] (Synology Inc. -> Synology)
FF Plugin: synology.com/SurveillancePlugin_x86_64 -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.575\npSurveillancePlugin_x86_64.dll [2015-04-15] (Synology Inc. -> Synology)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-08-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-08-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.com.ar/"
CHR Profile: C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default [2019-08-12]
CHR Extension: (Kaspersky Protection) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2018-11-27]
CHR Extension: (IBM Security Rapport) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2019-07-22]
CHR Extension: (Adobe Acrobat) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-11]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Contenido de la Wiki) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfpamepopfjpfpincgclmohmimnaanf [2019-02-19]
CHR Extension: (Chrome Media Router) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-10]
CHR Profile: C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-07]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKU\S-1-5-21-1538946994-2881095234-305898846-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1538946994-2881095234-305898846-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08122019100005662\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [File not signed]
R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avp.exe [619640 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
R2 DptfParticipantDisplayService; C:\WINDOWS\System32\DptfParticipantDisplayService.exe [141944 2014-09-15] (Intel(R) Software -> Intel Corporation)
R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [115656 2014-09-15] (Intel(R) Software -> Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe [116680 2014-09-15] (Intel(R) Software -> Intel Corporation)
R2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [124904 2014-09-15] (Intel(R) Software -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\vssbridge64.exe [414352 2018-12-08] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R3 PDF Architect 7; C:\Program Files\PDF Architect 7\ws.exe [2579240 2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 7 Creator; C:\Program Files\PDF Architect 7\creator\common\creator-ws.exe [836904 2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 7 Update Service; C:\Program Files\PDF Architect 7\updater-ws.exe [1825064 2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [5274560 2019-04-15] (IBM -> IBM Corp.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5356848 2019-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2015-02-05] (Synology Inc. -> ) [File not signed]
S3 WD Backup Drive Helper; C:\windows\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Drive Helper; C:\windows\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\windows\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\windows\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-03-22] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [74240 2013-07-05] (Microsoft Windows Hardware Compatibility Publisher -> Alcor Micro, Corp.)
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 DptfDevDisplay; C:\WINDOWS\System32\drivers\DptfDevDisplay.sys [70752 2014-09-15] (Intel(R) Software -> Intel Corporation)
S3 DptfDevDram; C:\WINDOWS\System32\drivers\DptfDevDram.sys [145640 2014-09-15] (Intel(R) Software -> Intel Corporation)
S3 DptfDevFan; C:\WINDOWS\System32\drivers\DptfDevFan.sys [50640 2014-09-15] (Intel(R) Software -> Intel Corporation)
S3 DptfDevGen; C:\WINDOWS\System32\drivers\DptfDevGen.sys [78504 2014-09-15] (Intel(R) Software -> Intel Corporation)
S3 DptfDevPch; C:\WINDOWS\System32\drivers\DptfDevPch.sys [116752 2014-09-15] (Intel(R) Software -> Intel Corporation)
S3 DptfDevPower; C:\WINDOWS\System32\drivers\DptfDevPower.sys [71808 2014-09-15] (Intel(R) Software -> Intel Corporation)
R3 DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [290256 2014-09-15] (Intel(R) Software -> Intel Corporation)
R3 DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [495320 2014-09-15] (Intel(R) Software -> Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31320 2015-07-14] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2019-06-24] (Glarysoft LTD -> Glarysoft Ltd)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [19976 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> )
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [75600 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [126288 2019-08-08] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [91472 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29208 2017-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [236672 2019-08-08] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1093240 2019-08-08] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [197760 2019-07-11] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1168000 2019-08-08] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [58704 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [60536 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [60784 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50304 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [46416 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [245272 2019-04-25] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [302368 2019-04-25] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [116104 2019-04-25] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [198768 2019-05-06] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [104576 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [184960 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [218240 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-07-19] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-08-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-08-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-08-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116112 2019-08-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 pccsmcfd; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [26112 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [503000 2019-04-15] (IBM -> IBM Corp.)
R1 RapportCerberus_1930415; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1930415.sys [1659544 2019-04-11] (IBM -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [727000 2019-04-15] (IBM -> IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [463408 2019-04-15] (IBM -> IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [610648 2019-04-15] (IBM -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [766616 2019-04-15] (IBM -> IBM Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek Semiconductor Corp -> Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46680 2019-02-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [330936 2019-02-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2019-02-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-12 12:15 - 2019-08-12 12:20 - 000039985 _____ C:\Users\Hugo Bustos\Desktop\FRST.txt
2019-08-12 12:05 - 2019-08-12 12:05 - 002097664 _____ (Farbar) C:\Users\Hugo Bustos\Desktop\FRST64.exe
2019-08-11 12:11 - 2019-08-11 12:11 - 000038351 _____ C:\Users\Hugo Bustos\Downloads\20125231455_001_00002_00000111 (1).pdf
2019-08-11 12:09 - 2019-08-11 12:10 - 000038351 _____ C:\Users\Hugo Bustos\Downloads\20125231455_001_00002_00000111.pdf
2019-08-09 15:25 - 2019-08-09 15:25 - 000038366 _____ C:\Users\Hugo Bustos\Downloads\20125231455_001_00002_00000110.pdf
2019-08-08 12:06 - 2019-08-08 12:06 - 000081653 _____ C:\Users\Hugo Bustos\Downloads\bill (5).pdf
2019-08-08 11:35 - 2019-08-08 11:35 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-08-08 11:35 - 2019-08-08 11:35 - 000224408 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-08-08 11:35 - 2019-08-08 11:35 - 000116112 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-08-08 11:35 - 2019-08-08 11:35 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-08-07 12:06 - 2019-08-07 12:07 - 007623880 _____ (Malwarebytes) C:\Users\Hugo Bustos\Desktop\adwcleaner_7.4.exe
2019-08-07 10:29 - 2019-08-07 10:29 - 000003690 _____ C:\Users\Hugo Bustos\Downloads\ReciboPago_20190807102913.pdf
2019-08-07 09:51 - 2019-08-07 09:51 - 000059292 _____ C:\Users\Hugo Bustos\Documents\cc_20190807_095100.reg
2019-08-06 12:18 - 2019-08-06 12:18 - 000038359 _____ C:\Users\Hugo Bustos\Downloads\20125231455_001_00002_00000109.pdf
2019-08-06 12:08 - 2019-08-06 12:08 - 000084602 _____ C:\Users\Hugo Bustos\Downloads\Comprobante de transferencia (3).pdf
2019-08-06 09:32 - 2019-08-06 09:32 - 000084147 _____ C:\Users\Hugo Bustos\Downloads\Comprobante de transferencia (2).pdf
2019-08-05 15:46 - 2019-08-05 15:46 - 000003690 _____ C:\Users\Hugo Bustos\Downloads\ReciboPago_20190805154651.pdf
2019-08-05 15:31 - 2019-08-05 15:31 - 000089738 _____ C:\Users\Hugo Bustos\Downloads\Comprobante de pago (3).pdf
2019-08-05 09:31 - 2019-08-05 09:33 - 017803992 _____ (Glarysoft Ltd) C:\Users\Hugo Bustos\Downloads\Glary_Utilities_v5.125.0.150.exe
2019-08-05 09:26 - 2019-08-05 09:26 - 000000000 ____D C:\Users\Hugo Bustos\AppData\Local\OneDrive
2019-08-02 12:54 - 2019-08-02 12:54 - 000000000 ____D C:\Users\Hugo Bustos\AppData\Roaming\Sun
2019-08-02 12:51 - 2019-08-02 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-08-02 12:51 - 2019-08-02 12:50 - 000098288 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2019-08-02 12:49 - 2019-08-02 12:49 - 000000000 ____D C:\Program Files (x86)\Java
2019-08-02 12:40 - 2019-08-02 12:41 - 002065880 _____ (Oracle Corporation) C:\Users\Hugo Bustos\Downloads\JavaSetup8u221.exe
2019-08-01 16:39 - 2019-08-02 09:23 - 000000000 ____D C:\Users\Hugo Bustos\AppData\Local\PDFCreator
2019-08-01 16:36 - 2019-08-01 16:36 - 000000879 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2019-08-01 16:36 - 2019-08-01 16:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2019-08-01 16:08 - 2019-08-01 16:11 - 037512960 _____ (pdfforge GmbH) C:\Users\Hugo Bustos\Downloads\PDFCreator-3_5_1-Setup.exe
2019-07-30 09:50 - 2019-07-30 09:50 - 002480733 _____ C:\Users\Hugo Bustos\Downloads\60016060_iges.zip
2019-07-30 09:50 - 2019-07-30 09:50 - 002224416 _____ C:\Users\Hugo Bustos\Downloads\60016060_step.zip
2019-07-22 15:25 - 2019-07-22 15:26 - 000045778 _____ C:\Users\Hugo Bustos\Downloads\PRD03101$I00520912C20125231455 (2).PDF
2019-07-22 15:24 - 2019-07-22 15:24 - 000048049 _____ C:\Users\Hugo Bustos\Downloads\PRD03101$G00169826C20125231455 (1).PDF
2019-07-22 15:24 - 2019-07-22 15:24 - 000045778 _____ C:\Users\Hugo Bustos\Downloads\PRD03101$I00520912C20125231455 (1).PDF
2019-07-22 09:46 - 2019-07-22 09:47 - 017765208 _____ (Glarysoft Ltd) C:\Users\Hugo Bustos\Downloads\Glary_Utilities_v5.124.0.149.exe
2019-07-19 09:45 - 2019-07-19 09:45 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-07-19 09:44 - 2019-07-19 09:44 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-19 09:44 - 2019-07-19 09:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-19 09:44 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-07-19 09:44 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-07-17 11:32 - 2019-07-17 11:32 - 000089297 _____ C:\Users\Hugo Bustos\Downloads\Comprobante de pago (2).pdf
2019-07-17 09:35 - 2019-07-17 09:37 - 020891464 _____ (Piriform Software Ltd) C:\Users\Hugo Bustos\Downloads\ccsetup560.exe
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-12 12:15 - 2018-02-22 19:22 - 000000000 ____D C:\FRST
2019-08-12 12:07 - 2018-03-07 10:15 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-08-12 12:05 - 2018-09-15 04:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-12 11:20 - 2018-10-04 13:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-12 10:08 - 2015-04-25 12:50 - 000000000 ____D C:\Users\Hugo Bustos\Documents\Archivos de Outlook
