Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30.01.2019
Ran by diego (03-02-2019 02:55:08)
Running from C:\Users\diego\Downloads
Windows 10 Pro Version 1803 17134.523 (X64) (2019-01-15 14:44:19)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-554391025-2556448295-3555311632-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-554391025-2556448295-3555311632-503 - Limited - Disabled)
diego (S-1-5-21-554391025-2556448295-3555311632-1001 - Administrator - Enabled) => C:\Users\diego
Invitado (S-1-5-21-554391025-2556448295-3555311632-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-554391025-2556448295-3555311632-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 4.3.0 - philandro Software GmbH)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-554391025-2556448295-3555311632-1001\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
SmartPSS 2.02.1 (HKLM-x32\...\SmartPSS) (Version: 2.02.1 - )
StockBase POS 2033 (HKLM-x32\...\{09526104-8C9D-4338-A761-0AAFBADE3BBE}) (Version: 2033.797 - EGA Futura) Hidden
StockBase POS 2033 (HKLM-x32\...\StockBase POS 2033) (Version: 2033.797 - EGA Futura)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.9025 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2017 (HKLM-x32\...\{3CC29C1A-B5FE-457B-1234-32A2557A92C7}}_is1) (Version: - winmoviemaker)
Windows Movie Maker 2019 (HKLM\...\{9CC29C6A-B5FE-497B-8F23-52A2557A92C0}}_is1) (Version: - VideoWin)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Zoiper5 (HKLM-x32\...\Zoiper5) (Version: 5.2 - Securax LTD)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a9535cd18c90bc3\igfxDTCM.dll [2018-11-19] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1B886A16-C2F3-4489-8AF7-93E5D89EF72D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-15] (Google Inc.)
Task: {3D044328-7A70-470B-B983-CB94ABDB53B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-24] (Microsoft Corporation)
Task: {45D271B6-9BCC-4690-9D59-FEBAA4F00CFB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-24] (Microsoft Corporation)
Task: {5CFDF82D-1392-41EB-BB89-24DEE83EA66C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-12-10] (Piriform Ltd)
Task: {695EAF11-CC8D-4CD3-A6BA-A9424917929E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-15] (Google Inc.)
Task: {83FA3B0E-0CF8-4421-8C5A-ED596C0464E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-24] (Microsoft Corporation)
Task: {AFC478D6-8EAA-48A6-AA26-0A12EF58CA6D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-24] (Microsoft Corporation)
Task: {D9A4264A-E7E0-4B26-8B00-0544FCC8B1AC} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {DA164328-A2D0-47AC-B53D-2CF0392F5A43} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-12-10] (Piriform Software Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Chrome Apps & Extensions Developer Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ohmmkhmmmpcnpikjeljgnaoabkaalbgc
==================== Loaded Modules (Whitelisted) ==============
2019-01-15 12:29 - 2019-01-15 12:21 - 002126120 _____ () C:\Program Files (x86)\AnyDesk\AnyDesk.exe
2018-04-11 20:34 - 2018-04-11 20:34 - 000491744 ____N () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 000472064 ____N () C:\Windows\ShellExperiences\TileControl.dll
2019-01-15 22:06 - 2018-11-08 23:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-15 22:06 - 2019-01-01 03:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-01-29 19:18 - 2019-01-29 19:21 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2019-01-29 19:18 - 2019-01-29 19:21 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2019-01-15 12:37 - 2019-01-15 12:37 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2019-01-15 12:13 - 2018-12-12 02:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2019-01-15 12:13 - 2018-12-12 02:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2018-11-19 19:57 - 2018-11-19 19:57 - 000142440 _____ () C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a9535cd18c90bc3\igdinfo64.dll
2019-01-23 15:13 - 2019-01-23 15:14 - 028012544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-01-23 15:13 - 2019-01-23 15:13 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-04-12 13:31 - 2018-04-12 13:31 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2019-01-15 12:17 - 2019-01-15 12:18 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-23 15:13 - 2019-01-23 15:13 - 006187520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-01-23 15:13 - 2019-01-23 15:13 - 009388544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 021983232 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\SmartPSS.exe
2018-06-19 04:33 - 2018-06-19 04:33 - 000110592 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\DSMessageNotify.exe
2018-06-19 03:13 - 2018-06-19 03:13 - 000225280 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\PC-NVR\PC-NVR.exe
2018-06-19 03:13 - 2018-06-19 03:13 - 011988992 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\PC-NVR\Challenge.exe
2019-01-31 19:49 - 2019-01-31 19:57 - 000481280 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-01-31 19:49 - 2019-01-31 19:57 - 080636416 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2019-01-15 12:23 - 2019-01-15 12:35 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-01-16 04:16 - 2019-01-16 04:17 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2019-01-31 19:49 - 2019-01-31 19:53 - 003824640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2019-01-31 19:49 - 2019-01-31 19:58 - 014225408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2019-01-31 19:49 - 2019-01-31 19:53 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2019-01-15 12:23 - 2019-01-15 12:35 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2019-01-15 12:23 - 2019-01-15 12:35 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-15 12:23 - 2019-01-15 12:23 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-01-29 19:18 - 2019-01-29 19:18 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2019-01-30 10:22 - 2019-01-30 10:23 - 000282624 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2019-01-15 12:24 - 2019-01-15 12:25 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-18 06:47 - 2019-01-18 06:48 - 025375744 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
