Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019 Ran by Maria (17-03-2019 18:51:50) Running from F:\ Windows 10 Pro Version 1803 17134.648 (X64) (2019-02-04 01:13:35) Boot Mode: Safe Mode (minimal) ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-3971969143-4250845758-3799483950-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3971969143-4250845758-3799483950-503 - Limited - Disabled) Invitado (S-1-5-21-3971969143-4250845758-3799483950-501 - Limited - Disabled) Maria (S-1-5-21-3971969143-4250845758-3799483950-1001 - Administrator - Enabled) => C:\Users\Maria WDAGUtilityAccount (S-1-5-21-3971969143-4250845758-3799483950-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3971969143-4250845758-3799483950-1001\...\uTorrent) (Version: 3.5.5.45095 - BitTorrent Inc.) Actualización de NVIDIA 35.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 35.0.0.0 - NVIDIA Corporation) Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated) Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22617 - Microsoft Corporation) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bitvise SSH Client - FlowSshNet (x64) (HKLM\...\{2730C146-B589-4D08-87F4-FBDDBE8FF7DC}) (Version: 8.23.0.0 - Bitvise Limited) Hidden Bitvise SSH Client - FlowSshNet (x86) (HKLM-x32\...\{6D57165C-5254-42B3-8C8F-27CA180F06F1}) (Version: 8.23.0.0 - Bitvise Limited) Hidden Bitvise SSH Client 8.23 (remove only) (HKLM-x32\...\BvSshClient) (Version: 8.23 - Bitvise Limited) BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.73.1084 - AB Team, d.o.o.) CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform) Dark Souls II Scholar Of The First Sin version 1.0.2.0 (HKLM-x32\...\Dark Souls II Scholar Of The First Sin_is1) (Version: 1.0.2.0 - Mr DJ) Destiny 2 (HKLM-x32\...\Destiny 2) (Version: - Blizzard Entertainment) Diablo II (HKLM-x32\...\Diablo II) (Version: - ) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.35 - NVIDIA Corporation) Hidden Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Epic Games Launcher (HKLM-x32\...\{9B504F12-DA3B-4CEC-A6FD-B07D6C1FEA26}) (Version: 1.1.167.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden FileZilla Client 3.41.1 (HKLM-x32\...\FileZilla Client) (Version: 3.41.1 - Tim Kosse) Git version 2.18.0 (HKLM\...\Git_is1) (Version: 2.18.0 - The Git Development Community) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - ) Java 8 Update 191 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180191F0}) (Version: 8.0.1910.12 - Oracle Corporation) JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes) Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3971969143-4250845758-3799483950-1001\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3971969143-4250845758-3799483950-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.32.3 - Microsoft Corporation) MySQL Workbench 8.0 CE (HKLM\...\{000FC0A3-2BDE-4025-B2D6-DE49E976E045}) (Version: 8.0.15 - Oracle Corporation) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.13 - NVIDIA Corporation) Hidden NVIDIA Controlador de 3D Vision 419.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 419.35 - NVIDIA Corporation) NVIDIA Controlador de audio HD 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation) NVIDIA Controlador de gráficos 419.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 419.35 - NVIDIA Corporation) NVIDIA Controlador de la controladora 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation) NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) Oracle VM VirtualBox 5.2.22 (HKLM\...\{85307853-1C18-4D00-AA0B-B561502BD7C0}) (Version: 5.2.22 - Oracle Corporation) Origin (HKLM-x32\...\Origin) (Version: 10.5.35.22222 - Electronic Arts, Inc.) Panel de control de NVIDIA 419.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.35 - NVIDIA Corporation) Hidden Prezi Desktop (HKLM-x32\...\{38CB535D-6D16-4546-840B-507640120B96}) (Version: 6.12.1.0 - Prezi) Hidden Prezi Desktop (HKLM-x32\...\{b2c1866d-4df0-43b9-bf09-f126fac08e1c}) (Version: 6.12.1.0 - Prezi) Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden SimCity versión 10.1.0.0 (HKLM-x32\...\SimCity_is1) (Version: 10.1.0.0 - Maxis) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Sublime Text Build 3176 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd) TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.3399 - TeamViewer) Total War WARHAMMER II Curse of the Vampire Coast (HKLM-x32\...\Total War WARHAMMER II Curse of the Vampire Coast_is1) (Version: - ) Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{EC4F72E8-52FE-454E-B70F-DBE5C0FA44C5}) (Version: 1.20.0.0 - Microsoft Corporation) Hidden UsbFix Anti-Malware Premium (HKLM-x32\...