Windows 10 Cuenta de usuario duplicada

Hola a todos! A ver si me podeís ayudar, hace unos meses intenté hacer dos ajustes en Windows 10 que provocan un problema. Primero eliminé la contraseña para salir de la “suspensión” con el comando “netpliwz” y luego rehabilité la “Hibernación”, que deshabilité mas tarde al encontrar problemas con el menú de arranque de mi Dell Precision M4500.

El caso es que ahora tengo dos cuentas de usuario con el mismo nombre, y no sé con cual quedarme, a veces se hiberna y aveces no, además muchas veces cuando le ordeno apagar, no se apaga completamente, permanece encendida la luz del interruptor y el ventilador gira rápido, solo se puede salir del trance mediante un apagado forzado, está esquizofrénico tiene dos personalidades. :crazy_face::crazy_face:

El arranque en windows, empieza con una pantalla de “Usuario o contraseña incorrectas intentelo de nuevo”, al pulsar intro sale una pantalla con los dos nombres de USUARIO (el mismo nombre) en la esquina inferior izquierda, solo pulsando el inferior sale, Opciones de Inicio de sesión.

Si no se hace nada, al cabo de un minuto cambia a un solo USUARIO ubicado en el centro de la pantalla,a la espera de contraseña.

El sistema me ofrece la actualización a WIN 10 1903, pero antes me gustaría arreglar este asunto y no complicarlo mas. Gracias de antemano.

Hola @quemao

Veamos si podemos ayudarte:

Realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

3.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

HOLA, ejecuté el Farbar, pero veo que en el reporte hay algunos datos personales, que no deseo pegar. Se puede repetir el Farbar Recovery ó ya ha hecho algún cambio.

Prefiero cambiar de lugar algunos archivos, para no hacerlos públicos, y repetir el scan, en caso contrario os los envío adjuntos, vale? Gracias.

Hola @quemao

Farbar no hace cambios.

Tienes que colocarlos en otra unidad o FRST los verá.

Puedes adjuntar el reporte de acuerdo al Método 4.

Salu2

Resuelto, el reporte tenía algunos documentos con nombre y apellido, gracias. Pego los reportes a continuación:

PRIMERA PARTE de FRST (no cabe entera)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-08-2019
Ran by INDIVIDUO (administrator) on DESKTOP-238QLCF (Dell Inc. Precision M4500) (16-08-2019 11:29:40)
Running from C:\Users\INDIVIDUO\Desktop
Loaded Profiles: INDIVIDUO (Available Profiles: INDIVIDUO)
Platform: Windows 10 Pro Version 1809 17763.678 (X64) Language: Español (España, internacional)
Default browser: "C:\Program Files (x86)\Maxthon5\Maxthon5\Bin\Maxthon.exe" "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ALCPU -> ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\INDIVIDUO\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19071.877.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> ) C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\DSAPI.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\pcdrwi.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.50.38.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.50.38.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(voidtools -> ) C:\Program Files\Everything\Everything.exe
(voidtools -> ) C:\Program Files\Everything\Everything.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2727568 2015-06-29] (NVIDIA Corporation -> )
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [727896 2015-07-09] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2200864 2018-12-15] (voidtools -> )
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3435670526-2855435533-3884531834-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-05-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3435670526-2855435533-3884531834-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-05-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3435670526-2855435533-3884531834-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-05-08] (Apple Inc. -> Apple Inc.)
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-07] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2019-01-17]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WSAppHelper.lnk [2019-01-01]
ShortcutTarget: WSAppHelper.lnk -> C:\Program Files (x86)\Wondershare\drfone\Addins\SocialApps\WSAppHelper.exe (No File)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {070E8041-DE2E-499F-B4CF-593B5E12FE13} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0953D64E-6B41-476C-A3C4-147AAECFBD98} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1512920 2019-05-24] (Dell Inc. -> Dell Inc.)
Task: {39014323-80C1-428C-A178-A95F71AAD6AB} - System32\Tasks\Core Temp Autostart INDIVIDUO => C:\Program Files\Core Temp\Core Temp.exe [1010064 2019-05-18] (ALCPU -> ALCPU)
Task: {490F94A6-47BE-4909-97CE-1578F12C0695} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_Plugin.exe [1457664 2019-03-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {53DA48E2-A084-4953-BB3B-7B8B0D373BBC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-23] (Google Inc -> Google Inc.)
Task: {5E42ED42-B738-4D57-BE9B-92B27CBD3D03} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {608F5C85-0602-4BF1-B8E0-70C66BFE35DE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {77D98BB7-D587-44D3-A9BB-B52C9C80435C} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [11201344 2018-12-23] (IObit Information Technology -> IObit)
Task: {AB67B54C-32E7-4FE1-8428-7E1B09A8C260} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AD3C6285-C04F-45CA-A2B7-5A452B680122} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {B0616677-A521-4456-8451-A3BF43CF46C1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-23] (Google Inc -> Google Inc.)
Task: {EBB5DDA9-F053-4631-BE46-F5C2F44ADDA0} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_pepper.exe [1453056 2019-03-17] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {EECA3DAF-4997-4FAB-9055-E31F03B0E26E} - System32\Tasks\Maxthon5 Update => C:\Program Files (x86)\Maxthon5\Maxthon5\Bin\Maxthon.exe [170776 2019-02-25] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 87.216.1.65 87.216.1.66
Tcpip\..\Interfaces\{a20ab11b-d629-4447-b9ff-e0a3ebd266dc}: [DhcpNameServer] 87.216.1.65 87.216.1.66

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3435670526-2855435533-3884531834-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2018-12-23] (IObit Information Technology -> IObit)

Edge: 
======
DownloadDir: C:\Users\INDIVIDUO\Downloads
Edge Session Restore: HKU\S-1-5-21-3435670526-2855435533-3884531834-1001 -> is enabled.