2019-01-18 06:47 - 2019-01-18 06:48 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-04-12 13:31 - 2018-04-12 13:31 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2019-01-15 12:17 - 2019-01-15 12:18 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-18 06:47 - 2019-01-18 06:47 - 006187520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-02-03 00:36 - 2018-11-21 11:07 - 002842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2019-02-03 00:36 - 2018-11-15 11:01 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-12-10 07:09 - 2018-12-10 07:09 - 000103560 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000196608 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\RTPDll.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000134144 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\MCL_FPTZ.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000364544 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\SPSSComponent.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 009121848 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\dhnetsdk.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 001097728 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\DSGui.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000512000 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\StreamParsermd.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000282624 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\StreamConvertormd.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000393216 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\VAXPlayer.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000143360 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\IvsDrawer.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 001269760 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\NetApp.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000262144 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\Common.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 001286144 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\SPSSModel.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 001060864 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\SPSSLogic.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000017920 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\SPSSSecurity.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000487424 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\P2PDll.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000090112 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\CardReader.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000815104 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\UICommonModule.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000139264 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\H264Parser.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000573440 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\Inframd.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000090112 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\HevcParser.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000012800 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\VTCDll.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000011776 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\VTSDll.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000352256 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\StreamPackagemd.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000950272 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\VTCStack.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000872448 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\VTSStack.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 001622016 _____ () c:\program files (x86)\smart professional surveillance system\smartpss\dhplay.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 002527288 _____ () c:\program files (x86)\smart professional surveillance system\smartpss\avnetsdk.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000839680 _____ () c:\program files (x86)\smart professional surveillance system\smartpss\StreamSvr.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000589824 _____ () c:\program files (x86)\smart professional surveillance system\smartpss\NetFramework.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000294912 _____ () c:\program files (x86)\smart professional surveillance system\smartpss\Stream.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 001163264 _____ () c:\program files (x86)\smart professional surveillance system\smartpss\Infra.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000208896 _____ () c:\program files (x86)\smart professional surveillance system\smartpss\json.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000200704 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\DeviceFunctionLogical.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000540672 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\AlarmHostUI.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 002154496 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\AttendanceUI.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000073728 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\Adaptor.dll
2018-11-19 19:57 - 2018-11-19 19:57 - 000120576 _____ () C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a9535cd18c90bc3\igdinfo32.dll