\Usbfix) (Version: 11.0.1.1 - SOSVirus (SOSVirus.Net)) VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN) WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH) ZeroTier One (HKLM-x32\...\{855E8629-580C-4BDF-8B59-B9290C7E7BA5}) (Version: 1.2.12 - ZeroTier, Inc.) Hidden ZeroTier One (HKLM-x32\...\ZeroTier One 1.2.12) (Version: 1.2.12 - ZeroTier, Inc.) ZeroTier One Virtual Network Port (HKLM\...\{4AFE4740-C680-40FE-B6B0-0C15EB0176F1}) (Version: 1.0.0 - ZeroTier) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3971969143-4250845758-3799483950-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00DC8C4D-E901-421F-81E5-27AA0EDD788E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {05F3F26B-E7D1-4532-B8E1-BE8F6EDEC431} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation) Task: {21024C1D-DB1F-49B1-B884-9B6100E2DD27} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {2F723CF2-9EFA-41C7-A1B6-ADCB6E7927E5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation) Task: {3DB46213-D887-49D3-B45E-8C9789BC8C71} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {4F3DE4EA-A01E-48E2-95E8-F2B561CF9979} - System32\Tasks\Update Manager => C:\Users\Maria\AppData\Roaming\Metal.Gear.Solid.V.The.Phantom.Pain-ALI213\Upgrade.exe Task: {5517A0D6-18E6-41AE-9074-283F6FE5B95C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {56D6E908-07B3-470E-894D-660B3DE3C375} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {5805375E-3246-404D-A268-29EA31F4860D} - System32\Tasks\VDrive => C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\steampch\db.vbe () [File not signed] <==== ATTENTION Task: {5D2B9DD2-0D17-49F5-BA98-A445B57D813A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {5E426386-A814-4DE3-9ABF-ADE68755050F} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {711B526A-1196-41C2-AC76-C90E697DEDA5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {7F5D709A-E775-4C8C-A872-F70597D7F903} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {8550A409-23B0-47B0-BF6B-76D6AE1B70BF} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures Task: {884F52D1-9043-442A-AEE9-5F575508FEA8} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {8E1D963F-3E0B-4DD9-9317-13948280C9A8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation) Task: {A8F140C6-ACC6-46DD-8EF5-51161B3916B6} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {C9A1D620-A4B7-4FB4-A54E-EB18B0C7F128} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {CA9D7F63-0D47-42FB-8DB1-EC9416F8E2A1} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {CE3289D4-A409-4764-8E8A-F039A38B1FCA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {D29495E9-697C-4E79-80E0-70445D507953} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {DAE596A3-4C71-47A5-BC8B-EAF8890899A6} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {DED32144-9E5C-4C57-8233-7115A78F5317} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {FB7575D2-976D-47CD-B1ED-23E79B9BD6D6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\AllCast Receiver.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hjbljnpdahefgnopeohlaeohgkiidnoe ShortcutWithArgument: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl ==================== Loaded Modules (Whitelisted) ============== ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Maria\AppData\Local\Temp:$DATA​ [16] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [482] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2018-12-11 15:22 - 2018-12-11 15:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Git\cmd;C:\Program Files (x86)\Bitvise SSH Client;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\ZeroTier\One\ HKU\S-1-5-21-3971969143-4250845758-3799483950-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: Media is not connected to internet. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-3971969143-4250845758-3799483950-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-3971969143-4250845758-3799483950-1001\...\StartupApproved\Run: => "Steam" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{914E139B-DAAD-453C-843E-7F0F5919E97D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{6C281AED-E68D-4126-8260-9DE8B26F299E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [UDP Query User{B720008B-58E2-48F1-9C3B-B62481E46634}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [TCP Query User{B13F25EF-D4E9-45EF-90EC-393AD4E4CCD7}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{0631FE24-A7D4-45D0-AE6A-EE99996E67D2}C:\windows\system32\ftp.exe] => (Allow) C:\windows\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [TCP Query