FireFox:
========
FF DefaultProfile: slgc9ofw.default
FF ProfilePath: C:\Users\INDIVIDUO\AppData\Roaming\Mozilla\Firefox\Profiles\slgc9ofw.default [2019-08-16]
FF Homepage: Mozilla\Firefox\Profiles\slgc9ofw.default -> about:blank
FF Session Restore: Mozilla\Firefox\Profiles\slgc9ofw.default -> is enabled.
FF Extension: (YouTube MP4 Downloader) - C:\Users\INDIVIDUO\AppData\Roaming\Mozilla\Firefox\Profiles\slgc9ofw.default\Extensions\@youtube-mp4-downloader.xpi [2019-06-11]
FF Extension: (Convert4K.com YouTube Converter) - C:\Users\INDIVIDUO\AppData\Roaming\Mozilla\Firefox\Profiles\slgc9ofw.default\Extensions\[email protected] [2019-05-03]
FF Extension: (Enhancer for YouTube™) - C:\Users\INDIVIDUO\AppData\Roaming\Mozilla\Firefox\Profiles\slgc9ofw.default\Extensions\[email protected] [2019-07-11]
FF Extension: (Youtube to MP3 Plugin) - C:\Users\INDIVIDUO\AppData\Roaming\Mozilla\Firefox\Profiles\slgc9ofw.default\Extensions\[email protected] [2018-12-22]
FF Extension: (Proxtube) - C:\Users\INDIVIDUO\AppData\Roaming\Mozilla\Firefox\Profiles\slgc9ofw.default\Extensions\[email protected] [2019-05-23]
FF Extension: (Simple YouTube to MP3/MP4 Converter) - C:\Users\INDIVIDUO\AppData\Roaming\Mozilla\Firefox\Profiles\slgc9ofw.default\Extensions\[email protected] [2019-03-25]
FF Extension: (YouTube™ Flash® Player) - C:\Users\INDIVIDUO\AppData\Roaming\Mozilla\Firefox\Profiles\slgc9ofw.default\Extensions\[email protected] [2018-12-22]
FF Extension: (Touch VPN) - C:\Users\INDIVIDUO\AppData\Roaming\Mozilla\Firefox\Profiles\slgc9ofw.default\Extensions\[email protected] [2019-06-09]
FF Extension: (uBlock Origin) - C:\Users\INDIVIDUO\AppData\Roaming\Mozilla\Firefox\Profiles\slgc9ofw.default\Extensions\[email protected] [2019-07-27]
FF Extension: (Amber Fade) - C:\Users\INDIVIDUO\AppData\Roaming\Mozilla\Firefox\Profiles\slgc9ofw.default\Extensions\{2dc97828-2fc7-47b4-aecb-8a2fcfd315ec}.xpi [2019-05-13]
FF Extension: (Persona two) - C:\Users\INDIVIDUO\AppData\Roaming\Mozilla\Firefox\Profiles\slgc9ofw.default\Extensions\{38b73813-b5c0-439e-8ddb-d7fadaff09f2}.xpi [2019-05-13]
FF Extension: (Watercolour) - C:\Users\INDIVIDUO\AppData\Roaming\Mozilla\Firefox\Profiles\slgc9ofw.default\Extensions\{445cee47-74bd-492f-a1f0-39628e4bd024}.xpi [2019-05-13]
FF Extension: (YouTube to MP4 Downloader) - C:\Users\INDIVIDUO\AppData\Roaming\Mozilla\Firefox\Profiles\slgc9ofw.default\Extensions\{7812d563-e8e1-48ba-982d-e4245bb78bfb}.xpi [2019-03-25]
FF Extension: (Green summer) - C:\Users\INDIVIDUO\AppData\Roaming\Mozilla\Firefox\Profiles\slgc9ofw.default\Extensions\{812a16d8-c2f5-49d9-b7f3-a8a8d89d470a}.xpi [2019-05-13]
FF Extension: (Linen Light) - C:\Users\INDIVIDUO\AppData\Roaming\Mozilla\Firefox\Profiles\slgc9ofw.default\Extensions\{98871723-2d0d-4af2-bfc8-ffe7b25abb37}.xpi [2019-05-13]
FF Extension: (50s creamy ivory) - C:\Users\INDIVIDUO\AppData\Roaming\Mozilla\Firefox\Profiles\slgc9ofw.default\Extensions\{c63f00d2-c090-4008-8df9-09ed18cef845}.xpi [2019-05-13]
FF Extension: (Autumn 2010) - C:\Users\INDIVIDUO\AppData\Roaming\Mozilla\Firefox\Profiles\slgc9ofw.default\Extensions\{e1183fe9-b097-4af6-8ba6-1c8781df347b}.xpi [2019-05-13]
FF Extension: (Yellow to Yellow) - C:\Users\INDIVIDUO\AppData\Roaming\Mozilla\Firefox\Profiles\slgc9ofw.default\Extensions\{f3625ec1-42fc-4183-bcab-8a5ab6b0bae5}.xpi [2019-05-13]
FF Extension: (YouTube Flash Video Player) - C:\Users\INDIVIDUO\AppData\Roaming\Mozilla\Firefox\Profiles\slgc9ofw.default\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2018-12-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-24] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-24] (Adobe Systems Incorporated -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-29] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-29] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\INDIVIDUO\AppData\Local\Google\Chrome\User Data\Default [2019-03-01]
CHR Extension: (Presentaciones) - C:\Users\INDIVIDUO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-23]
CHR Extension: (Documentos) - C:\Users\INDIVIDUO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-23]
CHR Extension: (Google Drive) - C:\Users\INDIVIDUO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-23]
CHR Extension: (YouTube) - C:\Users\INDIVIDUO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-23]
CHR Extension: (Hojas de cálculo) - C:\Users\INDIVIDUO\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-23]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\INDIVIDUO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-23]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\INDIVIDUO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-23]
CHR Extension: (Gmail) - C:\Users\INDIVIDUO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-12-23]
CHR Extension: (Chrome Media Router) - C:\Users\INDIVIDUO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-23]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2015-07-09] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2019-02-28] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3363824 2019-02-28] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2019-02-28] (Dell Inc -> Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\DSAPI.exe [1050952 2019-06-13] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Everything; C:\Program Files\Everything\Everything.exe [2200864 2018-12-15] (voidtools -> )
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2018-12-23] (IObit Information Technology -> IObit)
S2 MxService; C:\Program Files (x86)\Maxthon5\Maxthon5\Bin\MxService.exe [176928 2019-02-25] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2692296 2015-06-29] (NVIDIA Corporation -> )
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5356848 2019-08-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39896 2019-05-24] (Dell Inc. -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ALSysIO; C:\Users\INDIVIDUO\AppData\Local\Temp\ALSysIO64.sys [47240 2019-08-16] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [40824 2019-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2019-01-01] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [47496 2019-07-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [344288 2019-07-26] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54496 2019-07-26] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-16 11:29 - 2019-08-16 11:30 - 000022971 _____ C:\Users\INDIVIDUO\Desktop\FRST.txt
2019-08-16 11:19 - 2019-08-16 11:28 - 000000000 ____D C:\Users\INDIVIDUO\Documents\PDF VARIOS
2019-08-15 23:51 - 2019-08-16 11:29 - 000000000 ____D C:\FRST
2019-08-15 11:13 - 2019-08-15 11:13 - 001612800 _____ (Farbar) C:\Users\INDIVIDUO\Desktop\FRST64.exe
2019-08-14 14:03 - 2019-08-14 14:03 - 011724288 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-08-14 14:03 - 2019-08-14 14:03 - 009941504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-08-14 14:03 - 2019-08-14 14:03 - 003614720 _____ (Microsoft Corporation) C:\Windows\system32\tellib.dll
2019-08-14 14:03 - 2019-08-14 14:03 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-08-14 14:03 - 2019-08-14 14:03 - 002323688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-08-14 14:03 - 2019-08-14 14:03 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2019-08-14 14:03 - 2019-08-14 14:03 - 000501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2019-08-14 14:03 - 2019-08-14 14:03 - 000317240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssecflt.sys
2019-08-14 14:03 - 2019-08-14 14:03 - 000092832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2019-08-14 14:02 - 2019-08-14 14:02 - 026808320 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 023453696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 020816896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 019011584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 012939776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 012244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 008900608 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 007921664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 007871488 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 006544552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 006441472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 006308016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 006065152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 005764608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 005587968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 005086208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 004628992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 004344832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 003818632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2019-08-14 14:02 - 2019-08-14 14:02 - 003656704 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 002942976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 002778760 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 002765312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 002346496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 002298880 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 002278792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 002177336 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 002096128 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-08-14 14:02 - 2019-08-14 14:02 - 002017792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-08-14 14:02 - 2019-08-14 14:02 - 001711104 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 001668752 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 001506304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 001485312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 001477432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 001465984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 001290752 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 001280000 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 001278808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2019-08-14 14:02 - 2019-08-14 14:02 - 001257472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 001224704 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 001222160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 001221528 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2019-08-14 14:02 - 2019-08-14 14:02 - 000993792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000956416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000882688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2019-08-14 14:02 - 2019-08-14 14:02 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000806024 _____ (Microsoft Corporation) C:\Windows\system32\BioIso.exe
2019-08-14 14:02 - 2019-08-14 14:02 - 000791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000791040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000783184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000763392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000730112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FlightSettings.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000684032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000669184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000658944 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000532992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-08-14 14:02 - 2019-08-14 14:02 - 000522104 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2019-08-14 14:02 - 2019-08-14 14:02 - 000495104 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000440320 _____ (Microsoft Corporation) C:\Windows\system32\P2PGraph.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000425984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000398848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000360960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2PGraph.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000356352 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000349184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2019-08-14 14:02 - 2019-08-14 14:02 - 000345600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingDiagSpp.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000297984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Diagnostics.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000264704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Lights.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShellCommonCommonProxyStub.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000242176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000228352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.SystemManagement.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-08-14 14:02 - 2019-08-14 14:02 - 000219136 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2019-08-14 14:02 - 2019-08-14 14:02 - 000205824 _____ (Microsoft Corporation) C:\Windows\system32\p2pnetsh.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2019-08-14 14:02 - 2019-08-14 14:02 - 000180736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2019-08-14 14:02 - 2019-08-14 14:02 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000177664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\p2pnetsh.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000173568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000173216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2019-08-14 14:02 - 2019-08-14 14:02 - 000165888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ComposableShellProxyStub.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000152576 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSoftwareInstallationClient.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2019-08-14 14:02 - 2019-08-14 14:02 - 000144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000114128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rmclient.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvsetup.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\Groupinghc.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000058882 _____ C:\Windows\system32\srms.dat
2019-08-14 14:02 - 2019-08-14 14:02 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hmkd.dll