2019-08-12 10:04 - 2015-07-14 12:48 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2019-08-12 10:01 - 2018-07-05 15:44 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-08-12 10:01 - 2018-05-03 15:38 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2019-08-12 10:01 - 2015-04-21 15:37 - 000000000 __SHD C:\Users\Hugo Bustos\IntelGraphicsProfiles
2019-08-11 11:09 - 2015-08-11 16:57 - 000000000 ___RD C:\Users\Hugo Bustos\OneDrive
2019-08-11 11:08 - 2018-10-04 13:35 - 000003382 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1538946994-2881095234-305898846-1005
2019-08-11 11:08 - 2018-10-04 13:14 - 000002460 _____ C:\Users\Hugo Bustos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-08-11 11:07 - 2018-09-15 04:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-11 11:07 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-09 17:35 - 2018-09-15 03:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-08-09 17:22 - 2015-04-26 19:45 - 000000000 ____D C:\Users\Hugo Bustos\Documents\MS Servicios
2019-08-09 12:07 - 2017-12-13 14:50 - 000000000 ____D C:\Users\Hugo Bustos\AppData\Local\Packages
2019-08-09 09:16 - 2015-04-21 19:22 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-08 12:33 - 2019-04-09 14:55 - 000000000 ____D C:\Users\Hugo Bustos\Documents\Luma
2019-08-08 12:15 - 2018-10-04 13:26 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-08-08 11:39 - 2018-10-04 18:00 - 000791848 _____ C:\WINDOWS\system32\perfh00A.dat
2019-08-08 11:39 - 2018-10-04 18:00 - 000157372 _____ C:\WINDOWS\system32\perfc00A.dat
2019-08-08 11:39 - 2018-10-04 13:20 - 001773362 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-08 11:39 - 2018-09-15 04:31 - 000000000 ____D C:\WINDOWS\INF
2019-08-08 11:38 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\Registration
2019-08-08 11:34 - 2018-10-04 13:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-08 11:34 - 2018-09-15 03:09 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2019-08-08 11:33 - 2018-07-03 15:20 - 000000000 ____D C:\AdwCleaner
2019-08-08 11:33 - 2015-11-03 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2019-08-08 11:33 - 2015-11-03 18:23 - 000000000 ____D C:\Users\Hugo Bustos\AppData\Roaming\Samsung
2019-08-08 11:33 - 2015-11-03 18:23 - 000000000 ____D C:\Program Files (x86)\Samsung
2019-08-08 11:08 - 2015-06-30 10:27 - 000000000 ____D C:\Users\Hugo Bustos\AppData\Roaming\FILEminimizerPictures
2019-08-08 09:45 - 2018-05-03 12:46 - 001168000 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2019-08-08 09:45 - 2018-05-03 12:46 - 000236672 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2019-08-08 09:45 - 2017-12-24 04:59 - 000126288 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klbackupflt.sys
2019-08-08 09:42 - 2017-12-24 04:59 - 001093240 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2019-08-08 09:42 - 2017-12-24 04:59 - 000151768 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\klhkum.dll
2019-08-07 10:56 - 2014-12-05 08:41 - 000000000 ____D C:\ProgramData\McAfee
2019-08-07 10:44 - 2015-11-23 08:55 - 000000000 ____D C:\Program Files\7-Zip
2019-08-07 09:49 - 2019-05-30 16:27 - 000000000 ____D C:\Program Files\PDFCreator
2019-08-05 09:37 - 2018-10-04 13:26 - 000003288 _____ C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2019-08-05 09:37 - 2018-10-04 13:26 - 000003046 _____ C:\WINDOWS\System32\Tasks\GU5SkipUAC
2019-08-05 09:37 - 2015-07-14 12:48 - 000001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2019-08-05 09:37 - 2015-07-14 12:48 - 000001151 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2019-07-23 15:23 - 2018-11-13 16:44 - 000000000 ____D C:\WINDOWS\Minidump
2019-07-19 09:44 - 2018-09-15 04:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-07-17 09:54 - 2018-10-04 13:26 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-07-17 09:54 - 2017-05-24 16:39 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
==================== Files in the root of some directories ================
2015-04-21 15:37 - 2018-02-27 09:07 - 000000093 _____ () C:\Users\Hugo Bustos\AppData\Roaming\sp_data.sys
2015-04-30 18:17 - 2019-06-07 08:56 - 000000600 _____ () C:\Users\Hugo Bustos\AppData\Roaming\winscp.rnd
2019-06-03 09:40 - 2019-06-03 09:40 - 000000738 _____ () C:\Users\Hugo Bustos\AppData\Local\recently-used.xbel
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-08-2019
Ran by Hugo Bustos (12-08-2019 12:25:03)
Running from C:\Users\Hugo Bustos\Desktop
Windows 10 Pro Version 1809 17763.615 (X64) (2018-10-04 16:28:29)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1538946994-2881095234-305898846-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1538946994-2881095234-305898846-503 - Limited - Disabled)
Guest (S-1-5-21-1538946994-2881095234-305898846-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1538946994-2881095234-305898846-1009 - Limited - Enabled)
Hugo Bustos (S-1-5-21-1538946994-2881095234-305898846-1005 - Administrator - Enabled) => C:\Users\Hugo Bustos
WDAGUtilityAccount (S-1-5-21-1538946994-2881095234-305898846-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Kaspersky Anti-Virus (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\{5CA55DFC-2008-460F-B7A7-FB92100C4494}) (Version: 20.4.10117.43857 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{5CA55DFC-2008-460F-B7A7-FB92100C4494}) (Version: 20.4.10117.43857 - Alcor Micro Corp.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.1 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.02.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
Bluefish 2.2.10 (HKLM-x32\...\Bluefish) (Version: 2.2.10 - The Bluefish Developers)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.228 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.6795 - CDBurnerXP)
CDR Viewer (HKLM-x32\...\{37955B24-82BC-4160-A867-285B87E62519}_is1) (Version: - IdeaMK)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.52 - Conexant)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
ELAN Touchpad 15.8.4.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.8.4.3 - ELAN Microelectronic Corp.)
FILEminimizer Pictures (HKLM-x32\...\FILEminimizer Pictures_is1) (Version: - balesio AG)
Free PDF Compressor (HKLM-x32\...\{BFA49A14-EC18-4071-BC13-B43043B09222}_is1) (Version: - freepdfcompressor.com)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Glary Utilities 5.125 (HKLM-x32\...\Glary Utilities 5) (Version: 5.125.0.150 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.100 - Google LLC)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8610 Ayuda (HKLM-x32\...\{9DE93C21-F8E2-4072-8BE0-9B217452D0AC}) (Version: 32.0.0 - Hewlett Packard)
HP Officejet Pro 8610 Software básico del dispositivo (HKLM\...\{6739DE85-7829-4091-A6D3-E805B9F4C7F4}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Kaspersky Anti-Virus (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
KB4023057 (HKLM\...\{264FDD69-C4DF-476F-B1B8-7DCEE4AF839B}) (Version: 2.4.0.0 - Microsoft Corporation)
LibreCAD (HKLM-x32\...\LibreCAD) (Version: 2.1.3 - LibreCAD Team)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office Professional Plus 2013 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 15.0.5145.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1538946994-2881095234-305898846-1005\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1538946994-2881095234-305898846-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08122019100005662\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Nokia Suite (HKLM-x32\...\{88B6F9DE-C80F-4A70-ACF6-BEE933679170}) (Version: 3.8.54.0 - Nokia) Hidden
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5145.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5145.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0C0A-0000-0000000FF1CE}) (Version: 15.0.5145.1001 - Microsoft Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Architect 7 (HKLM-x32\...\PDF Architect 7) (Version: 7.0.24.1546 - pdfforge GmbH)
PDF Architect 7 Create Module (HKLM\...\{502EC982-C990-462A-9D80-A1883FF382CD}) (Version: 7.0.26.3193 - pdfforge GmbH) Hidden
PDF Architect 7 Edit Module (HKLM\...\{10217CEF-741F-4547-8B4A-DC64709C5B9E}) (Version: 7.0.26.3193 - pdfforge GmbH) Hidden
PDF Architect 7 View Module (HKLM\...\{224BCD15-4AE2-4791-A9AF-9B61624CD483}) (Version: 7.0.26.3193 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.5.1 - pdfforge GmbH)
PDFsam Basic (HKLM-x32\...\{910EA44E-8446-405D-BFE1-82F562F847D0}) (Version: 3.30.0.0 - Andrea Vacondio)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1930.429 - Trusteer) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SurveillanceHelper (HKLM-x32\...\{F97CB3AB-2D7B-4D22-8E42-C06AEAF66E93}) (Version: 1.0.0.5 - Synology)
SurveillancePlugin (HKLM-x32\...\{690F7D59-3671-476F-8B90-15C1528EB0A9}) (Version: 1.0.0.575 - Synology)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
Trusteer Seguridad Terminal (HKLM-x32\...\Rapport_msi) (Version: 3.5.1930.429 - Trusteer)
WD Backup (HKLM-x32\...\{457EB8FA-4E11-48FC-A17B-7E8AD8AA99F2}) (Version: 1.0.5556.3650 - Western Digital Technologies, Inc) Hidden
WD Backup (HKLM-x32\...\{6cbbe2b9-c94a-400c-92cd-14859a8e4808}) (Version: 1.0.5556.3650 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{163952d1-3ca7-4e98-a686-cc0c227c7447}) (Version: 1.2.0.85 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{25A2CD6E-52B2-4F3C-A121-9C3F47634CAF}) (Version: 1.2.0.85 - Western Digital Technologies, Inc.) Hidden
WD Quick View (HKLM-x32\...\{033267BE-C9E6-41F5-8EE7-4BFF9D5E024A}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{b304f1ed-b08a-4d51-882b-fd651777d297}) (Version: 1.2.0.83 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{E673B8B4-6068-4AAB-8E68-2EE751D3EBA9}) (Version: 1.2.0.83 - Western Digital Technologies, Inc.) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.2.301 - ASUS Cloud Corporation)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9550 - Broadcom Corporation)
Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinSCP 5.15.2 (HKLM-x32\...\winscp3_is1) (Version: 5.15.2 - Martin Prikryl)
Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2018-01-08] (WildTangent Games)
ASUS Welcome -> C:\Program Files\WindowsApps\B9ECED6F.ASUSWelcome_1.0.1.0_x64__qmba6cd70vzyy [2018-01-08] (ASUSTeK COMPUTER INC.)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2018-01-08] (Flipboard)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-06-07] (Microsoft Corporation)
GRU. MI VILLANO FAVORITO: Minion Rush -> C:\Program Files\WindowsApps\GAMELOFTSA.DespicableMeMinionRush_4.1.3.10_x86__0pp20fcewvvtj [2019-05-31] (GAMELOFT SA)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-07-22] (HP Inc.)
LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_5.18.3.0_x86__8ptj331gd3tyt [2019-08-08] (LINE Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-09] (Microsoft Corporation) [MS Ad]
Microsoft Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-18] (Microsoft Studios) [MS Ad]
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_1.7.10190.0_x86__8wekyb3d8bbwe [2018-11-29] (Microsoft Studios) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
MSN Finanzas -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-18] (Microsoft Corporation) [MS Ad]
MSN Recetas -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2018-01-08] (Microsoft Corporation) [MS Ad]
MSN Salud -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2018-01-08] (Microsoft Corporation) [MS Ad]
MSN Viajes -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2018-01-08] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.0.0.0_x64__a2t3txkz9j1jw [2019-07-26] (MAGIX)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-06-28] (Netflix, Inc.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-10] (Twitter Inc.)
Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2018-01-08] (Microsoft Corporation) [MS Ad]
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2018-01-08] (Zinio LLC)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\ShellEx.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [PDFArchitect7_ManagerExt] -> {21989F59-B260-4302-90C3-E51740E03639} => C:\Program Files\PDF Architect 7\context-menu.dll [2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:/Program Files/PDFCreator/PDFCreatorShell.DLL [2018-11-13] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\ShellEx.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:/Program Files (x86)/Common Files/AWS/2.1.2.301/ASUSWSContextMenu.dll [2014-02-25] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\ShellEx.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\ShellEx.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-06-02 15:51 - 2015-06-02 15:51 - 000545792 _____ () [File not signed] C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2014-02-25 01:00 - 2014-02-25 01:00 - 000071680 _____ (ASUS Cloud Corporation) [File not signed] C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
2013-08-27 19:32 - 2013-08-27 19:32 - 000747520 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
2017-12-13 10:40 - 2019-03-18 12:13 - 000117248 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2015-02-05 00:52 - 2015-02-05 00:52 - 000248736 _____ (Synology Inc. -> ) [File not signed] C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2018-12-10 10:29 - 2018-12-10 10:29 - 000438272 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\PDF Architect 7\libcurl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 10:25 - 2019-07-17 11:02 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08122019100005240\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08122019100005443\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1538946994-2881095234-305898846-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Hugo Bustos\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\100_0221.jpg
HKU\S-1-5-21-1538946994-2881095234-305898846-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08122019100005662\Control Panel\Desktop\\Wallpaper -> C:\Users\Hugo Bustos\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\100_0221.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: wuauserv => 3
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run32: => "WD Drive Unlocker"
HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"
HKLM\...\StartupApproved\Run32: => "WDAppManager"
HKLM\...\StartupApproved\Run32: => "WD Quick View"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{D7CDAF54-545F-4093-BCB0-BF2DD900CBD8}C:\users\hugo bustos\desktop\ipcamera.exe] => (Allow) C:\users\hugo bustos\desktop\ipcamera.exe () [File not signed]
FirewallRules: [TCP Query User{7F0C3994-82BA-4D14-857D-5E8C8D3D9168}C:\users\hugo bustos\desktop\ipcamera.exe] => (Allow) C:\users\hugo bustos\desktop\ipcamera.exe () [File not signed]
FirewallRules: [{0E7B0069-8959-491A-B377-1C7CC12CA5FE}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EE5A52B4-2356-44FD-A5CD-01FAD52B3AAF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{AB69DBC3-D6AF-4E80-BBEF-E3FBF2223307}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{46C1BEE0-013A-4A49-999C-7CAC6041507F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{78DE2A2D-9DC1-41E9-81B6-47265C2577C5}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F7171A94-5460-477E-8271-9D33F889B8CD}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CAF632ED-D4DE-4D21-9D51-805173B1F06E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AB600AAF-5E91-4E07-8B5E-9792E3A6C67B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
26-07-2019 12:54:52 Scheduled Checkpoint
07-08-2019 10:41:22 Removed 7-Zip 16.04 (x64 edition)
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/12/2019 12:28:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AUDIODG.EXE, versión: 10.0.17763.557, marca de tiempo: 0xb92cafe4
Nombre del módulo con errores: MaxxAudioAPO4064.dll, versión: 4.5.7.0, marca de tiempo: 0x53f116b2
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000004f108
Identificador del proceso con errores: 0x23a4
Hora de inicio de la aplicación con errores: 0x01d5510eee822711
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\AUDIODG.EXE
Ruta de acceso del módulo con errores: C:\WINDOWS\system32\MaxxAudioAPO4064.dll
Identificador del informe: 70599b64-6416-4553-9cda-5424254cc3c0
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (08/12/2019 10:26:18 AM) (Source: Microsoft Office 15) (EventID: 2000) (User: )
Description: Microsoft Excel: Accepted Safe Mode action : Excel tiene problemas con el complemento 'pdfarchitect7excelplugin.connect'. Si esto sigue sucediendo, deshabilite el complemento y busque actualizaciones disponibles. ¿Desea deshabilitarlo ahora?.
Accepted Safe Mode action : Microsoft Excel.
Error: (08/12/2019 10:03:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Explorer.EXE, versión: 10.0.17763.592, marca de tiempo: 0xe27bfbb1
Nombre del módulo con errores: RapportGH_x64.DLL_unloaded, versión: 29871.0.0.0, marca de tiempo: 0x5c76d47f
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00000000000c418f
Identificador del proceso con errores: 0x332c
Hora de inicio de la aplicación con errores: 0x01d5510e01ecebb5
Ruta de acceso de la aplicación con errores: C:\WINDOWS\Explorer.EXE
Ruta de acceso del módulo con errores: RapportGH_x64.DLL
Identificador del informe: 9c0baee8-879b-4f91-a55f-817a90bcfb13
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (08/10/2019 11:58:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AUDIODG.EXE, versión: 10.0.17763.557, marca de tiempo: 0xb92cafe4
Nombre del módulo con errores: MaxxAudioAPO4064.dll, versión: 4.5.7.0, marca de tiempo: 0x53f116b2
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000004f108
Identificador del proceso con errores: 0x3034
Hora de inicio de la aplicación con errores: 0x01d54f8b90e29270
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\AUDIODG.EXE
Ruta de acceso del módulo con errores: C:\WINDOWS\system32\MaxxAudioAPO4064.dll
Identificador del informe: 74bf1bbe-db8a-45f3-8a28-aa530faf7f4a
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (08/10/2019 11:54:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AUDIODG.EXE, versión: 10.0.17763.557, marca de tiempo: 0xb92cafe4
Nombre del módulo con errores: MaxxAudioAPO4064.dll, versión: 4.5.7.0, marca de tiempo: 0x53f116b2
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000004f108
Identificador del proceso con errores: 0x13d0
Hora de inicio de la aplicación con errores: 0x01d54f8b006d5bb2
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\AUDIODG.EXE
Ruta de acceso del módulo con errores: C:\WINDOWS\system32\MaxxAudioAPO4064.dll
Identificador del informe: 2895e7e3-3161-4a09-9a76-38db992a9dd0
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (08/10/2019 11:50:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AUDIODG.EXE, versión: 10.0.17763.557, marca de tiempo: 0xb92cafe4
Nombre del módulo con errores: MaxxAudioAPO4064.dll, versión: 4.5.7.0, marca de tiempo: 0x53f116b2
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000004f108
Identificador del proceso con errores: 0x2ddc
Hora de inicio de la aplicación con errores: 0x01d54f87d6dcd446
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\AUDIODG.EXE
Ruta de acceso del módulo con errores: C:\WINDOWS\system32\MaxxAudioAPO4064.dll
Identificador del informe: 70f56675-cfc5-4a9c-b896-fb4f6e185b6b
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (08/10/2019 11:28:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AUDIODG.EXE, versión: 10.0.17763.557, marca de tiempo: 0xb92cafe4
Nombre del módulo con errores: MaxxAudioAPO4064.dll, versión: 4.5.7.0, marca de tiempo: 0x53f116b2
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000004f108
Identificador del proceso con errores: 0xb60
Hora de inicio de la aplicación con errores: 0x01d54f8776282c45
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\AUDIODG.EXE
Ruta de acceso del módulo con errores: C:\WINDOWS\system32\MaxxAudioAPO4064.dll
Identificador del informe: 4944bae6-1be7-4479-85d1-c0e834016204
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (08/10/2019 11:25:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AUDIODG.EXE, versión: 10.0.17763.557, marca de tiempo: 0xb92cafe4
Nombre del módulo con errores: MaxxAudioAPO4064.dll, versión: 4.5.7.0, marca de tiempo: 0x53f116b2
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000004f108
Identificador del proceso con errores: 0xfd4
Hora de inicio de la aplicación con errores: 0x01d54f86a780e880
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\AUDIODG.EXE
Ruta de acceso del módulo con errores: C:\WINDOWS\system32\MaxxAudioAPO4064.dll
Identificador del informe: 3fe195cc-a067-4ef5-91b2-4ddf9f7fa615
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
System errors:
=============
Error: (08/12/2019 12:13:48 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-HUGO)
Description: La configuración de permisos application-specific no concede el permiso Activation Local para la aplicación de servidor COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
y APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
al usuario LAPTOP-HUGO\Hugo Bustos con SID (S-1-5-21-1538946994-2881095234-305898846-1005) en la dirección LocalHost (Using LRPC) que se ejecuta en el contenedor de aplicaciones con SID Unavailable (Unavailable). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (08/12/2019 10:07:39 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-HUGO)
Description: La configuración de permisos application-specific no concede el permiso Activation Local para la aplicación de servidor COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
y APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
al usuario LAPTOP-HUGO\Hugo Bustos con SID (S-1-5-21-1538946994-2881095234-305898846-1005) en la dirección LocalHost (Using LRPC) que se ejecuta en el contenedor de aplicaciones con SID Unavailable (Unavailable). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (08/12/2019 10:04:04 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (08/12/2019 10:02:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Rapport Management Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 500 milisegundos: Restart the service.
Error: (08/12/2019 10:00:02 AM) (Source: Tcpip) (EventID: 4199) (User: )
Description: El sistema ha detectado un conflicto por la dirección IP 192.168.0.105. La dirección
de hardware de red es 7C-0B-C6-E0-ED-48, las operaciones de red en este sistema
pueden verse afectadas por este problema.
Error: (08/11/2019 11:06:17 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-HUGO)
Description: La configuración de permisos application-specific no concede el permiso Activation Local para la aplicación de servidor COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
y APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
al usuario LAPTOP-HUGO\Hugo Bustos con SID (S-1-5-21-1538946994-2881095234-305898846-1005) en la dirección LocalHost (Using LRPC) que se ejecuta en el contenedor de aplicaciones con SID Unavailable (Unavailable). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (08/11/2019 11:04:32 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (08/11/2019 11:00:03 AM) (Source: Tcpip) (EventID: 4199) (User: )
Description: El sistema ha detectado un conflicto por la dirección IP 192.168.0.101. La dirección
de hardware de red es 3C-CF-5B-FE-BF-C2, las operaciones de red en este sistema
pueden verse afectadas por este problema.
Windows Defender:
===================================
Date: 2019-03-22 10:04:58.805
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.287.249.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.15700.8
Código de error: 0x8024402c
Descripción del error: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2018-12-13 10:36:24.615
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.263.261.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual:
Versión de motor anterior: 1.1.14600.4
Código de error: 0x80072efd
Descripción del error: A connection with the server could not be established
Date: 2018-12-13 10:36:24.614
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.263.261.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual:
Versión de motor anterior: 1.1.14600.4
Código de error: 0x80072efd
Descripción del error: A connection with the server could not be established
Date: 2018-12-13 10:36:24.613
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.263.261.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual:
Versión de motor anterior: 1.1.14600.4
Código de error: 0x80072efd
Descripción del error: A connection with the server could not be established
Date: 2018-12-13 10:36:21.491
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.263.261.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual:
Versión de motor anterior: 1.1.14600.4
Código de error: 0x80072efd
Descripción del error: A connection with the server could not be established
CodeIntegrity:
===================================
Date: 2019-06-19 17:36:10.029
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-19 17:36:09.965
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-19 17:36:09.820
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-19 17:36:09.761
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-04-20 10:25:10.803
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\klhk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-04-20 10:25:10.748
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\klhk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-03-22 10:03:33.001
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-03-22 10:03:32.886
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. X455LA.202 10/30/2014
Motherboard: ASUSTeK COMPUTER INC. X455LA
Processor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Percentage of memory in use: 83%
Total physical RAM: 3979.39 MB
Available physical RAM: 651.43 MB
Total Virtual: 15243.39 MB
Available Virtual: 6754.44 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:211.71 GB) (Free:92.61 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Recovery) (Fixed) (Total:0.5 GB) (Free:0.18 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Restore) (Fixed) (Total:11.27 GB) (Free:11.23 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: E7C45A0F)
Partition 1: (Not Active) - (Size=511 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=211.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.3 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================Hola
MUY Importante 
Realiza una copia de seguridad del registro :
-
Para hacerlo descarga
DelFix.exe( en tu escritorio). -
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
-
Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
A continuación inicia tu equipo desde el Modo Seguro de Windows sin función de red
Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.
- Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\IEExt\ie_plugin.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM - PDF Architect 7 Toolbar - {61E612A7-2382-4570-8D3F-42BC136DDAD7} - C:\Program Files\PDF Architect 7\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\IEExt\ie_plugin.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 - PDF Architect 7 Toolbar - {61E612A7-2382-4570-8D3F-42BC136DDAD7} - C:\Program Files (x86)\PDF Architect 7\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
CHR Extension: (Contenido de la Wiki) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfpamepopfjpfpincgclmohmimnaanf [2019-02-19]
CHR Extension: (Chrome Media Router) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-10]
S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [UDP Query User{D7CDAF54-545F-4093-BCB0-BF2DD900CBD8}C:\users\hugo bustos\desktop\ipcamera.exe] => (Allow) C:\users\hugo bustos\desktop\ipcamera.exe () [File not signed]
FirewallRules: [TCP Query User{7F0C3994-82BA-4D14-857D-5E8C8D3D9168}C:\users\hugo bustos\desktop\ipcamera.exe] => (Allow) C:\users\hugo bustos\desktop\ipcamera.exe () [File not signed]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
ENDGuárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
- Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
- Presionar el botón FIX y aguardar a que termine.
- La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).
Pega el contenido de este fichero en tu próxima respuesta.
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Un saludo
Hola, Daniela buen día. Windows me pidió una actualización y estoy en la mitad de él, mi consulta es si terminada la actualización hago lo que me solicitas o tendré que repetir todo el proceso con FRST.exe
Ya ha finalizado la actualización de windows y dado que debe haber modificaciones en el registro y para adelantar tiempo te adjunto por si lo necesitas los archivos producidos al ejecutar FRST. Espero tus comentarios. Gracias.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-08-2019
Ran by Hugo Bustos (administrator) on LAPTOP-HUGO (ASUSTeK COMPUTER INC. X455LA) (14-08-2019 10:54:24)
Running from C:\Users\Hugo Bustos\Desktop
Loaded Profiles: Hugo Bustos & (Available Profiles: Hugo Bustos)
Platform: Windows 10 Pro Version 1809 17763.678 (X64) Language: Inglés (Estados Unidos)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUS Cloud Corporation) [File not signed] C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google) C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\SwReporter\44.212.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\SwReporter\44.212.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\SwReporter\44.212.200.3\software_reporter_tool.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportHelper.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfParticipantDisplayService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avpui.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\excel.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngentask.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentask.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19071.877.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\creator\common\creator-ws.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\updater-ws.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\ws.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Synology Inc. -> ) [File not signed] C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111488 2014-09-15] (Intel(R) Software -> Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1538946994-2881095234-305898846-1005\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2019-08-04] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-1538946994-2881095234-305898846-1005\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1538946994-2881095234-305898846-1005\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [221184 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1538946994-2881095234-305898846-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08142019104904736\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2019-08-04] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-1538946994-2881095234-305898846-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08142019104904736\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1538946994-2881095234-305898846-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08142019104904736\...\RunOnce: [Application Restart #0] => C:\Program Files\Microsoft Office 15\root\office15\outlook.exe [19189848 2019-04-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1538946994-2881095234-305898846-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08142019104904736\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1678832 2019-08-05] (Google LLC -> Google LLC)
HKU\S-1-5-21-1538946994-2881095234-305898846-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08142019104904736\...\RunOnce: [Application Restart #2] => C:\Program Files\Microsoft Office 15\root\office15\excel.exe [25752152 2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1538946994-2881095234-305898846-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08142019104904736\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [221184 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-09] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2014-03-19] (Broadcom Corporation -> Broadcom Corporation.)
BootExecute: autocheck autochk *
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04235D5A-1C86-4F83-8DF5-DCB1D71B6AC8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {51E848B4-7873-4C8D-9AF2-9A0479510764} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [31232 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
Task: {626F503C-A88E-4CDC-9830-2C37B6359E51} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-21] (Google Inc -> Google Inc.)
Task: {68325FF7-616A-430D-AB6F-50B0AE887A0F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-21] (Google Inc -> Google Inc.)
Task: {68E4508B-84ED-4F46-B3F7-15AB2411DDAD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {6B4626D5-A7DD-43D2-BCC3-6BF202D1FF0C} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [915960 2019-08-04] (Glarysoft LTD -> Glarysoft Ltd)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8FBC4EB5-AB95-4659-BD96-B7CC8B31ED50} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {A4FC1553-0033-4AA6-B9C4-7F1CFA6A62B5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [292952 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {BFFE81D9-F354-45E8-B293-0F0B7A8F31B5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {C29F81D9-75AF-47D2-8AD0-31EB9956DC2E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C34D709B-FFA7-485F-8EA8-58F71A8E159B} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18400 2017-03-09] (ASUSTeK Computer Inc. -> AsusTek)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {DB9A4131-59C2-4862-A84D-00F7DC2451E4} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [136688 2019-08-04] (Glarysoft LTD -> Glarysoft Ltd)
Task: {FB2CD860-2DFA-423B-BF27-EF8340EED87D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [292952 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{141ca94c-4ed2-4cad-a28a-334eb6b465be}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{76060e0a-922c-455f-9044-02e21b061103}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{d235bf04-00d1-4006-807c-39a91fbe6360}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: PDF Architect 7 Helper -> {2B035CAB-1F3D-4DE6-A32D-39B9E5F456D0} -> C:\Program Files\PDF Architect 7\creator\plugins\IEAddin\creator-ie-helper.dll [2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\IEExt\ie_plugin.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
BHO-x32: PDF Architect 7 Helper -> {2B035CAB-1F3D-4DE6-A32D-39B9E5F456D0} -> C:\Program Files (x86)\PDF Architect 7\creator\plugins\IEAddin\creator-ie-helper.dll [2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-08-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-08-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\IEExt\ie_plugin.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\IEExt\ie_plugin.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM - PDF Architect 7 Toolbar - {61E612A7-2382-4570-8D3F-42BC136DDAD7} - C:\Program Files\PDF Architect 7\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\IEExt\ie_plugin.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 - PDF Architect 7 Toolbar - {61E612A7-2382-4570-8D3F-42BC136DDAD7} - C:\Program Files (x86)\PDF Architect 7\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\Hugo Bustos\Downloads
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-04-18]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: synology.com/SurveillanceHelper -> C:\Program Files (x86)\Synology\SurveillanceHelper\1.0.0.5\npSurveillanceHelper_x86_64.dll [2015-04-15] (Synology Inc. -> Synology)
FF Plugin: synology.com/SurveillancePlugin_x86_64 -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.575\npSurveillancePlugin_x86_64.dll [2015-04-15] (Synology Inc. -> Synology)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-08-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-08-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.com.ar/"
CHR Profile: C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default [2019-08-14]
CHR Extension: (Kaspersky Protection) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2018-11-27]
CHR Extension: (IBM Security Rapport) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2019-07-22]
CHR Extension: (Adobe Acrobat) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-11]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Contenido de la Wiki) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfpamepopfjpfpincgclmohmimnaanf [2019-02-19]
CHR Extension: (Chrome Media Router) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-10]
CHR Profile: C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-07]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKU\S-1-5-21-1538946994-2881095234-305898846-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1538946994-2881095234-305898846-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08142019104904736\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [File not signed]
R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avp.exe [619640 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
R2 DptfParticipantDisplayService; C:\WINDOWS\System32\DptfParticipantDisplayService.exe [141944 2014-09-15] (Intel(R) Software -> Intel Corporation)
R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [115656 2014-09-15] (Intel(R) Software -> Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe [116680 2014-09-15] (Intel(R) Software -> Intel Corporation)
R2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [124904 2014-09-15] (Intel(R) Software -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\vssbridge64.exe [414352 2018-12-08] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R3 PDF Architect 7; C:\Program Files\PDF Architect 7\ws.exe [2579240 2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 7 Creator; C:\Program Files\PDF Architect 7\creator\common\creator-ws.exe [836904 2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 7 Update Service; C:\Program Files\PDF Architect 7\updater-ws.exe [1825064 2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [5274560 2019-04-15] (IBM -> IBM Corp.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5356848 2019-08-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2015-02-05] (Synology Inc. -> ) [File not signed]
S3 WD Backup Drive Helper; C:\windows\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Drive Helper; C:\windows\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\windows\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\windows\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-03-22] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [74240 2013-07-05] (Microsoft Windows Hardware Compatibility Publisher -> Alcor Micro, Corp.)
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 DptfDevDisplay; C:\WINDOWS\System32\drivers\DptfDevDisplay.sys [70752 2014-09-15] (Intel(R) Software -> Intel Corporation)
S3 DptfDevDram; C:\WINDOWS\System32\drivers\DptfDevDram.sys [145640 2014-09-15] (Intel(R) Software -> Intel Corporation)
S3 DptfDevFan; C:\WINDOWS\System32\drivers\DptfDevFan.sys [50640 2014-09-15] (Intel(R) Software -> Intel Corporation)
S3 DptfDevGen; C:\WINDOWS\System32\drivers\DptfDevGen.sys [78504 2014-09-15] (Intel(R) Software -> Intel Corporation)
S3 DptfDevPch; C:\WINDOWS\System32\drivers\DptfDevPch.sys [116752 2014-09-15] (Intel(R) Software -> Intel Corporation)
S3 DptfDevPower; C:\WINDOWS\System32\drivers\DptfDevPower.sys [71808 2014-09-15] (Intel(R) Software -> Intel Corporation)
R3 DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [290256 2014-09-15] (Intel(R) Software -> Intel Corporation)
R3 DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [495320 2014-09-15] (Intel(R) Software -> Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31320 2015-07-14] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2019-06-24] (Glarysoft LTD -> Glarysoft Ltd)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [19976 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> )
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [75600 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [126288 2019-08-08] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [91472 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29208 2017-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [236672 2019-08-08] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1093240 2019-08-08] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [197760 2019-07-11] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1168000 2019-08-08] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [58704 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [60536 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [60784 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50304 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [46416 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [245272 2019-04-25] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [302368 2019-04-25] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [116104 2019-04-25] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [198768 2019-05-06] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [104576 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [184960 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [218240 2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-07-19] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-08-14] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-08-14] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-08-14] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116112 2019-08-14] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 pccsmcfd; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [26112 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [503000 2019-04-15] (IBM -> IBM Corp.)