User{18AF37A5-4B50-4B2F-B4D6-681A8D821B0A}C:\windows\system32\ftp.exe] => (Allow) C:\windows\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{7BF92824-16BC-4C55-85DF-DD0A03E72478}] => (Allow) LPort=5558 FirewallRules: [{BB84C83E-4F3F-48F9-BC42-598DBCFB309F}] => (Allow) LPort=5556 FirewallRules: [{13DE43C3-C24A-40AF-98F9-EDBAF9F9AC7D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) FirewallRules: [{CBDB0936-DB88-4A7D-8E9B-D13BFC0F12AF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) FirewallRules: [UDP Query User{3A8E5C6C-6330-4D3F-9780-0EE3D4D75FB8}C:\program files\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_191\bin\javaw.exe FirewallRules: [TCP Query User{425C0286-D6C8-4924-9BC7-44BA7A2CCBAA}C:\program files\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_191\bin\javaw.exe FirewallRules: [UDP Query User{53A9E430-4397-44A8-9976-DBEBA7D86336}C:\program files\epic games\subnautica\subnautica.exe] => (Allow) C:\program files\epic games\subnautica\subnautica.exe () [File not signed] FirewallRules: [TCP Query User{EFB2324A-9B35-4FE2-A3A3-21C6D553D79E}C:\program files\epic games\subnautica\subnautica.exe] => (Allow) C:\program files\epic games\subnautica\subnautica.exe () [File not signed] FirewallRules: [UDP Query User{598FA08D-7267-42B6-BE4E-57894AC21A10}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{77469CC6-5FE7-4A10-87B2-61E9B1338ABC}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{FFC9360F-F0BF-47C9-B950-B27314F1FCCF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{83DA244D-05A5-4AD5-BE02-F8B8629E051D}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{68833BE2-909E-49EC-A100-2BA83E19EC72}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{8607AFA9-8F4F-4BBB-8657-4B0DEF54E33E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{07323A85-7A3B-40BD-B001-927B1B12AF75}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{3F4435C9-C8C9-485C-AE3A-A29C5D4CDE8E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [UDP Query User{51488E61-750A-427F-BB2C-902FAB7B6AA4}D:\games\total war warhammer ii curse of the vampire coast\warhammer2.exe] => (Allow) D:\games\total war warhammer ii curse of the vampire coast\warhammer2.exe (Valve -> The Creative Assembly Ltd) [File not signed] FirewallRules: [TCP Query User{67A0AC5D-E19D-4A50-8433-91EB608C5F97}D:\games\total war warhammer ii curse of the vampire coast\warhammer2.exe] => (Allow) D:\games\total war warhammer ii curse of the vampire coast\warhammer2.exe (Valve -> The Creative Assembly Ltd) [File not signed] FirewallRules: [UDP Query User{B032E509-9142-42A1-8B18-0D0D7F47399D}F:\destiny 2\destiny2.exe] => (Allow) F:\destiny 2\destiny2.exe No File FirewallRules: [TCP Query User{C69D133A-19C8-4CAA-B73C-FF8AF5DAA4A3}F:\destiny 2\destiny2.exe] => (Allow) F:\destiny 2\destiny2.exe No File FirewallRules: [{A4DFB6B6-BFEF-448E-B6A8-A68565EC7843}] => (Allow) C:\Users\Maria\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{4532A252-A88B-4313-814B-5687BD2BB99A}] => (Allow) C:\Users\Maria\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{6418679F-EB27-48CB-A0C2-7C4F3C14DAE3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{9483F83D-4F34-4758-829A-D61CB39317F2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{539B13B8-1280-4AB0-A0D3-209D54ECE386}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{94CDBD67-AF4F-4370-941F-80E6D17F6FC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{89032A91-8833-4C1C-AE83-A042560921F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{E6FC76ED-848F-417A-8310-6FC9C4EFE465}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{4A7578DB-4BA9-4EAA-927E-36FDB4C44179}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{33218FF6-4ECA-4D6F-89C8-5345382D94A1}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8B1339E7-1FB5-427C-B180-B427CDECBCF9}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C3C6C696-F98C-4AD5-BB36-428E23278EF3}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0BD125D9-BC8D-49D2-A5D2-A667F07FB89F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe No File FirewallRules: [{58B09AEE-6932-4282-BBE9-8FDF6E56D75B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe No File FirewallRules: [{95910DF2-CBB6-4AA4-B656-36DA6983EAFF}] => (Allow) C:\WINDOWS\SysWOW64\wscript.exe FirewallRules: [{A603A45C-CEBB-47F2-B828-504812C7668E}] => (Allow) C:\WINDOWS\SysWOW64\wscript.exe FirewallRules: [TCP Query User{0405AA2C-4D87-4CAD-841F-BE9A22FAD4E5}C:\program files (x86)\subnautica - below zero\subnauticazero.exe] => (Allow) C:\program files (x86)\subnautica - below zero\subnauticazero.exe No File FirewallRules: [UDP Query User{B27572A1-A94C-4ED6-A04F-4FA00AE8A58F}C:\program files (x86)\subnautica - below zero\subnauticazero.exe] => (Allow) C:\program