2019-08-14 14:02 - 2019-08-14 14:02 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shunimpl.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 022114960 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 009682744 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 007884288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 007687784 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 006925312 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 005570968 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 004737536 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 004351656 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 004056576 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 003978240 _____ (Microsoft Corporation) C:\Windows\system32\bootux.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 003635200 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-08-14 14:01 - 2019-08-14 14:01 - 003567104 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 003385856 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 003363856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-08-14 14:01 - 2019-08-14 14:01 - 003335224 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 003333632 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 002999808 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 002926096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-08-14 14:01 - 2019-08-14 14:01 - 002842112 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 002767160 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 002706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-08-14 14:01 - 2019-08-14 14:01 - 002700792 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 002593544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 002438576 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 002421760 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-08-14 14:01 - 2019-08-14 14:01 - 002189312 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 002073232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 002022096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 001966904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2019-08-14 14:01 - 2019-08-14 14:01 - 001892864 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 001733120 _____ (Microsoft Corporation) C:\Windows\system32\CoreShell.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 001715712 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 001715000 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 001701880 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-08-14 14:01 - 2019-08-14 14:01 - 001674752 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 001662264 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 001641400 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 001605632 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 001483872 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 001479184 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 001472568 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 001466880 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 001391096 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 001344960 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-08-14 14:01 - 2019-08-14 14:01 - 001321784 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 001294488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 001267712 _____ (Microsoft Corporation) C:\Windows\system32\APMon.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 001260560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2019-08-14 14:01 - 2019-08-14 14:01 - 001205248 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 001182240 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 001180464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 001171968 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 001160704 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 001098272 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 001057792 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 001054712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 001038336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 001020416 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 001008640 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 001004544 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000980992 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000927232 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000900096 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000895792 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000889344 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000888832 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000869888 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000864568 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 000853504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000850976 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000833024 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000831288 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-08-14 14:01 - 2019-08-14 14:01 - 000799784 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000794040 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000788480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000771072 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000764416 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000758688 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 000743224 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000732168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-08-14 14:01 - 2019-08-14 14:01 - 000684544 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000680184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000678680 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 000664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000649528 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000622080 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000616960 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000603280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000586256 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000580024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000574464 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 000553784 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000535056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-08-14 14:01 - 2019-08-14 14:01 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\ShellCommonCommonProxyStub.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000523776 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000519168 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000515440 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000508968 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 000482104 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000449576 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000447488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2019-08-14 14:01 - 2019-08-14 14:01 - 000444728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 000398928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000396088 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000394240 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000387832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000385536 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000383504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-08-14 14:01 - 2019-08-14 14:01 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Lights.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000375752 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 000371200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Diagnostics.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000363520 _____ (Microsoft Corporation) C:\Windows\system32\LicensingDiagSpp.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000349696 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000346624 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.SystemManagement.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000317952 _____ (Microsoft Corporation) C:\Windows\system32\ComposableShellProxyStub.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000305664 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000294512 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000281600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000278624 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 000270848 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicCapsule.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000254976 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000253256 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 000230848 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountTokenProvider.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000212792 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 000203064 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000201528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-08-14 14:01 - 2019-08-14 14:01 - 000200504 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_SIUF.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000193536 _____ (Microsoft Corporation) C:\Windows\system32\Win32CompatibilityAppraiserCSP.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000193040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 000189712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000178176 _____ (Microsoft Corporation) C:\Windows\system32\appsruprov.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000152408 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000152080 _____ (Microsoft Corporation) C:\Windows\system32\rmclient.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000141736 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000121656 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000120832 _____ (Microsoft Corporation) C:\Windows\system32\updatecsp.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000118480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2019-08-14 14:01 - 2019-08-14 14:01 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\drvsetup.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\CoreShellExtFramework.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000104248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bindflt.sys
2019-08-14 14:01 - 2019-08-14 14:01 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\DiskSnapshot.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 000080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 000071168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2019-08-14 14:01 - 2019-08-14 14:01 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\hmkd.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\UsoClient.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\WindowsUpdateElevatedInstaller.exe
2019-08-14 14:01 - 2019-08-14 14:01 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\kdcpw.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\shunimpl.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-08-14 14:01 - 2019-08-14 14:01 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-08-14 14:01 - 2019-08-14 14:01 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-08-14 14:01 - 2019-08-14 14:01 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-08-14 14:01 - 2019-08-14 14:01 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-08-14 14:01 - 2019-08-14 14:01 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-08-14 14:01 - 2019-08-14 14:01 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-08-14 14:01 - 2019-08-14 14:01 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-08-14 14:01 - 2019-08-14 14:01 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-08-14 14:00 - 2019-08-14 14:00 - 002031104 _____ C:\Windows\system32\rdpnano.dll
2019-08-14 14:00 - 2019-08-14 14:00 - 001253688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-08-14 14:00 - 2019-08-14 14:00 - 001232384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-08-14 14:00 - 2019-08-14 14:00 - 001048376 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-08-14 14:00 - 2019-08-14 14:00 - 000652088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-08-14 14:00 - 2019-08-14 14:00 - 000310072 _____ (Microsoft Corporation) C:\Windows\system32\computestorage.dll
2019-08-14 14:00 - 2019-08-14 14:00 - 000248120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2019-08-14 14:00 - 2019-08-14 14:00 - 000134968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys
2019-08-14 14:00 - 2019-08-14 14:00 - 000125016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2019-08-14 14:00 - 2019-08-14 14:00 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pmem.sys
2019-08-14 14:00 - 2019-08-14 14:00 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2019-08-14 14:00 - 2019-08-14 14:00 - 000087056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhvr.sys
2019-08-14 14:00 - 2019-08-14 14:00 - 000032784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys
2019-08-14 14:00 - 2019-08-14 14:00 - 000032568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\uefi.sys
2019-08-11 09:44 - 2019-08-14 14:57 - 000309376 _____ C:\Windows\system32\FNTCACHE.DAT
2019-08-10 20:08 - 2019-08-10 20:08 - 000338315 _____ C:\Users\INDIVIDUO\Downloads\4742.pdf
2019-08-10 20:06 - 2019-08-10 20:06 - 000071423 _____ C:\Users\INDIVIDUO\Downloads\057.pdf
2019-08-09 20:50 - 2019-08-09 20:50 - 000050751 _____ C:\Users\INDIVIDUO\AppData\Local\recently-used.xbel
2019-08-06 23:52 - 2019-08-06 23:52 - 000003388 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3435670526-2855435533-3884531834-1001
2019-08-06 23:52 - 2019-08-06 23:52 - 000002413 _____ C:\Users\INDIVIDUO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-08-04 15:20 - 2019-08-04 15:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2019-07-31 18:07 - 2019-07-31 18:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2019-07-19 23:45 - 2019-07-20 10:48 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-19 21:58 - 2016-05-15 08:00 - 881776640 _____ C:\Users\INDIVIDUO\Desktop\VTS_12_1.VOB