2018-06-19 03:13 - 2018-06-19 03:13 - 000634957 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\PC-NVR\dhplay.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-01-15 11:39 - 2019-01-15 11:37 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-554391025-2556448295-3555311632-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-554391025-2556448295-3555311632-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8EC6AC73-0E26-4188-8AF1-3ED47C9861A3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [TCP Query User{22571058-4F1E-494D-A767-53F918278EAA}C:\users\diego\downloads\anydesk.exe] => (Allow) C:\users\diego\downloads\anydesk.exe ()
FirewallRules: [UDP Query User{A4BA470B-A887-45DC-9A5A-6D5A4DD1D924}C:\users\diego\downloads\anydesk.exe] => (Allow) C:\users\diego\downloads\anydesk.exe ()
FirewallRules: [TCP Query User{FDF363A9-B830-44E1-AA0B-20A737F48526}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe ()
FirewallRules: [UDP Query User{F0F6ABA0-A520-4CAE-B861-4979AC1BCCEE}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe ()
FirewallRules: [TCP Query User{B8FB99F3-6DDB-41B7-B15B-CB29B2C6C6D1}C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe ()
FirewallRules: [UDP Query User{1FF8AC79-F613-48C8-92AB-B224135ADAB0}C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe ()
FirewallRules: [{FECE5874-B34C-4D3D-9C4F-F9F5E8E78EAD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{BB0F33CF-94E7-4140-91A9-A20A90BBEC3C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [TCP Query User{032871F5-5B60-4BBF-8DC3-E486DCCFD5C8}C:\program files (x86)\zoiper5\zoiper5.exe] => (Allow) C:\program files (x86)\zoiper5\zoiper5.exe ()
FirewallRules: [UDP Query User{7A91784E-6335-44E4-8FE6-5141268C06EB}C:\program files (x86)\zoiper5\zoiper5.exe] => (Allow) C:\program files (x86)\zoiper5\zoiper5.exe ()
FirewallRules: [{D854C099-9562-466E-B767-741A941F5FD0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{A359D3BD-FE6C-411B-95D2-559BADD1C3BC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{7C86BC51-7FB6-494E-A733-18916298FC3A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{35CD4B2E-4B33-4A88-A649-7594EEB96F73}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{E8050099-BC33-460B-BACD-E00A417FEC53}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
FirewallRules: [{08A40C1A-B6D4-4FA8-95CB-98A96975405C}] => (Allow) LPort=2869
FirewallRules: [{06F778BB-96D2-4C7E-9C5D-130B33FC8176}] => (Allow) LPort=1900
FirewallRules: [{416DBACD-F6B9-4EA0-8831-2E5684A9EE29}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe ()
FirewallRules: [{2A40D5CF-8DDD-488D-AF47-BFA90CF587BE}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe ()
FirewallRules: [{C676C66F-DFAA-4D03-9BF9-6E9C20ACD70C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe ()
FirewallRules: [{2FCDC1A9-5510-4D10-AD11-AED2A739D009}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe ()
FirewallRules: [{D47BE2AF-1970-47B7-804A-93395AE56A5F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe ()
FirewallRules: [{BFFD0447-8208-402A-8F45-79F31C5CEC97}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe ()
==================== Restore Points =========================
02-02-2019 16:57:43 Punto de control programado
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/02/2019 03:24:12 AM) (Source: MsiInstaller) (EventID: 10005) (User: DESKTOP-HDS6QDP)
Description: Product: Microsoft Office Outlook Connector -- The Microsoft Outlook Hotmail Connector requires Microsoft Office Outlook 2003, Microsoft Office Outlook 2007 or Microsoft Outlook 2010.
Error: (02/02/2019 03:23:29 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido.
.
Operación:
Ejecutando operación asincrónica
Contexto:
Estado actual: DoSnapshotSet
Error: (01/21/2019 07:42:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: POS.exe, versión: 19.0.1.0, marca de tiempo: 0x5bdf5cdc
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.471, marca de tiempo: 0xfe852bc4
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00044ae7
Identificador del proceso con errores: 0x27f4
Hora de inicio de la aplicación con errores: 0x01d4b1da64f02dca
Ruta de acceso de la aplicación con errores: C:\StockBase_POS_2033.797\Win\POS.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: cc751500-25ca-4544-9c7d-43f0fff972ce
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (01/21/2019 07:41:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: POS.exe, versión: 19.0.1.0, marca de tiempo: 0x5bdf5cdc
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.471, marca de tiempo: 0xfe852bc4
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00044ae7
Identificador del proceso con errores: 0x1ec4
Hora de inicio de la aplicación con errores: 0x01d4b1da66ccf436
Ruta de acceso de la aplicación con errores: C:\StockBase_POS_2033.797\Win\POS.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: bc6e5373-3bbf-4a0b-bf0f-f25e0825753f
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (01/17/2019 06:26:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: POS.exe, versión: 19.0.1.0, marca de tiempo: 0x5bdf5cdc
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.471, marca de tiempo: 0xfe852bc4
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00044ae7
Identificador del proceso con errores: 0x1e64
Hora de inicio de la aplicación con errores: 0x01d4aeaabbd6600c
Ruta de acceso de la aplicación con errores: C:\StockBase_POS_2033.797\Win\POS.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: 441b4022-eb87-45f6-a540-1df8939d8610
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (01/17/2019 05:24:08 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Producto: Update for Windows 10 for x64-based Systems (KB4023057) -- A later version of Update for Windows 10 for x64-based Systems (KB4023057) is already installed. Setup will now exit.