R1 RapportCerberus_1930415; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1930415.sys [1659544 2019-04-11] (IBM -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [727000 2019-04-15] (IBM -> IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [463408 2019-04-15] (IBM -> IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [610648 2019-04-15] (IBM -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [766616 2019-04-15] (IBM -> IBM Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek Semiconductor Corp -> Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46680 2019-02-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [330936 2019-02-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2019-02-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-14 10:54 - 2019-08-14 10:59 - 000039276 _____ C:\Users\Hugo Bustos\Desktop\FRST.txt
2019-08-14 10:53 - 2019-08-14 10:53 - 000000000 ____D C:\Users\Hugo Bustos\Desktop\FRST-OlderVersion
2019-08-14 10:47 - 2019-08-14 10:47 - 000224408 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-08-14 10:47 - 2019-08-14 10:47 - 000116112 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-08-13 19:12 - 2019-03-28 06:11 - 000029232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2019-08-13 19:12 - 2019-03-28 06:11 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2019-08-13 19:12 - 2019-03-28 06:09 - 000032816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2019-08-13 19:12 - 2019-03-28 06:09 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2019-08-13 19:12 - 2019-03-28 03:35 - 000772176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_clr0400.dll
2019-08-13 19:12 - 2019-03-28 03:35 - 000702400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase_clr0400.dll
2019-08-13 19:12 - 2019-03-28 03:35 - 000622832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_clr0400.dll
2019-08-13 19:12 - 2019-03-28 03:35 - 000433448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140_clr0400.dll
2019-08-13 19:12 - 2019-03-28 03:35 - 000087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140_clr0400.dll
2019-08-13 19:12 - 2019-03-28 03:35 - 000083768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140_clr0400.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 023453696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 020816896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 019011584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 012939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 012244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 011724288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 008900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 007871488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 006544552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 006308016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 006065152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 005587968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 004628992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 004344832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 003818632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-08-13 19:00 - 2019-08-13 19:00 - 003656704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 003614720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 002942976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 002778760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 002323688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 002278792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 002177336 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-08-13 19:00 - 2019-08-13 19:00 - 002017792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-08-13 19:00 - 2019-08-13 19:00 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 001477432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 001465984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 001290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 001278808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2019-08-13 19:00 - 2019-08-13 19:00 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 001222160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 001221528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-08-13 19:00 - 2019-08-13 19:00 - 000993792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-08-13 19:00 - 2019-08-13 19:00 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000806024 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-08-13 19:00 - 2019-08-13 19:00 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000783184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000763392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-08-13 19:00 - 2019-08-13 19:00 - 000522104 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-08-13 19:00 - 2019-08-13 19:00 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2PGraph.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2PGraph.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-08-13 19:00 - 2019-08-13 19:00 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingDiagSpp.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000317240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-08-13 19:00 - 2019-08-13 19:00 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-08-13 19:00 - 2019-08-13 19:00 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-08-13 19:00 - 2019-08-13 19:00 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2pnetsh.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2019-08-13 19:00 - 2019-08-13 19:00 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-08-13 19:00 - 2019-08-13 19:00 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\p2pnetsh.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000173216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xmllite.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-08-13 19:00 - 2019-08-13 19:00 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000152576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000152576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fsutil.exe
2019-08-13 19:00 - 2019-08-13 19:00 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000114128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000092832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-08-13 19:00 - 2019-08-13 19:00 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Groupinghc.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000058882 _____ C:\WINDOWS\system32\srms.dat
2019-08-13 19:00 - 2019-08-13 19:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2019-08-13 19:00 - 2019-08-13 19:00 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shunimpl.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 022114960 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-08-13 18:59 - 2019-08-13 18:59 - 007884288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 006925312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 005570968 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 004737536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-08-13 18:59 - 2019-08-13 18:59 - 004351656 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-08-13 18:59 - 2019-08-13 18:59 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 003978240 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 003635200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-08-13 18:59 - 2019-08-13 18:59 - 003385856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 003363856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-08-13 18:59 - 2019-08-13 18:59 - 003333632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 002926096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-08-13 18:59 - 2019-08-13 18:59 - 002842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 002700792 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 002438576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-08-13 18:59 - 2019-08-13 18:59 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 002073232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 001966904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-08-13 18:59 - 2019-08-13 18:59 - 001733120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 001715712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 001701880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-08-13 18:59 - 2019-08-13 18:59 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 001483872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 001479184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 001472568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-08-13 18:59 - 2019-08-13 18:59 - 001466880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 001391096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2019-08-13 18:59 - 2019-08-13 18:59 - 001344960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-08-13 18:59 - 2019-08-13 18:59 - 001321784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 001267712 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-08-13 18:59 - 2019-08-13 18:59 - 001180464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-08-13 18:59 - 2019-08-13 18:59 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-08-13 18:59 - 2019-08-13 18:59 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-08-13 18:59 - 2019-08-13 18:59 - 001038336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000864568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2019-08-13 18:59 - 2019-08-13 18:59 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-08-13 18:59 - 2019-08-13 18:59 - 000771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000678680 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-08-13 18:59 - 2019-08-13 18:59 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000586256 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000535056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-08-13 18:59 - 2019-08-13 18:59 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000515440 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2019-08-13 18:59 - 2019-08-13 18:59 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-08-13 18:59 - 2019-08-13 18:59 - 000398928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-08-13 18:59 - 2019-08-13 18:59 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingDiagSpp.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2019-08-13 18:59 - 2019-08-13 18:59 - 000262336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-08-13 18:59 - 2019-08-13 18:59 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-08-13 18:59 - 2019-08-13 18:59 - 000200504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-08-13 18:59 - 2019-08-13 18:59 - 000152080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000121656 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2019-08-13 18:59 - 2019-08-13 18:59 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-08-13 18:59 - 2019-08-13 18:59 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdcpw.dll
2019-08-13 18:59 - 2019-08-13 18:59 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\shunimpl.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 007687784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 003567104 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 003335224 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 002999808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 002767160 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-08-13 18:58 - 2019-08-13 18:58 - 002593544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 002022096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 001892864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 001715000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 001674752 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 001662264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 001294488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 001260560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-08-13 18:58 - 2019-08-13 18:58 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-08-13 18:58 - 2019-08-13 18:58 - 001232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-08-13 18:58 - 2019-08-13 18:58 - 001205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 001048376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-08-13 18:58 - 2019-08-13 18:58 - 001020416 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000895792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000850976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000831288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-08-13 18:58 - 2019-08-13 18:58 - 000799784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000794040 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000788480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000764416 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-08-13 18:58 - 2019-08-13 18:58 - 000743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000732168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-08-13 18:58 - 2019-08-13 18:58 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-08-13 18:58 - 2019-08-13 18:58 - 000649528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000603280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-08-13 18:58 - 2019-08-13 18:58 - 000508968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-08-13 18:58 - 2019-08-13 18:58 - 000482104 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-08-13 18:58 - 2019-08-13 18:58 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000449576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000444728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-08-13 18:58 - 2019-08-13 18:58 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-08-13 18:58 - 2019-08-13 18:58 - 000396088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000375752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-08-13 18:58 - 2019-08-13 18:58 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000310072 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000294512 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000278624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-08-13 18:58 - 2019-08-13 18:58 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000253256 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000248120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2019-08-13 18:58 - 2019-08-13 18:58 - 000230848 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-08-13 18:58 - 2019-08-13 18:58 - 000203064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000193040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-08-13 18:58 - 2019-08-13 18:58 - 000189712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000141736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2019-08-13 18:58 - 2019-08-13 18:58 - 000125016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000118480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pmem.sys