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-16 11:14 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-16 11:07 - 2018-12-23 01:57 - 000000000 ____D C:\Users\INDIVIDUO\AppData\Roaming\Everything
2019-08-16 10:58 - 2019-01-25 01:18 - 000000000 ____D C:\Users\INDIVIDUO\Downloads\videos ytb
2019-08-16 10:54 - 2019-01-06 17:38 - 000000000 ____D C:\Users\INDIVIDUO\Downloads\DA- MP 2019
2019-08-16 10:48 - 2018-12-23 16:59 - 000000000 ____D C:\Users\INDIVIDUO\Desktop\Textos copiar
2019-08-16 10:11 - 2018-12-22 20:16 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-08-16 09:43 - 2019-01-01 01:58 - 000000000 ___RD C:\Users\INDIVIDUO\iCloudDrive
2019-08-16 09:42 - 2018-12-22 23:14 - 000000000 ____D C:\Users\INDIVIDUO\AppData\LocalLow\Mozilla
2019-08-16 09:42 - 2018-12-22 20:45 - 001684176 _____ C:\Windows\system32\PerfStringBackup.INI
2019-08-16 09:42 - 2018-09-15 18:37 - 000753564 _____ C:\Windows\system32\perfh00A.dat
2019-08-16 09:42 - 2018-09-15 18:37 - 000148108 _____ C:\Windows\system32\perfc00A.dat
2019-08-16 09:42 - 2018-09-15 09:31 - 000000000 ____D C:\Windows\INF
2019-08-16 09:38 - 2018-12-23 13:36 - 000000000 ____D C:\ProgramData\ProductData
2019-08-16 09:37 - 2018-12-22 21:05 - 000000000 ____D C:\ProgramData\NVIDIA
2019-08-16 09:37 - 2018-12-22 20:16 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-08-16 01:08 - 2018-09-15 08:09 - 000524288 _____ C:\Windows\system32\config\BBI
2019-08-16 01:07 - 2018-12-23 14:29 - 000000000 ____D C:\Users\INDIVIDUO\AppData\Local\Everything
2019-08-15 16:30 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-15 16:30 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\AppReadiness
2019-08-15 00:54 - 2019-02-26 21:47 - 000000000 ____D C:\Users\INDIVIDUO\AppData\Roaming\foobar2000
2019-08-15 00:32 - 2018-12-23 13:22 - 000000000 ____D C:\Users\INDIVIDUO\Downloads\programas descargados y heredados
2019-08-14 15:04 - 2018-12-22 20:51 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-14 15:04 - 2018-12-22 20:51 - 000000000 ___RD C:\Users\INDIVIDUO\3D Objects
2019-08-14 14:54 - 2018-09-15 18:40 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-08-14 14:54 - 2018-09-15 09:33 - 000000000 ___SD C:\Windows\system32\UNP
2019-08-14 14:54 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\SysWOW64\oobe
2019-08-14 14:54 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\oobe
2019-08-14 14:54 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\Provisioning
2019-08-14 14:54 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-08-14 14:54 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\bcastdvr
2019-08-14 14:15 - 2018-12-22 22:54 - 000000000 ____D C:\Windows\system32\MRT
2019-08-14 14:10 - 2018-12-22 22:54 - 134272480 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-08-14 14:09 - 2018-09-15 09:23 - 000000000 ____D C:\Windows\CbsTemp
2019-08-11 09:44 - 2018-12-22 20:11 - 000000000 ____D C:\Windows\Panther
2019-08-10 00:32 - 2018-12-23 11:56 - 000000000 ____D C:\Users\INDIVIDUO\AppData\Roaming\Audacity
2019-08-09 20:51 - 2019-02-25 18:52 - 000000000 ____D C:\Users\INDIVIDUO\AppData\Local\babl-0.1
2019-08-09 20:50 - 2019-03-02 18:12 - 000000000 ____D C:\Users\INDIVIDUO\AppData\Local\gtk-2.0
2019-08-07 21:01 - 2018-12-23 12:09 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-06 23:52 - 2018-12-22 20:55 - 000000000 ___RD C:\Users\INDIVIDUO\OneDrive
2019-08-06 13:39 - 2019-04-24 23:24 - 000000000 ____D C:\ProgramData\Foxit Software
2019-08-05 00:34 - 2018-12-22 20:50 - 000000000 ____D C:\Users\INDIVIDUO
2019-08-02 18:01 - 2018-12-23 02:19 - 000000000 ____D C:\Users\INDIVIDUO\.openshot_qt
2019-08-02 16:19 - 2018-12-31 15:27 - 000000000 ____D C:\Users\INDIVIDUO\Documents\Downloads del Toshiba
2019-08-01 21:41 - 2018-12-23 12:16 - 000000000 ___RD C:\Users\INDIVIDUO\Desktop\Enlaces
2019-07-30 23:50 - 2018-12-29 14:21 - 000000000 ____D C:\Users\INDIVIDUO\AppData\Local\ElevatedDiagnostics
2019-07-30 15:47 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\NDF
2019-07-29 08:57 - 2019-03-01 17:08 - 000000000 ____D C:\Users\INDIVIDUO\Documents\PAPELES
2019-07-28 14:32 - 2018-09-15 08:09 - 000000000 ____D C:\Windows\servicing
2019-07-26 12:25 - 2019-01-18 11:12 - 000000000 ____D C:\Windows\Minidump
2019-07-26 10:51 - 2018-12-22 20:17 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-07-20 12:37 - 2019-02-25 10:51 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-20 12:37 - 2018-09-15 09:33 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-07-20 10:48 - 2018-12-22 23:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-20 09:51 - 2018-12-22 23:14 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-07-19 21:58 - 2019-04-14 22:30 - 000000000 ____D C:\Users\INDIVIDUO\AppData\Roaming\vlc