Error: (01/16/2019 09:42:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: POS.exe, versión: 19.0.1.0, marca de tiempo: 0x5bdf5cdc
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.471, marca de tiempo: 0xfe852bc4
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00044ae7
Identificador del proceso con errores: 0x20
Hora de inicio de la aplicación con errores: 0x01d4adfd2200efbd
Ruta de acceso de la aplicación con errores: C:\StockBase_POS_2033.797\Win\POS.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: 92a4fc48-0da7-476f-8a62-0fae331c09b2
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (01/16/2019 04:22:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: POS.exe, versión: 19.0.1.0, marca de tiempo: 0x5bdf5cdc
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.471, marca de tiempo: 0xfe852bc4
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0004446a
Identificador del proceso con errores: 0x1fec
Hora de inicio de la aplicación con errores: 0x01d4adcf4e9d9363
Ruta de acceso de la aplicación con errores: C:\StockBase_POS_2033.797\Win\POS.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: 6118db88-1d5d-4bff-8279-4291cc47f1df
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
System errors:
=============
Error: (02/03/2019 12:25:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID
Windows.SecurityCenter.WscDataProtection
y APPID
No disponible
al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (02/03/2019 12:24:21 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-HDS6QDP)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
y APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
al usuario DESKTOP-HDS6QDP\diego con SID (S-1-5-21-554391025-2556448295-3555311632-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (02/03/2019 12:21:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio Hacer clic y ejecutar de Microsoft Office terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.
Error: (02/03/2019 12:21:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Content Protection HECI Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (02/03/2019 12:21:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Remediation Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.
Error: (02/03/2019 12:21:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) HD Graphics Control Panel Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (02/03/2019 12:21:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Content Protection HDCP Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (02/03/2019 12:01:20 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-HDS6QDP)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
y APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
al usuario DESKTOP-HDS6QDP\diego con SID (S-1-5-21-554391025-2556448295-3555311632-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Windows Defender:
===================================
Date: 2019-01-29 15:42:14.718
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Unwaders.C!ml&threatid=242874&enterprise=0
Nombre: Program:Win32/Unwaders.C!ml
Id.: 242874
Gravedad: Grave
Categoría: Software potencialmente no deseado
Ruta de acceso: file:_C:\Users\diego\Downloads\Ingles\descargar_gratis_curso_completo_de_ingles_bbc_engl.exe.rename; webfile:_C:\Users\diego\Downloads\Ingles\descargar_gratis_curso_completo_de_ingles_bbc_engl.exe.rename|http://static.134.1.203.116.clients.your-server.de/find/da7bb882277833dfd729e8175bbeb1a6/result-573980629.dl?source=direct&return_url=http{44F6950C-46A1-47A7-AC6D-9829DAF08351}A4.18.1901.7F4.18.1901.7Fwww.getgosoft.com4.18.1901.7Fgetgodm4.18.1901.7Fthankyou|pid:8832,ProcessStart:131930057646294309
Origen de detección: Internet
Tipo de detección: FastPath
Fuente de detección: Descargas y datos adjuntos
Usuario: DESKTOP-HDS6QDP\diego
Nombre de proceso: Unknown
Versión de firma: AV: 1.285.417.0, AS: 1.285.417.0, NIS: 1.285.417.0
Versión de motor: AM: 1.1.15600.4, NIS: 1.1.15600.4
Date: 2019-01-23 18:48:26.870
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {47A2C486-8C8F-49A1-8BD2-B38C9610FBDB}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-01-23 17:48:17.950
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {280F738B-39B8-4DE5-BBE3-07588E34FFFC}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-01-21 10:27:35.570
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {EF60BCE0-6B4B-42F6-9A79-FC50DFD52E01}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-01-21 09:21:53.272
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {DBA42451-1C75-4993-B035-D37B94A19C1F}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU G4560 @ 3.50GHz
Percentage of memory in use: 61%
Total physical RAM: 4009.43 MB
Available physical RAM: 1531.43 MB
Total Virtual: 5865.43 MB
Available Virtual: 2494.91 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.55 GB) (Free:769.13 GB) NTFS
\\?\Volume{ddc65ad1-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{ddc65ad1-0000-0000-0000-80c2e8000000}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: DDC65AD1)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=483 MB) - (Type=27)
==================== End of Addition.txt ============================