2019-08-13 18:58 - 2019-08-13 18:58 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-08-13 18:58 - 2019-08-13 18:58 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-08-13 18:58 - 2019-08-13 18:58 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiskSnapshot.exe
2019-08-13 18:58 - 2019-08-13 18:58 - 000087056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-08-13 18:58 - 2019-08-13 18:58 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-08-13 18:58 - 2019-08-13 18:58 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-08-13 18:58 - 2019-08-13 18:58 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-08-13 18:58 - 2019-08-13 18:58 - 000032784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2019-08-13 18:58 - 2019-08-13 18:58 - 000032568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2019-08-13 18:58 - 2019-08-13 18:58 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-08-13 18:58 - 2019-08-13 18:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-08-13 18:58 - 2019-08-13 18:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-08-13 18:58 - 2019-08-13 18:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-08-13 18:58 - 2019-08-13 18:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-08-13 18:58 - 2019-08-13 18:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-08-13 18:58 - 2019-08-13 18:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-08-13 18:58 - 2019-08-13 18:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-08-13 18:58 - 2019-08-13 18:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-08-13 14:56 - 2019-08-13 14:57 - 000036595 _____ C:\Users\Hugo Bustos\Downloads\constancia_20125231455_2019-08-13.pdf
2019-08-13 10:03 - 2019-08-13 10:04 - 000285544 _____ (Mozilla) C:\Users\Hugo Bustos\Downloads\Firefox Installer.exe
2019-08-12 12:05 - 2019-08-14 10:53 - 001612800 _____ (Farbar) C:\Users\Hugo Bustos\Desktop\FRST64.exe
2019-08-11 12:11 - 2019-08-11 12:11 - 000038351 _____ C:\Users\Hugo Bustos\Downloads\20125231455_001_00002_00000111 (1).pdf
2019-08-11 12:09 - 2019-08-11 12:10 - 000038351 _____ C:\Users\Hugo Bustos\Downloads\20125231455_001_00002_00000111.pdf
2019-08-09 15:25 - 2019-08-09 15:25 - 000038366 _____ C:\Users\Hugo Bustos\Downloads\20125231455_001_00002_00000110.pdf
2019-08-08 12:06 - 2019-08-08 12:06 - 000081653 _____ C:\Users\Hugo Bustos\Downloads\bill (5).pdf
2019-08-08 11:35 - 2019-08-14 10:47 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-08-08 11:35 - 2019-08-14 10:47 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-08-07 12:06 - 2019-08-07 12:07 - 007623880 _____ (Malwarebytes) C:\Users\Hugo Bustos\Desktop\adwcleaner_7.4.exe
2019-08-07 10:29 - 2019-08-07 10:29 - 000003690 _____ C:\Users\Hugo Bustos\Downloads\ReciboPago_20190807102913.pdf
2019-08-07 09:51 - 2019-08-07 09:51 - 000059292 _____ C:\Users\Hugo Bustos\Documents\cc_20190807_095100.reg
2019-08-06 12:18 - 2019-08-06 12:18 - 000038359 _____ C:\Users\Hugo Bustos\Downloads\20125231455_001_00002_00000109.pdf
2019-08-06 12:08 - 2019-08-06 12:08 - 000084602 _____ C:\Users\Hugo Bustos\Downloads\Comprobante de transferencia (3).pdf
2019-08-06 09:32 - 2019-08-06 09:32 - 000084147 _____ C:\Users\Hugo Bustos\Downloads\Comprobante de transferencia (2).pdf
2019-08-05 15:46 - 2019-08-05 15:46 - 000003690 _____ C:\Users\Hugo Bustos\Downloads\ReciboPago_20190805154651.pdf
2019-08-05 15:31 - 2019-08-05 15:31 - 000089738 _____ C:\Users\Hugo Bustos\Downloads\Comprobante de pago (3).pdf
2019-08-05 09:31 - 2019-08-05 09:33 - 017803992 _____ (Glarysoft Ltd) C:\Users\Hugo Bustos\Downloads\Glary_Utilities_v5.125.0.150.exe
2019-08-05 09:26 - 2019-08-05 09:26 - 000000000 ____D C:\Users\Hugo Bustos\AppData\Local\OneDrive
2019-08-02 12:54 - 2019-08-02 12:54 - 000000000 ____D C:\Users\Hugo Bustos\AppData\Roaming\Sun
2019-08-02 12:51 - 2019-08-02 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-08-02 12:51 - 2019-08-02 12:50 - 000098288 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2019-08-02 12:49 - 2019-08-02 12:49 - 000000000 ____D C:\Program Files (x86)\Java
2019-08-02 12:40 - 2019-08-02 12:41 - 002065880 _____ (Oracle Corporation) C:\Users\Hugo Bustos\Downloads\JavaSetup8u221.exe
2019-08-01 16:39 - 2019-08-02 09:23 - 000000000 ____D C:\Users\Hugo Bustos\AppData\Local\PDFCreator
2019-08-01 16:36 - 2019-08-01 16:36 - 000000879 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2019-08-01 16:36 - 2019-08-01 16:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2019-08-01 16:08 - 2019-08-01 16:11 - 037512960 _____ (pdfforge GmbH) C:\Users\Hugo Bustos\Downloads\PDFCreator-3_5_1-Setup.exe
2019-07-30 09:50 - 2019-07-30 09:50 - 002480733 _____ C:\Users\Hugo Bustos\Downloads\60016060_iges.zip
2019-07-30 09:50 - 2019-07-30 09:50 - 002224416 _____ C:\Users\Hugo Bustos\Downloads\60016060_step.zip
2019-07-22 15:25 - 2019-07-22 15:26 - 000045778 _____ C:\Users\Hugo Bustos\Downloads\PRD03101$I00520912C20125231455 (2).PDF
2019-07-22 15:24 - 2019-07-22 15:24 - 000048049 _____ C:\Users\Hugo Bustos\Downloads\PRD03101$G00169826C20125231455 (1).PDF
2019-07-22 15:24 - 2019-07-22 15:24 - 000045778 _____ C:\Users\Hugo Bustos\Downloads\PRD03101$I00520912C20125231455 (1).PDF
2019-07-22 09:46 - 2019-07-22 09:47 - 017765208 _____ (Glarysoft Ltd) C:\Users\Hugo Bustos\Downloads\Glary_Utilities_v5.124.0.149.exe
2019-07-19 09:45 - 2019-07-19 09:45 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-07-19 09:44 - 2019-07-19 09:44 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-19 09:44 - 2019-07-19 09:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-19 09:44 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-07-19 09:44 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-07-17 11:32 - 2019-07-17 11:32 - 000089297 _____ C:\Users\Hugo Bustos\Downloads\Comprobante de pago (2).pdf
2019-07-17 09:35 - 2019-07-17 09:37 - 020891464 _____ (Piriform Software Ltd) C:\Users\Hugo Bustos\Downloads\ccsetup560.exe
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-14 11:00 - 2018-09-15 04:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-14 10:55 - 2018-10-04 18:00 - 000791848 _____ C:\WINDOWS\system32\perfh00A.dat
2019-08-14 10:55 - 2018-10-04 18:00 - 000157372 _____ C:\WINDOWS\system32\perfc00A.dat
2019-08-14 10:55 - 2018-10-04 13:20 - 001773362 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-14 10:55 - 2018-09-15 04:31 - 000000000 ____D C:\WINDOWS\INF
2019-08-14 10:54 - 2018-02-22 19:22 - 000000000 ____D C:\FRST
2019-08-14 10:53 - 2015-07-14 12:48 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2019-08-14 10:53 - 2015-04-25 12:50 - 000000000 ____D C:\Users\Hugo Bustos\Documents\Archivos de Outlook
2019-08-14 10:49 - 2018-05-03 15:38 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2019-08-14 10:49 - 2018-03-07 10:15 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-08-14 10:49 - 2015-09-16 08:36 - 000000000 ___RD C:\Users\Hugo Bustos\3D Objects
2019-08-14 10:49 - 2014-12-05 17:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-14 10:48 - 2018-07-05 15:44 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-08-14 10:48 - 2015-04-21 15:37 - 000000000 __SHD C:\Users\Hugo Bustos\IntelGraphicsProfiles
2019-08-14 10:46 - 2018-10-04 13:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-14 10:46 - 2018-10-04 13:11 - 000447664 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-08-14 10:46 - 2018-09-15 03:09 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2019-08-14 10:42 - 2018-09-15 06:11 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-08-14 10:42 - 2018-09-15 04:33 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-08-14 10:42 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-08-14 10:42 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-08-14 10:42 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\Provisioning
2019-08-14 10:42 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-08-14 10:42 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-08-14 10:40 - 2018-10-04 13:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-13 19:21 - 2018-09-15 04:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-08-13 19:11 - 2015-04-20 18:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-08-13 19:06 - 2015-04-20 18:31 - 134272480 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-08-13 18:59 - 2013-08-22 12:44 - 000408644 __RSH C:\bootmgr
2019-08-13 14:38 - 2017-12-13 14:50 - 000000000 ____D C:\Users\Hugo Bustos\AppData\Local\Packages
2019-08-13 10:56 - 2015-04-27 18:40 - 000002097 _____ C:\Users\Hugo Bustos\Documents\chubut.txt
2019-08-13 04:36 - 2018-10-03 22:35 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2019-08-13 04:34 - 2018-09-15 03:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-08-13 04:11 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\Registration
2019-08-13 04:10 - 2019-03-19 04:30 - 000000000 ___HD C:\$WINDOWS.~BT
2019-08-13 04:05 - 2018-10-04 13:25 - 000009528 _____ C:\WINDOWS\diagwrn.xml
2019-08-13 04:05 - 2018-10-04 13:25 - 000009528 _____ C:\WINDOWS\diagerr.xml
2019-08-13 02:27 - 2018-09-15 04:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-13 02:27 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-13 01:38 - 2018-10-03 18:41 - 000000000 ___DC C:\WINDOWS\Panther
2019-08-11 11:09 - 2015-08-11 16:57 - 000000000 ___RD C:\Users\Hugo Bustos\OneDrive
2019-08-11 11:08 - 2018-10-04 13:35 - 000003382 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1538946994-2881095234-305898846-1005
2019-08-11 11:08 - 2018-10-04 13:14 - 000002460 _____ C:\Users\Hugo Bustos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-08-09 17:22 - 2015-04-26 19:45 - 000000000 ____D C:\Users\Hugo Bustos\Documents\MS Servicios
2019-08-09 09:16 - 2015-04-21 19:22 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-08 12:33 - 2019-04-09 14:55 - 000000000 ____D C:\Users\Hugo Bustos\Documents\Luma
2019-08-08 12:15 - 2018-10-04 13:26 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-08-08 11:33 - 2018-07-03 15:20 - 000000000 ____D C:\AdwCleaner
2019-08-08 11:33 - 2015-11-03 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2019-08-08 11:33 - 2015-11-03 18:23 - 000000000 ____D C:\Users\Hugo Bustos\AppData\Roaming\Samsung
2019-08-08 11:33 - 2015-11-03 18:23 - 000000000 ____D C:\Program Files (x86)\Samsung
2019-08-08 11:08 - 2015-06-30 10:27 - 000000000 ____D C:\Users\Hugo Bustos\AppData\Roaming\FILEminimizerPictures
2019-08-08 09:45 - 2018-05-03 12:46 - 001168000 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2019-08-08 09:45 - 2018-05-03 12:46 - 000236672 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2019-08-08 09:45 - 2017-12-24 04:59 - 000126288 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klbackupflt.sys
2019-08-08 09:42 - 2017-12-24 04:59 - 001093240 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2019-08-08 09:42 - 2017-12-24 04:59 - 000151768 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\klhkum.dll
2019-08-07 10:56 - 2014-12-05 08:41 - 000000000 ____D C:\ProgramData\McAfee
2019-08-07 10:44 - 2015-11-23 08:55 - 000000000 ____D C:\Program Files\7-Zip
2019-08-07 09:49 - 2019-05-30 16:27 - 000000000 ____D C:\Program Files\PDFCreator
2019-08-05 09:37 - 2018-10-04 13:26 - 000003288 _____ C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2019-08-05 09:37 - 2018-10-04 13:26 - 000003046 _____ C:\WINDOWS\System32\Tasks\GU5SkipUAC
2019-08-05 09:37 - 2015-07-14 12:48 - 000001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2019-08-05 09:37 - 2015-07-14 12:48 - 000001151 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2019-07-23 15:23 - 2018-11-13 16:44 - 000000000 ____D C:\WINDOWS\Minidump
2019-07-19 09:44 - 2018-09-15 04:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-07-17 09:54 - 2018-10-04 13:26 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-07-17 09:54 - 2017-05-24 16:39 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
==================== Files in the root of some directories ================
2015-04-21 15:37 - 2018-02-27 09:07 - 000000093 _____ () C:\Users\Hugo Bustos\AppData\Roaming\sp_data.sys
2015-04-30 18:17 - 2019-06-07 08:56 - 000000600 _____ () C:\Users\Hugo Bustos\AppData\Roaming\winscp.rnd
2019-06-03 09:40 - 2019-06-03 09:40 - 000000738 _____ () C:\Users\Hugo Bustos\AppData\Local\recently-used.xbel
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-08-2019
Ran by Hugo Bustos (14-08-2019 11:04:04)
Running from C:\Users\Hugo Bustos\Desktop
Windows 10 Pro Version 1809 17763.678 (X64) (2018-10-04 16:28:29)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1538946994-2881095234-305898846-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1538946994-2881095234-305898846-503 - Limited - Disabled)
Guest (S-1-5-21-1538946994-2881095234-305898846-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1538946994-2881095234-305898846-1009 - Limited - Enabled)
Hugo Bustos (S-1-5-21-1538946994-2881095234-305898846-1005 - Administrator - Enabled) => C:\Users\Hugo Bustos
WDAGUtilityAccount (S-1-5-21-1538946994-2881095234-305898846-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Kaspersky Anti-Virus (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\{5CA55DFC-2008-460F-B7A7-FB92100C4494}) (Version: 20.4.10117.43857 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{5CA55DFC-2008-460F-B7A7-FB92100C4494}) (Version: 20.4.10117.43857 - Alcor Micro Corp.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.1 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.02.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
Bluefish 2.2.10 (HKLM-x32\...\Bluefish) (Version: 2.2.10 - The Bluefish Developers)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.228 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.6795 - CDBurnerXP)
CDR Viewer (HKLM-x32\...\{37955B24-82BC-4160-A867-285B87E62519}_is1) (Version: - IdeaMK)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.52 - Conexant)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
ELAN Touchpad 15.8.4.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.8.4.3 - ELAN Microelectronic Corp.)