==================== Files in the root of some directories ================

2019-02-08 21:19 - 2019-02-08 21:20 - 000004608 _____ () C:\Users\INDIVIDUO\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-08-09 20:50 - 2019-08-09 20:50 - 000050751 _____ () C:\Users\INDIVIDUO\AppData\Local\recently-used.xbel

==================== FLock ================

2019-02-24 15:50 C:\Program Files (x86)\ASUS
2019-02-25 10:33 C:\Program Files (x86)\Kaspersky Lab
2018-12-22 20:43 C:\Windows\CSC

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-08-2019
Ran by INDIVIDUO (16-08-2019 11:31:36)
Running from C:\Users\INDIVIDUO\Desktop
Windows 10 Pro Version 1809 17763.678 (X64) (2018-12-22 18:42:28)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3435670526-2855435533-3884531834-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3435670526-2855435533-3884531834-503 - Limited - Disabled)
INDIVIDUO (S-1-5-21-3435670526-2855435533-3884531834-1001 - Administrator - Enabled) => C:\Users\INDIVIDUO
Invitado (S-1-5-21-3435670526-2855435533-3884531834-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3435670526-2855435533-3884531834-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
AllDup 4.3.2 (HKLM-x32\...\AllDup_is1) (Version: 4.3.2 - Michael Thummerer Software Design)
Apple Application Support (32 bits) (HKLM-x32\...\{5C028510-A6A1-409A-A2BF-4DCB43B21EF9}) (Version: 7.6 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{5C7D4FCF-80C5-4520-9934-D50532AAC59C}) (Version: 7.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Audacity 1.3.14 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.73.1084 - AB Team, d.o.o.)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
BurnAware Free 12.2 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
Core Temp 1.14 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.14 - ALCPU)
Dell SupportAssist (HKLM\...\{806422F1-FC4E-4D7C-8855-05748AEFC031}) (Version: 3.2.2.119 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1206.101.112 - ALPS ELECTRIC CO., LTD.)
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DVDVob2Mpg 2.0 (HKLM-x32\...\DVDVob2Mpg_is1) (Version: 2.0 - Smart Projects)
Everything 1.4.1.922 (x64) (HKLM\...\Everything) (Version: 1.4.1.922 - David Carpenter)
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version:  - )
FlashPeak Slimjet (HKLM-x32\...\Slimjet) (Version: 23.0.6.0 - FlashPeak Inc.)
foobar2000 v1.4.1 (HKLM-x32\...\foobar2000) (Version: 1.4.1 - Peter Pawlowski)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.6.0.25114 - Foxit Software Inc.)
GIMP 2.10.2 (HKLM\...\GIMP-2_is1) (Version: 2.10.2 - The GIMP Team)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.40.5302 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{2C05E99A-94F0-4F95-B602-CD2D2682D6C3}) (Version: 7.13.0.14 - Apple Inc.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3435670526-2855435533-3884531834-1001\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 68.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 68.0.1 (x64 es-ES)) (Version: 68.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.5.2 - Mozilla)
Mozilla Thunderbird 60.8.0 (x86 es-ES) (HKLM-x32\...\Mozilla Thunderbird 60.8.0 (x86 es-ES)) (Version: 60.8.0 - Mozilla)
Mp3tag v2.91 (HKLM-x32\...\Mp3tag) (Version: 2.91 - Florian Heidenreich)
MX5 (HKLM-x32\...\Maxthon5) (Version: 5.2.6.1000 - Maxthon International Limited)
NVIDIA Controlador de 3D Vision 341.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.74 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 341.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.74 - NVIDIA Corporation)
NVIDIA nView 141.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.36 - NVIDIA Corporation)
NVIDIA WMI 2.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.18.0 - NVIDIA Corporation)
OpenOffice 4.1.6 (HKLM-x32\...\{ABA77258-70D6-4A14-9AB7-3FA087C470DB}) (Version: 4.16.9790 - Apache Software Foundation)
OpenShot Video Editor versión 2.4.4 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.4.4 - OpenShot Studios, LLC)
Panel de control de NVIDIA 341.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 341.74 - NVIDIA Corporation) Hidden
RarZilla Free Unrar (HKLM-x32\...\RarZilla Free Unrar) (Version: 7 - Philipp Winterberg)
Shotcut (HKLM-x32\...\Shotcut) (Version: 19.04.30 - Meltytech, LLC)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)

Packages:
=========
Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-02-25] (Microsoft Corporation)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]
Dell SupportAssist for PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.2.5.0_x64__htrsf667h5kn2 [2019-05-30] (Dell Inc)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x64__rz1tebttyb220 [2019-03-11] (Dolby Laboratories)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa [2019-07-24] (Apple Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-25] (Microsoft Corporation) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-07] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.9.0_x64__nfy108tqq3p12 [2019-02-25] (Thumbmunkeys Ltd) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2019-06-28] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-11-30] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-05-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll [2018-12-23] (IObit Information Technology -> IObit)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-11-30] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-11-30] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll [2018-12-23] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2015-06-29] (NVIDIA Corporation -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-06-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Fast Explorer] -> {693BE9C0-BEC3-11D2-B4C1-C33BBD3AD64B} => C:\ProgramData\AllDup\FEShlExt.dll [2008-08-21] (Alex Yakovlev) [File not signed]
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2019-06-28] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll [2018-12-23] (IObit Information Technology -> IObit)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\INDIVIDUO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\4242a155fcc27c2b\Slimjet.lnk -> C:\Program Files (x86)\Slimjet\slimjet.exe (FlashPeak Inc.) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2019-07-13 16:46 - 2008-08-21 00:08 - 001107520 _____ (Alex Yakovlev) [File not signed] C:\ProgramData\AllDup\FEShlExt.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000542208 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000865280 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll
2018-11-30 16:24 - 2018-11-30 16:24 - 000424448 _____ (Florian Heidenreich) [File not signed] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
2010-08-06 12:15 - 2010-08-06 12:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 12:15 - 2010-08-06 12:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2018-12-22 21:05 - 2015-06-29 21:08 - 001219240 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
2018-12-22 21:05 - 2015-06-29 21:08 - 001406200 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3435670526-2855435533-3884531834-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 87.216.1.65 - 87.216.1.66
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4771B77C-C28B-4C66-A473-BD1A3A413887}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{75D52EB2-491D-4C6E-BF18-9C1E501001BD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{F0B2FD54-6763-43D4-A2ED-C193A5DEFBE0}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe () [File not signed]
FirewallRules: [UDP Query User{770B4846-0AD9-467B-A546-334FDA8713BF}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe () [File not signed]
FirewallRules: [{53496989-A7B8-4F52-93C3-1931D860CC68}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A57325E3-79BF-4012-B7A8-BBA76E5B2AD7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7984AF8F-2626-4CEE-A4D4-7BC2F9207BBC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7DBB6060-6E54-4D43-AD00-6662C74E074A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6B020895-1503-45F5-A43B-E5E5C5C551AD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B2FAA328-0093-4F6A-9121-466CD4DAFA20}] => (Allow) C:\Program Files (x86)\Maxthon5\Maxthon5\Bin\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
FirewallRules: [{2C80BED2-14DE-4E51-BC3C-E80684EA56DB}] => (Allow) C:\Program Files (x86)\Maxthon5\Maxthon5\Bin\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
FirewallRules: [{3EB6047E-BF97-43BF-9BD4-A8BA20C479D0}] => (Allow) C:\Users\INDIVIDUO\AppData\Local\Temp\7zS335E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{AED26DE6-71AD-44FA-A01E-409DFBD51907}] => (Allow) C:\Users\INDIVIDUO\AppData\Local\Temp\7zS335E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{E3B9C502-6C33-4B85-918B-F5176CF293D9}] => (Allow) C:\Users\INDIVIDUO\AppData\Local\Temp\7zS66A3\HPDiagnosticCoreUI.exe No File
FirewallRules: [{0CF1F7FB-98C3-4A55-BAE6-C8EC358B4565}] => (Allow) C:\Users\INDIVIDUO\AppData\Local\Temp\7zS66A3\HPDiagnosticCoreUI.exe No File
FirewallRules: [{8116637D-1488-466A-821E-83FE2337DFBF}] => (Allow) C:\Users\INDIVIDUO\AppData\Local\Temp\7zS57EE\HPDiagnosticCoreUI.exe No File
FirewallRules: [{FA02C594-852A-43C6-AD85-8B716CD903DB}] => (Allow) C:\Users\INDIVIDUO\AppData\Local\Temp\7zS57EE\HPDiagnosticCoreUI.exe No File
FirewallRules: [{9B0A9D3D-7701-4C92-B2F9-6D29FD14F573}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{02E5BC11-D5EE-4702-8BAE-E69AA6C254EE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{10636746-45CE-4269-92F0-1A0F0F2F5988}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E3696C9D-D39B-482C-8AC2-4B3E9030415A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CEFC3418-E42E-4970-B3AC-8E28151606CA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6FBF9267-E914-4028-A917-F451759DC7F9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4C0F4B6C-BC5B-49CD-AB27-79F687DD80EA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D17B2FA7-D030-43DA-9961-91AA4556B4AB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0D78B226-905D-48ED-A2BD-8C33A5745E8A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

25-07-2019 00:31:38 Punto de control programado
03-08-2019 20:01:34 Punto de control programado
13-08-2019 14:55:12 Punto de control programado