FILEminimizer Pictures (HKLM-x32\...\FILEminimizer Pictures_is1) (Version: - balesio AG)
Free PDF Compressor (HKLM-x32\...\{BFA49A14-EC18-4071-BC13-B43043B09222}_is1) (Version: - freepdfcompressor.com)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Glary Utilities 5.125 (HKLM-x32\...\Glary Utilities 5) (Version: 5.125.0.150 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.100 - Google LLC)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8610 Ayuda (HKLM-x32\...\{9DE93C21-F8E2-4072-8BE0-9B217452D0AC}) (Version: 32.0.0 - Hewlett Packard)
HP Officejet Pro 8610 Software básico del dispositivo (HKLM\...\{6739DE85-7829-4091-A6D3-E805B9F4C7F4}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Kaspersky Anti-Virus (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
KB4023057 (HKLM\...\{264FDD69-C4DF-476F-B1B8-7DCEE4AF839B}) (Version: 2.4.0.0 - Microsoft Corporation)
LibreCAD (HKLM-x32\...\LibreCAD) (Version: 2.1.3 - LibreCAD Team)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office Professional Plus 2013 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 15.0.5145.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1538946994-2881095234-305898846-1005\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1538946994-2881095234-305898846-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08142019104904736\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Nokia Suite (HKLM-x32\...\{88B6F9DE-C80F-4A70-ACF6-BEE933679170}) (Version: 3.8.54.0 - Nokia) Hidden
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5145.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5145.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0C0A-0000-0000000FF1CE}) (Version: 15.0.5145.1001 - Microsoft Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Architect 7 (HKLM-x32\...\PDF Architect 7) (Version: 7.0.24.1546 - pdfforge GmbH)
PDF Architect 7 Create Module (HKLM\...\{502EC982-C990-462A-9D80-A1883FF382CD}) (Version: 7.0.26.3193 - pdfforge GmbH) Hidden
PDF Architect 7 Edit Module (HKLM\...\{10217CEF-741F-4547-8B4A-DC64709C5B9E}) (Version: 7.0.26.3193 - pdfforge GmbH) Hidden
PDF Architect 7 View Module (HKLM\...\{224BCD15-4AE2-4791-A9AF-9B61624CD483}) (Version: 7.0.26.3193 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.5.1 - pdfforge GmbH)
PDFsam Basic (HKLM-x32\...\{910EA44E-8446-405D-BFE1-82F562F847D0}) (Version: 3.30.0.0 - Andrea Vacondio)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1930.429 - Trusteer) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SurveillanceHelper (HKLM-x32\...\{F97CB3AB-2D7B-4D22-8E42-C06AEAF66E93}) (Version: 1.0.0.5 - Synology)
SurveillancePlugin (HKLM-x32\...\{690F7D59-3671-476F-8B90-15C1528EB0A9}) (Version: 1.0.0.575 - Synology)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
Trusteer Seguridad Terminal (HKLM-x32\...\Rapport_msi) (Version: 3.5.1930.429 - Trusteer)
WD Backup (HKLM-x32\...\{457EB8FA-4E11-48FC-A17B-7E8AD8AA99F2}) (Version: 1.0.5556.3650 - Western Digital Technologies, Inc) Hidden
WD Backup (HKLM-x32\...\{6cbbe2b9-c94a-400c-92cd-14859a8e4808}) (Version: 1.0.5556.3650 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{163952d1-3ca7-4e98-a686-cc0c227c7447}) (Version: 1.2.0.85 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{25A2CD6E-52B2-4F3C-A121-9C3F47634CAF}) (Version: 1.2.0.85 - Western Digital Technologies, Inc.) Hidden
WD Quick View (HKLM-x32\...\{033267BE-C9E6-41F5-8EE7-4BFF9D5E024A}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{b304f1ed-b08a-4d51-882b-fd651777d297}) (Version: 1.2.0.83 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{E673B8B4-6068-4AAB-8E68-2EE751D3EBA9}) (Version: 1.2.0.83 - Western Digital Technologies, Inc.) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.2.301 - ASUS Cloud Corporation)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9550 - Broadcom Corporation)
Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinSCP 5.15.2 (HKLM-x32\...\winscp3_is1) (Version: 5.15.2 - Martin Prikryl)
Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2018-01-08] (WildTangent Games)
ASUS Welcome -> C:\Program Files\WindowsApps\B9ECED6F.ASUSWelcome_1.0.1.0_x64__qmba6cd70vzyy [2018-01-08] (ASUSTeK COMPUTER INC.)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2018-01-08] (Flipboard)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-06-07] (Microsoft Corporation)
GRU. MI VILLANO FAVORITO: Minion Rush -> C:\Program Files\WindowsApps\GAMELOFTSA.DespicableMeMinionRush_4.1.3.10_x86__0pp20fcewvvtj [2019-05-31] (GAMELOFT SA)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-07-22] (HP Inc.)
LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_5.18.3.0_x86__8ptj331gd3tyt [2019-08-08] (LINE Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-09] (Microsoft Corporation) [MS Ad]
Microsoft Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-18] (Microsoft Studios) [MS Ad]
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_1.7.10190.0_x86__8wekyb3d8bbwe [2018-11-29] (Microsoft Studios) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
MSN Finanzas -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-18] (Microsoft Corporation) [MS Ad]
MSN Recetas -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2018-01-08] (Microsoft Corporation) [MS Ad]
MSN Salud -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2018-01-08] (Microsoft Corporation) [MS Ad]
MSN Viajes -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2018-01-08] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.0.0.0_x64__a2t3txkz9j1jw [2019-07-26] (MAGIX)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-06-28] (Netflix, Inc.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-10] (Twitter Inc.)
Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2018-01-08] (Microsoft Corporation) [MS Ad]
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2018-01-08] (Zinio LLC)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\ShellEx.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [PDFArchitect7_ManagerExt] -> {21989F59-B260-4302-90C3-E51740E03639} => C:\Program Files\PDF Architect 7\context-menu.dll [2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:/Program Files/PDFCreator/PDFCreatorShell.DLL [2018-11-13] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\ShellEx.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:/Program Files (x86)/Common Files/AWS/2.1.2.301/ASUSWSContextMenu.dll [2014-02-25] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\ShellEx.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\ShellEx.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-06-02 15:51 - 2015-06-02 15:51 - 000545792 _____ () [File not signed] C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2019-08-14 10:55 - 2019-08-14 10:55 - 000379392 _____ (ESET) [File not signed] c:\users\hugo bustos\appdata\local\google\chrome\user data\swreporter\44.212.200.3\edls_32.dll
2017-12-13 10:40 - 2019-03-18 12:13 - 000117248 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2018-12-10 10:29 - 2018-12-10 10:29 - 000438272 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\PDF Architect 7\libcurl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 10:25 - 2019-07-17 11:02 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08142019104904595\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08142019104904674\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1538946994-2881095234-305898846-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Hugo Bustos\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\100_0221.jpg
HKU\S-1-5-21-1538946994-2881095234-305898846-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08142019104904736\Control Panel\Desktop\\Wallpaper -> C:\Users\Hugo Bustos\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\100_0221.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: wuauserv => 3
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run32: => "WD Drive Unlocker"
HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"
HKLM\...\StartupApproved\Run32: => "WDAppManager"
HKLM\...\StartupApproved\Run32: => "WD Quick View"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{D7CDAF54-545F-4093-BCB0-BF2DD900CBD8}C:\users\hugo bustos\desktop\ipcamera.exe] => (Allow) C:\users\hugo bustos\desktop\ipcamera.exe () [File not signed]
FirewallRules: [TCP Query User{7F0C3994-82BA-4D14-857D-5E8C8D3D9168}C:\users\hugo bustos\desktop\ipcamera.exe] => (Allow) C:\users\hugo bustos\desktop\ipcamera.exe () [File not signed]
FirewallRules: [{0E7B0069-8959-491A-B377-1C7CC12CA5FE}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EE5A52B4-2356-44FD-A5CD-01FAD52B3AAF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{AB69DBC3-D6AF-4E80-BBEF-E3FBF2223307}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{46C1BEE0-013A-4A49-999C-7CAC6041507F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{78DE2A2D-9DC1-41E9-81B6-47265C2577C5}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F7171A94-5460-477E-8271-9D33F889B8CD}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CAF632ED-D4DE-4D21-9D51-805173B1F06E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AB600AAF-5E91-4E07-8B5E-9792E3A6C67B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
26-07-2019 12:54:52 Scheduled Checkpoint
07-08-2019 10:41:22 Removed 7-Zip 16.04 (x64 edition)
13-08-2019 00:25:05 Windows Update
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/14/2019 10:51:51 AM) (Source: Microsoft Office 15) (EventID: 2000) (User: )
Description: Microsoft Outlook: Accepted Safe Mode action : Outlook no se inició correctamente la última vez. El modo a prueba de errores podría ayudarle a solucionar el problema, pero es posible que algunas características no estén disponibles en dicho modo.
¿Desea iniciar en el modo a prueba de errores?.
Accepted Safe Mode action : Microsoft Outlook.
Error: (08/14/2019 10:46:54 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfParticipantDisplayService
GetDisplayBrightnessFromPowerSettings: Could not inform driver of current brightness value.
Error: (08/14/2019 10:46:54 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfParticipantDisplayService
SetBrightnessSettingInDriver: p_handle is NULL.
Error: (08/14/2019 10:46:54 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfParticipantDisplayService
SetDisplayBrightnessViaPowerSettings: Could not obtain brightness value to set from driver.
Error: (08/14/2019 10:46:54 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfParticipantDisplayService
GetBrightnessSettingFromDriver: p_handle is NULL.
Error: (08/14/2019 10:46:54 AM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfParticipantDisplayService
ConnectToDptfDisplayDriver: SetupDiEnumDeviceInterfaces() failed.
Last error = [0x00000103]
Error: (08/14/2019 09:47:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AUDIODG.EXE, versión: 10.0.17763.557, marca de tiempo: 0xb92cafe4
Nombre del módulo con errores: MaxxAudioAPO4064.dll, versión: 4.5.7.0, marca de tiempo: 0x53f116b2
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000004f108
Identificador del proceso con errores: 0x404c
Hora de inicio de la aplicación con errores: 0x01d5529e0df133c8
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\AUDIODG.EXE
Ruta de acceso del módulo con errores: C:\WINDOWS\system32\MaxxAudioAPO4064.dll
Identificador del informe: bc17bea1-8340-4ed0-9867-7afd629b3245
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (08/14/2019 09:44:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AUDIODG.EXE, versión: 10.0.17763.557, marca de tiempo: 0xb92cafe4
Nombre del módulo con errores: MaxxAudioAPO4064.dll, versión: 4.5.7.0, marca de tiempo: 0x53f116b2
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000004f108
Identificador del proceso con errores: 0x277c
Hora de inicio de la aplicación con errores: 0x01d5529dccace936
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\AUDIODG.EXE
Ruta de acceso del módulo con errores: C:\WINDOWS\system32\MaxxAudioAPO4064.dll
Identificador del informe: f3be0d67-04ef-4177-9152-202a9ca58ae5
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
System errors:
=============
Error: (08/14/2019 10:51:34 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (08/14/2019 10:51:04 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos application-specific no concede el permiso Launch Local para la aplicación de servidor COM con CLSID
Windows.SecurityCenter.SecurityAppBroker
y APPID
Unavailable
al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (Using LRPC) que se ejecuta en el contenedor de aplicaciones con SID Unavailable (Unavailable). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (08/14/2019 10:51:04 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos application-specific no concede el permiso Launch Local para la aplicación de servidor COM con CLSID
Windows.SecurityCenter.WscBrokerManager
y APPID
Unavailable
al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (Using LRPC) que se ejecuta en el contenedor de aplicaciones con SID Unavailable (Unavailable). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (08/14/2019 10:50:53 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-HUGO)
Description: La configuración de permisos application-specific no concede el permiso Activation Local para la aplicación de servidor COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
y APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
al usuario LAPTOP-HUGO\Hugo Bustos con SID (S-1-5-21-1538946994-2881095234-305898846-1005) en la dirección LocalHost (Using LRPC) que se ejecuta en el contenedor de aplicaciones con SID Unavailable (Unavailable). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (08/14/2019 10:48:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio GamesAppIntegrationService no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar el archivo especificado.