==================== Faulty Device Manager Devices =============

Name: Broadcom USH
Description: Broadcom USH
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/16/2019 12:08:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: DDVRulesProcessor.exe, versión: 5.2.8.103, marca de tiempo: 0x5c7819ad
Nombre del módulo con errores: twoSummaries.dll, versión: 5.2.8.103, marca de tiempo: 0x5c781ac7
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00000000000146f9
Identificador del proceso con errores: 0xcfc
Hora de inicio de la aplicación con errores: 0x01d5534170fef98e
Ruta de acceso de la aplicación con errores: C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
Ruta de acceso del módulo con errores: C:\Program Files\Dell\DellDataVault\twoSummaries.dll
Identificador del informe: 27bfd9dd-16a2-498f-a301-a0731ddbd439
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (08/15/2019 11:48:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Explorer.EXE, versión: 10.0.17763.652, marca de tiempo: 0x06ac741d
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000005eb0fd8
Identificador del proceso con errores: 0x1758
Hora de inicio de la aplicación con errores: 0x01d5534229971bb3
Ruta de acceso de la aplicación con errores: C:\Windows\Explorer.EXE
Ruta de acceso del módulo con errores: unknown
Identificador del informe: d5407df4-a66e-4395-9fb9-29e6f687d35b
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (08/15/2019 10:34:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9547

Error: (08/15/2019 10:34:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9547

Error: (08/15/2019 10:34:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/15/2019 10:34:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7907

Error: (08/15/2019 10:34:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7907

Error: (08/15/2019 10:34:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (08/16/2019 11:06:05 AM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1.

Error: (08/16/2019 09:42:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio LiveUpdate se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (08/16/2019 09:41:57 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 y APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/16/2019 09:41:57 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 y APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/16/2019 09:37:38 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio hpqddsvc se cerró con el siguiente error: 
No se puede encontrar el módulo especificado.

Error: (08/16/2019 12:08:20 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Dell Data Vault Processor se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (08/15/2019 09:24:54 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-238QLCF)
Description: No se puede iniciar un servidor DCOM: DolbyLaboratories.DolbyAccess_2.4.521.0_x64__rz1tebttyb220!App.AppXtzbhf6k67jn9be72jwc3zje4rv3bb4am.mca como No disponible/No disponible. Error 
"0"
al iniciar este comando:
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXfg6d6cpsk8dr59w1g58kzt275tb8m991.mca

Error: (08/15/2019 11:13:14 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-238QLCF)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario DESKTOP-238QLCF\INDIVIDUO con SID (S-1-5-21-3435670526-2855435533-3884531834-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.


Windows Defender:
===================================
Date: 2019-08-15 18:58:28.917
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {19EED48F-9105-41D0-B49F-072558E18864}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-08-15 16:28:20.306
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {609735B3-7A19-4391-8BE9-91F7948D7FFA}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-08-14 11:52:38.256
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {7D0FCE7C-E85F-4AEB-A0F0-E4887FAE2109}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-08-14 00:57:14.680
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {C65917A2-0D6E-47BD-A59A-64A863A0C101}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-08-10 13:15:34.943
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {B3E8DF99-3505-41CD-83BC-6A890363E643}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-07-18 10:51:41.343
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.297.1248.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16100.4
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2019-07-11 12:20:23.794
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.297.830.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16100.4
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

CodeIntegrity:
===================================

Date: 2019-08-16 11:31:44.732
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2019-08-16 11:31:44.730
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2019-08-16 11:26:19.138
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2019-08-16 11:26:19.134
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2019-08-16 11:25:11.479
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2019-08-16 11:25:11.477
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2019-08-16 11:22:43.622
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-08-16 11:22:43.619
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

BIOS: Dell Inc. A16 05/12/2017
Motherboard: Dell Inc. 0RRH3K
Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 64%
Total physical RAM: 4021.37 MB
Available physical RAM: 1444.04 MB
Total Virtual: 9909.37 MB
Available Virtual: 6006.12 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:245.34 GB) (Free:71.3 GB) NTFS
Drive e: (Nuevo vol) (Fixed) (Total:364.97 GB) (Free:3.22 GB) NTFS
Drive f: (Nuevo vol) (Fixed) (Total:158.5 GB) (Free:4.98 GB) NTFS
Drive k: (Nuevo vol) (Fixed) (Total:162.11 GB) (Free:161.47 GB) NTFS

\\?\Volume{779c85a3-4726-490d-a09d-624e4a4c5873}\ (Recuperación) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{cdb0400d-a2d5-4983-aed4-408bc5855069}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9429B609)

Partition: GPT.

==================== End of Addition.txt ============================

Hola @quemao

Mientras analizo los reportes FRST solo ve una cuenta con nombre:

Administrador (S-1-5-21-3435670526-2855435533-3884531834-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3435670526-2855435533-3884531834-503 - Limited - Disabled)
INDIVIDUO (S-1-5-21-3435670526-2855435533-3884531834-1001 - Administrator - Enabled) => C:\Users\INDIVIDUO
Invitado (S-1-5-21-3435670526-2855435533-3884531834-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3435670526-2855435533-3884531834-504 - Limited - Disabled)

Que es la cuenta Individuo con derechos de Administrador.

Donde ves tu las dos cuentas?

Puedes tomar imagenes?

Salu2

La única cuenta debe ser INDIVIDUO, te mando la secuencia de imagenes del relato. Salu2

Cita

El arranque en windows, empieza con una pantalla de “Usuario o contraseña incorrectas intentelo de nuevo”, al pulsar intro sale una pantalla con los dos nombres de USUARIO (el mismo nombre) en la esquina inferior izquierda, solo pulsando el inferior sale, Opciones de Inicio de sesión.

Si no se hace nada, al cabo de un minuto cambia a un solo USUARIO ubicado en el centro de la pantalla,a la espera de contraseña.

Cita

Hola @quemao

Desinstala con Revo Uninstaller en su Modo Avanzado:


Luego realizas lo siguiente:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Desactiva Temporalmente tu antivirus.

3.- Abre un nuevo archivo Notepad y copia y pega este contenido:


Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]
Task: {39014323-80C1-428C-A178-A95F71AAD6AB} - System32\Tasks\Core Temp Autostart INDIVIDUO => C:\Program Files\Core Temp\Core Temp.exe [1010064 2019-05-18] (ALCPU -> ALCPU)
SearchScopes: HKU\S-1-5-21-3435670526-2855435533-3884531834-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2018-12-23] (IObit Information Technology -> IObit)
R3 ALSysIO; C:\Users\INDIVIDUO\AppData\Local\Temp\ALSysIO64.sys [47240 2019-08-16] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
2019-08-16 09:38 - 2018-12-23 13:36 - 000000000 ____D C:\ProgramData\ProductData
FirewallRules: [{3EB6047E-BF97-43BF-9BD4-A8BA20C479D0}] => (Allow) C:\Users\INDIVIDUO\AppData\Local\Temp\7zS335E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{AED26DE6-71AD-44FA-A01E-409DFBD51907}] => (Allow) C:\Users\INDIVIDUO\AppData\Local\Temp\7zS335E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{E3B9C502-6C33-4B85-918B-F5176CF293D9}] => (Allow) C:\Users\INDIVIDUO\AppData\Local\Temp\7zS66A3\HPDiagnosticCoreUI.exe No File
FirewallRules: [{0CF1F7FB-98C3-4A55-BAE6-C8EC358B4565}] => (Allow) C:\Users\INDIVIDUO\AppData\Local\Temp\7zS66A3\HPDiagnosticCoreUI.exe No File
FirewallRules: [{8116637D-1488-466A-821E-83FE2337DFBF}] => (Allow) C:\Users\INDIVIDUO\AppData\Local\Temp\7zS57EE\HPDiagnosticCoreUI.exe No File
FirewallRules: [{FA02C594-852A-43C6-AD85-8B716CD903DB}] => (Allow) C:\Users\INDIVIDUO\AppData\Local\Temp\7zS57EE\HPDiagnosticCoreUI.exe No File
Unlock: C:\Program Files (x86)\Kaspersky Lab
C:\Program Files (x86)\Kaspersky Lab

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Nos comentas .