Error: (08/14/2019 10:46:13 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: El servicio Malwarebytes Service no se cerró correctamente después de recibir un control de aviso de apagado.
Error: (08/14/2019 10:41:19 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HUGO)
Description: El servidor {DC6EFB56-9CFA-464D-8880-44885D7DC193} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (08/14/2019 10:41:18 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Update Orchestrator Service se cerró con el siguiente error:
Se devolvió esta operación porque se agotó el tiempo de espera.
Windows Defender:
===================================
Date: 2019-03-22 10:04:58.805
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.287.249.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.15700.8
Código de error: 0x8024402c
Descripción del error: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2018-12-13 10:36:24.615
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.263.261.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual:
Versión de motor anterior: 1.1.14600.4
Código de error: 0x80072efd
Descripción del error: A connection with the server could not be established
Date: 2018-12-13 10:36:24.614
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.263.261.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual:
Versión de motor anterior: 1.1.14600.4
Código de error: 0x80072efd
Descripción del error: A connection with the server could not be established
Date: 2018-12-13 10:36:24.613
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.263.261.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual:
Versión de motor anterior: 1.1.14600.4
Código de error: 0x80072efd
Descripción del error: A connection with the server could not be established
Date: 2018-12-13 10:36:21.491
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.263.261.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual:
Versión de motor anterior: 1.1.14600.4
Código de error: 0x80072efd
Descripción del error: A connection with the server could not be established
CodeIntegrity:
===================================
Date: 2019-06-19 17:36:10.029
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-19 17:36:09.965
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-19 17:36:09.820
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-19 17:36:09.761
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-04-20 10:25:10.803
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\klhk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-04-20 10:25:10.748
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\klhk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-03-22 10:03:33.001
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-03-22 10:03:32.886
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. X455LA.202 10/30/2014
Motherboard: ASUSTeK COMPUTER INC. X455LA
Processor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Percentage of memory in use: 88%
Total physical RAM: 3979.39 MB
Available physical RAM: 451.98 MB
Total Virtual: 16267.39 MB
Available Virtual: 7938.1 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:211.71 GB) (Free:68.13 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Recovery) (Fixed) (Total:0.5 GB) (Free:0.18 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Restore) (Fixed) (Total:11.27 GB) (Free:11.23 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: E7C45A0F)
Partition 1: (Not Active) - (Size=511 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=211.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.3 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================Hola
No importa que se haya actualizado, realiza el ultimo paso que te indiqué.
Un saludo
Daniela: Adjunto el contenido del archivo FIXLog. Pruebo la máquina un par de días y te comento.
Saludos
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-08-2019
Ran by Hugo Bustos (15-08-2019 10:06:53) Run:2
Running from C:\Users\Hugo Bustos\Desktop
Loaded Profiles: Hugo Bustos (Available Profiles: Hugo Bustos)
Boot Mode: Safe Mode (minimal)
==============================================
fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\IEExt\ie_plugin.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM - PDF Architect 7 Toolbar - {61E612A7-2382-4570-8D3F-42BC136DDAD7} - C:\Program Files\PDF Architect 7\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\IEExt\ie_plugin.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 - PDF Architect 7 Toolbar - {61E612A7-2382-4570-8D3F-42BC136DDAD7} - C:\Program Files (x86)\PDF Architect 7\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-05-14] (pdfforge GmbH -> pdfforge GmbH)
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
CHR Extension: (Contenido de la Wiki) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfpamepopfjpfpincgclmohmimnaanf [2019-02-19]
CHR Extension: (Chrome Media Router) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-10]
S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [UDP Query User{D7CDAF54-545F-4093-BCB0-BF2DD900CBD8}C:\users\hugo bustos\desktop\ipcamera.exe] => (Allow) C:\users\hugo bustos\desktop\ipcamera.exe () [File not signed]
FirewallRules: [TCP Query User{7F0C3994-82BA-4D14-857D-5E8C8D3D9168}C:\users\hugo bustos\desktop\ipcamera.exe] => (Allow) C:\users\hugo bustos\desktop\ipcamera.exe () [File not signed]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{C500C267-63BF-451F-8797-4D720C9A2ED9}" => removed successfully
HKLM\Software\Classes\CLSID\{C500C267-63BF-451F-8797-4D720C9A2ED9} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{61E612A7-2382-4570-8D3F-42BC136DDAD7}" => removed successfully
HKLM\Software\Classes\CLSID\{61E612A7-2382-4570-8D3F-42BC136DDAD7} => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{C500C267-63BF-451F-8797-4D720C9A2ED9}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C500C267-63BF-451F-8797-4D720C9A2ED9} => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{61E612A7-2382-4570-8D3F-42BC136DDAD7}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{61E612A7-2382-4570-8D3F-42BC136DDAD7} => removed successfully
"HKLM\Software\Mozilla\Firefox\Extensions\\[email protected]" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected]" => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0 => removed successfully
CHR Extension: (Contenido de la Wiki) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfpamepopfjpfpincgclmohmimnaanf [2019-02-19] => Error: No automatic fix found for this entry.
CHR Extension: (Chrome Media Router) - C:\Users\Hugo Bustos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-10] => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\GamesAppIntegrationService => removed successfully
GamesAppIntegrationService => service removed successfully
HKLM\System\CurrentControlSet\Services\GamesAppService => removed successfully
GamesAppService => service removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_B => removed successfully
HKLM\Software\Classes\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7191} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_O => removed successfully
HKLM\Software\Classes\CLSID\{64174815-8D98-4CE6-8646-4C039977D809} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_U => removed successfully
HKLM\Software\Classes\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D7CDAF54-545F-4093-BCB0-BF2DD900CBD8}C:\users\hugo bustos\desktop\ipcamera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7F0C3994-82BA-4D14-857D-5E8C8D3D9168}C:\users\hugo bustos\desktop\ipcamera.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1538946994-2881095234-305898846-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1538946994-2881095234-305898846-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= End of CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
========= End of CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
Unable to connect to BITS - 0x8007043c
========= End of CMD: =========
========= netsh advfirewall reset =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est ejecutando e intenta la solicitud de nuevo.
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est ejecutando e intenta la solicitud de nuevo.
========= End of CMD: =========
========= netsh int ipv4 reset =========
No hay valores configurados por el usuario para restablecer.
========= End of CMD: =========
========= netsh int ipv6 reset =========
No hay valores configurados por el usuario para restablecer.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 572956550 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 24072365 B
Edge => 2420905 B
Chrome => 342120127 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 5438 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Hugo Bustos => 62366873 B
RecycleBin => 38537194 B
EmptyTemp: => 1004 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 10:07:29 ====Hola
De acuerdo, pruebalo tranquilamente y nos comentas que tal va el funcionamiento 
Un saludo
Cuando tengo una aplicación en segundo plano y hago clic en el icono que está en la barra de tareas para abrirla, por uno tiempo aparece la aplicación de la siguiente manera. Con el mensaje (Not Responding) en la parte superior izquierda de la ventana, esto note que me pasa con Excel, Outlook, Word, Acrobat Reader Google Chrome y otros.
Hola
Realiza un análisis con EsetOnline siguiendo el manual
Pon el reporte y comenta como sigue el problema .
Un saludo
Daniela adjunto el informe, pruebo un par de días y te aviso. Gracias. Saludos
21/08/2019 16:52:04 p.m.
Archivos explorados: 578068
Archivos infectados: 22
Amenazas eliminadas: 22
Tiempo total de exploración 06:36:09
Estado de la exploración: Finalizado
C:\Users\Hugo Bustos\Downloads\ccsetup548 (1).exe Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura desinfectado por eliminación
C:\Users\Hugo Bustos\Downloads\ccsetup548.exe Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura desinfectado por eliminación
C:\Users\Hugo Bustos\Downloads\ccsetup549.exe Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura desinfectado por eliminación
C:\Users\Hugo Bustos\Downloads\ccsetup550.exe Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura desinfectado por eliminación
C:\Users\Hugo Bustos\Downloads\ccsetup551.exe Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura desinfectado por eliminación
C:\Users\Hugo Bustos\Downloads\ccsetup552 (1).exe Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura desinfectado por eliminación
C:\Users\Hugo Bustos\Downloads\ccsetup552.exe Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura desinfectado por eliminación
C:\Users\Hugo Bustos\Downloads\ccsetup553.exe Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura desinfectado por eliminación
C:\Users\Hugo Bustos\Downloads\ccsetup554.exe Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura desinfectado por eliminación
C:\Users\Hugo Bustos\Downloads\ccsetup555.exe Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura desinfectado por eliminación
C:\Users\Hugo Bustos\Downloads\ccsetup557.exe Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura desinfectado por eliminación
C:\Users\Hugo Bustos\Downloads\gup5setup (2).exe Win32/UwS.GlaryUtilities.A aplicación desinfectado por eliminación
C:\Users\Hugo Bustos\Downloads\gup5setup (3).exe Win32/UwS.GlaryUtilities.A aplicación desinfectado por eliminación
C:\Users\Hugo Bustos\Downloads\PDFCreator-2_5_3-Setup.exe una variante de Win32/LuluSoftware.A aplicación potencialmente no deseada desinfectado por eliminación
C:\Users\Hugo Bustos\Downloads\PDFCreator-3_1_0-Setup.exe una variante de Win32/LuluSoftware.A aplicación potencialmente no deseada desinfectado por eliminación
C:\Users\Hugo Bustos\Downloads\PDFCreator-3_1_2-Setup.exe una variante de Win32/LuluSoftware.A aplicación potencialmente no deseada desinfectado por eliminación
C:\Users\Hugo Bustos\Downloads\PDFCreator-3_2_0-Setup.exe una variante de Win32/LuluSoftware.A aplicación potencialmente no deseada desinfectado por eliminación
C:\Users\Hugo Bustos\Downloads\PDFCreator-3_2_2-Setup.exe una variante de Win32/LuluSoftware.A aplicación potencialmente no deseada desinfectado por eliminación
C:\Users\Hugo Bustos\Downloads\PhotoScapeSetup_V3.7.exe Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura desinfectado por eliminación
C:\Users\Hugo Bustos\Downloads\Sin confirmar 10811.crdownload Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura desinfectado por eliminación
C:\Users\Hugo Bustos\Downloads\Sin confirmar 255415.crdownload Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura desinfectado por eliminación
C:\Windows\Installer\4ecdaab2.msi una variante de Win32/Bundled.Toolbar.Ask.O aplicación potencialmente no segura eliminado
Hola
De acuerdo, pruébalo tranquilamente y nos comentas como sigue el funcionamiento
Un saludo