Salu2.

El note pad crea un archivo (.rtf) lo he cambiado a (.txt) Pero parece que falla algo, pego el log

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-08-2019
Ran by INDIVIDUO (18-08-2019 22:41:45) Run:1
Running from C:\Users\INDIVIDUO\Desktop
Loaded Profiles: INDIVIDUO (Available Profiles: INDIVIDUO)
Boot Mode: Normal
==============================================

fixlist content:
*****************
{\rtf1\fbidis\ansi\ansicpg1252\deff0\nouicompat\deflang3082{\fonttbl{\f0\fnil Segoe UI;}}
{\colortbl ;\red0\green0\blue0;}
{\*\generator Riched20 10.0.17763}\viewkind4\uc1 
\pard\tx720\cf1\f0\fs38\lang1033 Start\par
CloseProcesses:\par
CreateRestorePoint:\par
HKLM-x32\\...\\Run: [] => [X]\par
HKLM\\...\\Drivers32: [VIDC.FFDS] => C:\\Windows\\SysWOW64\\ff_vfw.dll [112640 2014-07-17] () [File not signed]\par
Task: \{39014323-80C1-428C-A178-A95F71AAD6AB\} - System32\\Tasks\\Core Temp Autostart INDIVIDUO => C:\\Program Files\\Core Temp\\Core Temp.exe [1010064 2019-05-18] (ALCPU -> ALCPU)\par
SearchScopes: HKU\\S-1-5-21-3435670526-2855435533-3884531834-1001 -> DefaultScope \{0633EE93-D776-472f-A0FF-E1416B8B2E3A\} URL = \par
BHO: ExplorerWnd Helper -> \{10921475-03CE-4E04-90CE-E2E7EF20C814\} -> C:\\Program Files (x86)\\IObit\\IObit Uninstaller\\UninstallExplorer64.dll [2018-12-23] (IObit Information Technology -> IObit)\par
R3 ALSysIO; C:\\Users\\INDIVIDUO\\AppData\\Local\\Temp\\ALSysIO64.sys [47240 2019-08-16] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION\par
2019-08-16 09:38 - 2018-12-23 13:36 - 000000000 ____D C:\\ProgramData\\ProductData\par
FirewallRules: [\{3EB6047E-BF97-43BF-9BD4-A8BA20C479D0\}] => (Allow) C:\\Users\\INDIVIDUO\\AppData\\Local\\Temp\\7zS335E\\HPDiagnosticCoreUI.exe No File\par
FirewallRules: [\{AED26DE6-71AD-44FA-A01E-409DFBD51907\}] => (Allow) C:\\Users\\INDIVIDUO\\AppData\\Local\\Temp\\7zS335E\\HPDiagnosticCoreUI.exe No File\par
FirewallRules: [\{E3B9C502-6C33-4B85-918B-F5176CF293D9\}] => (Allow) C:\\Users\\INDIVIDUO\\AppData\\Local\\Temp\\7zS66A3\\HPDiagnosticCoreUI.exe No File\par
FirewallRules: [\{0CF1F7FB-98C3-4A55-BAE6-C8EC358B4565\}] => (Allow) C:\\Users\\INDIVIDUO\\AppData\\Local\\Temp\\7zS66A3\\HPDiagnosticCoreUI.exe No File\par
FirewallRules: [\{8116637D-1488-466A-821E-83FE2337DFBF\}] => (Allow) C:\\Users\\INDIVIDUO\\AppData\\Local\\Temp\\7zS57EE\\HPDiagnosticCoreUI.exe No File\par
FirewallRules: [\{FA02C594-852A-43C6-AD85-8B716CD903DB\}] => (Allow) C:\\Users\\INDIVIDUO\\AppData\\Local\\Temp\\7zS57EE\\HPDiagnosticCoreUI.exe No File\par
Unlock: C:\\Program Files (x86)\\Kaspersky Lab\par
C:\\Program Files (x86)\\Kaspersky Lab\par
\par
CMD: ipconfig /flushdns\par
CMD: ipconfig /renew\par
CMD: bitsadmin /reset /allusers\par
CMD: netsh winsock reset\par
CMD: netsh advfirewall reset\par
CMD: netsh advfirewall set allprofiles state ON\par
CMD: netsh int ipv4 reset\par
CMD: netsh int ipv6 reset\par
RemoveProxy:\par
EmptyTemp:\par
Hosts:\par
END\par
}
 
*****************

{\rtf1\fbidis\ansi\ansicpg1252\deff0\nouicompat\deflang3082{\fonttbl{\f0\fnil Segoe UI;}}
{\colortbl ;\red0\green0\blue0;}
{\*\generator Riched20 10.0.17763}\viewkind4\uc1 
\pard\tx720\cf1\f0\fs38\lang1033 Start\par
CloseProcesses:\par
CreateRestorePoint:\par
HKLM-x32\\...\\Run: [] => [X]\par
HKLM\\...\\Drivers32: [VIDC.FFDS] => C:\\Windows\\SysWOW64\\ff_vfw.dll [112640 2014-07-17] () [File not signed]\par
Task: \{39014323-80C1-428C-A178-A95F71AAD6AB\} - System32\\Tasks\\Core Temp Autostart INDIVIDUO => C:\\Program Files\\Core Temp\\Core Temp.exe [1010064 2019-05-18] (ALCPU -> ALCPU)\par
SearchScopes: HKU\\S-1-5-21-3435670526-2855435533-3884531834-1001 -> DefaultScope \{0633EE93-D776-472f-A0FF-E1416B8B2E3A\} URL = \par
BHO: ExplorerWnd Helper -> \{10921475-03CE-4E04-90CE-E2E7EF20C814\} -> C:\\Program Files (x86)\\IObit\\IObit Uninstaller\\UninstallExplorer64.dll [2018-12-23] (IObit Information Technology -> IObit)\par
R3 ALSysIO; C:\\Users\\INDIVIDUO\\AppData\\Local\\Temp\\ALSysIO64.sys [47240 2019-08-16] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION\par
2019-08-16 09:38 - 2018-12-23 13:36 - 000000000 ____D C:\\ProgramData\\ProductData\par
FirewallRules: [\{3EB6047E-BF97-43BF-9BD4-A8BA20C479D0\}] => (Allow) C:\\Users\\INDIVIDUO\\AppData\\Local\\Temp\\7zS335E\\HPDiagnosticCoreUI.exe No File\par
FirewallRules: [\{AED26DE6-71AD-44FA-A01E-409DFBD51907\}] => (Allow) C:\\Users\\INDIVIDUO\\AppData\\Local\\Temp\\7zS335E\\HPDiagnosticCoreUI.exe No File\par
FirewallRules: [\{E3B9C502-6C33-4B85-918B-F5176CF293D9\}] => (Allow) C:\\Users\\INDIVIDUO\\AppData\\Local\\Temp\\7zS66A3\\HPDiagnosticCoreUI.exe No File\par
FirewallRules: [\{0CF1F7FB-98C3-4A55-BAE6-C8EC358B4565\}] => (Allow) C:\\Users\\INDIVIDUO\\AppData\\Local\\Temp\\7zS66A3\\HPDiagnosticCoreUI.exe No File\par
FirewallRules: [\{8116637D-1488-466A-821E-83FE2337DFBF\}] => (Allow) C:\\Users\\INDIVIDUO\\AppData\\Local\\Temp\\7zS57EE\\HPDiagnosticCoreUI.exe No File\par
FirewallRules: [\{FA02C594-852A-43C6-AD85-8B716CD903DB\}] => (Allow) C:\\Users\\INDIVIDUO\\AppData\\Local\\Temp\\7zS57EE\\HPDiagnosticCoreUI.exe No File\par
Unlock: C:\\Program Files (x86)\\Kaspersky Lab\par
C:\\Program Files (x86)\\Kaspersky Lab\par
\par
CMD: ipconfig /flushdns\par
CMD: ipconfig /renew\par
CMD: bitsadmin /reset /allusers\par
CMD: netsh winsock reset\par
CMD: netsh advfirewall reset\par
CMD: netsh advfirewall set allprofiles state ON\par
CMD: netsh int ipv4 reset\par
CMD: netsh int ipv6 reset\par
RemoveProxy:\par
EmptyTemp:\par
Hosts:\par
END\par
}
  = >   E r r o r :   N o   a u t o m a t i c   f i x   f o u n d   f o r   t h i s   e n t r y . 
 
 
==== End of Fixlog 22:41:45 ====

Hola @quemao

Extraño, no se ejecuto correctamente ya que algo esta mal en todas las entradas se agrega la palabra par que no esta en el Fix que te deje.

Te adjunto el Fixlist al final del tema, lo descargas a tu escritorio donde esta FRST, y sigues los pasos anteriores.

fixlist.txt (2,1 KB)

Salu2

Hola SanMar, creo que sé lo que provocó ese extraño funcionamiento: resulta que no asocié el nombre " notepad" a lo que para mí era “bloc de notas”, busqué en google y descargué Notepad for WINDOWS 10 que genera un documento de texto rtf. Solo comentar que la versión de IObit Uninstaller que utilizaba era anterior a esas que empezaron a venir “acompañadas”, para mi, era correcta. Este ordenador va bien, pero de origen trabaja con bastante temperatura, Core Temp me ayudaba a supervisar, me puedes aconsejar otro silmilar, porfavor. Gracias

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-08-2019
Ran by INDIVIDUO (19-08-2019 09:08:07) Run:2
Running from C:\Users\INDIVIDUO\Desktop
Loaded Profiles: INDIVIDUO (Available Profiles: INDIVIDUO)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]
Task: {39014323-80C1-428C-A178-A95F71AAD6AB} - System32\Tasks\Core Temp Autostart INDIVIDUO => C:\Program Files\Core Temp\Core Temp.exe [1010064 2019-05-18] (ALCPU -> ALCPU)
SearchScopes: HKU\S-1-5-21-3435670526-2855435533-3884531834-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2018-12-23] (IObit Information Technology -> IObit)
R3 ALSysIO; C:\Users\INDIVIDUO\AppData\Local\Temp\ALSysIO64.sys [47240 2019-08-16] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
2019-08-16 09:38 - 2018-12-23 13:36 - 000000000 ____D C:\ProgramData\ProductData
FirewallRules: [{3EB6047E-BF97-43BF-9BD4-A8BA20C479D0}] => (Allow) C:\Users\INDIVIDUO\AppData\Local\Temp\7zS335E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{AED26DE6-71AD-44FA-A01E-409DFBD51907}] => (Allow) C:\Users\INDIVIDUO\AppData\Local\Temp\7zS335E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{E3B9C502-6C33-4B85-918B-F5176CF293D9}] => (Allow) C:\Users\INDIVIDUO\AppData\Local\Temp\7zS66A3\HPDiagnosticCoreUI.exe No File
FirewallRules: [{0CF1F7FB-98C3-4A55-BAE6-C8EC358B4565}] => (Allow) C:\Users\INDIVIDUO\AppData\Local\Temp\7zS66A3\HPDiagnosticCoreUI.exe No File
FirewallRules: [{8116637D-1488-466A-821E-83FE2337DFBF}] => (Allow) C:\Users\INDIVIDUO\AppData\Local\Temp\7zS57EE\HPDiagnosticCoreUI.exe No File
FirewallRules: [{FA02C594-852A-43C6-AD85-8B716CD903DB}] => (Allow) C:\Users\INDIVIDUO\AppData\Local\Temp\7zS57EE\HPDiagnosticCoreUI.exe No File
Unlock: C:\Program Files (x86)\Kaspersky Lab
C:\Program Files (x86)\Kaspersky Lab

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.FFDS" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{39014323-80C1-428C-A178-A95F71AAD6AB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39014323-80C1-428C-A178-A95F71AAD6AB}" => removed successfully
C:\Windows\System32\Tasks\Core Temp Autostart INDIVIDUO => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Core Temp Autostart INDIVIDUO" => removed successfully
"HKU\S-1-5-21-3435670526-2855435533-3884531834-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} => removed successfully
HKLM\Software\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814} => removed successfully
ALSysIO => service not found.
C:\ProgramData\ProductData => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3EB6047E-BF97-43BF-9BD4-A8BA20C479D0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AED26DE6-71AD-44FA-A01E-409DFBD51907}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E3B9C502-6C33-4B85-918B-F5176CF293D9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0CF1F7FB-98C3-4A55-BAE6-C8EC358B4565}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8116637D-1488-466A-821E-83FE2337DFBF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FA02C594-852A-43C6-AD85-8B716CD903DB}" => removed successfully
"C:\Program Files (x86)\Kaspersky Lab" => was unlocked
C:\Program Files (x86)\Kaspersky Lab => moved successfully

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 2 mientras los medios
est‚n desconectados.

Adaptador de Ethernet Ethernet:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 1:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Wi-Fi:

   Sufijo DNS espec¡fico para la conexi¢n. . : Home
   V¡nculo: direcci¢n IPv6 local. . . : fe80::b961:105e:3982:2fe7%14
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.129
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to cancel {B026A7B5-535F-4818-8C02-F139FB26ADB0}.
0 out of 1 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3435670526-2855435533-3884531834-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3435670526-2855435533-3884531834-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 62370203 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 410107 B
Edge => 121998899 B
Chrome => 150996 B
Firefox => 1095383135 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 663154 B
NetworkService => 0 B
INDIVIDUO => 60093232 B

RecycleBin => 74773555 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:18:04 ====

Por cierto después del reinicio,sigo con los dos nombres de USUARIO.

Hola y con permiso.

Este problema ocurre cuando se crean dos cuentas en la instalación de Windows, o luego de algunas actualizaciones del sistema.

Una cuenta es la de Usuario Administrador y la otra es una cuenta de Usuario Local, aunque se llamen igual.

La Solución es eliminar la Cuenta Local.

El problema es que a veces, tenemos todo cargado y registrado en la cuenta Local y no en la de Administrador. En este caso, Si eliminamos la cuenta Local, el sistema arrancara, pero no nos mostrara nada, porque todo estaba bajo esta cuenta. Hay que verificar eso primero.

En el cuadro de búsqueda pega el siguiente comando: netplwiz y dale aceptar

Se abrirá un cuadro donde te va a mostrar las cuentas que tenes creadas.

Hace una captura de pantalla y pegala en Tu próxima respuesta.

Saludos

Hola Leosolari, gracias por intervenir supongo que SanMar estará de acuerdo, cuatro ojos ven más que dos :eyes::eyes: :smile: Yo suponía algo como eso que dices, pero no quería hacer algún desastre, por esta razón entré a consultar por aquí. La captura:

Hola

Ahora presiona la pestaña OPCIONES AVANZADAS y en la columna izquierda pichas en USUARIOS En la columna del centro, se verán los usuarios que tenes habilitados.

Haces una nueva captura de pantalla de todo esto y subis la imagen …