files (x86)\subnautica - below zero\subnauticazero.exe No File FirewallRules: [TCP Query User{DB785F34-4717-4AEE-9B48-BAF051ED0B68}C:\program files (x86)\simcity\simcity\simcity.exe] => (Allow) C:\program files (x86)\simcity\simcity\simcity.exe (Electronic Arts Inc.) [File not signed] FirewallRules: [UDP Query User{6BFC61DF-EE6A-47D1-BCF5-BC8DECAC88F9}C:\program files (x86)\simcity\simcity\simcity.exe] => (Allow) C:\program files (x86)\simcity\simcity\simcity.exe (Electronic Arts Inc.) [File not signed] FirewallRules: [{6083A009-714E-4FF3-ADC9-11F22FA02BCE}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [{5F000106-5BA8-442D-A6D1-BC12B9E31339}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [{7D69FBFC-D618-4C93-ADFB-1CA3D79B3722}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [{00FF1406-4CA8-44D4-83CD-4354BDC2835C}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [{7158355B-B219-4E41-8872-A328BB12EBCB}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [{B1153A0F-9E95-4AC8-9AB8-41A8A3E30B5C}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [TCP Query User{686E6CCC-FE5F-4114-AD1F-2F732EBC990A}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe No File FirewallRules: [UDP Query User{E1BFE255-E552-4748-A7E5-4C0438956C32}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe No File FirewallRules: [TCP Query User{BCE3EA68-DC88-4513-8633-769C226B2A87}C:\program files\diablo ii\game.exe] => (Allow) C:\program files\diablo ii\game.exe (Blizzard North) [File not signed] FirewallRules: [UDP Query User{1F75468C-9371-4D89-B1E3-382A357168A4}C:\program files\diablo ii\game.exe] => (Allow) C:\program files\diablo ii\game.exe (Blizzard North) [File not signed] FirewallRules: [{55E37612-413B-431F-AC2D-975CA74C5A9D}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [{59255ED4-601E-497E-B629-78590F2A60E2}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [{83D4122C-5EEE-41BF-B966-9B91CA73EC7B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) FirewallRules: [{0A3E10C9-FC79-4920-A651-CEE78251E31A}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [{5DB62958-FEBE-465D-A170-08A1A918C120}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [{EEB050AC-6E92-4531-BAF8-0A6836516D81}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [{10305AC6-4523-4F20-925B-56BB29D17D72}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [{8D9327D1-BB27-4967-A05C-8E6BEB2CE74B}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [{BAA75095-6309-4DA0-882A-EECBA85DE775}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [{5A4BBF51-8BF0-4396-A306-0360D7CAEEC2}] => (Allow) C:\Program Files (x86)\Mr DJ\Dark Souls II Scholar Of The First Sin\DarkSoulsII.exe (FromSoftware,Inc. -> NAMCO BANDAI Games) FirewallRules: [{BF73F2BA-6EDE-41C0-97D8-77A328DE87F0}] => (Allow) C:\Program Files (x86)\Mr DJ\Dark Souls II Scholar Of The First Sin\DarkSoulsII.exe (FromSoftware,Inc. -> NAMCO BANDAI Games) FirewallRules: [{C08AD45D-F826-4326-97B7-C1C1AC00AE29}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [{28FE5143-9390-4D68-9B0B-9022043636BA}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [TCP Query User{67F0DA99-4413-4696-9BFB-D13B930583FA}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{7CBADFEB-407B-4903-9DD3-7E25290C739D}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{091C8E2A-738C-4D79-BD1D-1D91E899B176}C:\users\maria\desktop\diablo.ii.lod.v1.14d.lan-pcmymjuegos\diablo.ii.lod.v1.14d.lan-pcmymjuegos\pcmymjuegos\game.exe] => (Allow) C:\users\maria\desktop\diablo.ii.lod.v1.14d.lan-pcmymjuegos\diablo.ii.lod.v1.14d.lan-pcmymjuegos\pcmymjuegos\game.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [UDP Query User{8672001B-0378-4AD0-849D-65931F050BEB}C:\users\maria\desktop\diablo.ii.lod.v1.14d.lan-pcmymjuegos\diablo.ii.lod.v1.14d.lan-pcmymjuegos\pcmymjuegos\game.exe] => (Allow) C:\users\maria\desktop\diablo.ii.lod.v1.14d.lan-pcmymjuegos\diablo.ii.lod.v1.14d.lan-pcmymjuegos\pcmymjuegos\game.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [{A655F0C5-1076-44D0-8EE3-02BEE2FA044C}] => (Allow) LPort=9993 FirewallRules: [{76CF7861-05E9-499A-AC80-223BF8ACBE24}] => (Allow) LPort=9993 FirewallRules: [{D688A064-53F4-480D-BC8F-2C0C2D1E88F9}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe (ZeroTier, Inc. -> ) FirewallRules: [TCP Query User{BD7B3973-B049-4D00-9693-A1CEB0BE7788}E:\isos\games\dst.v295201-pivigames.blog\dst.v295201-pivigames.blog\data\bin\dontstarve_steam.exe] => (Allow) E:\isos\games\dst.v295201-pivigames.blog\dst.v295201-pivigames.blog\data\bin\dontstarve_steam.exe () [File not signed] FirewallRules: [UDP Query User{3DAC6388-1800-46F7-9FBB-71DA12B63174}E:\isos\games\dst.v295201-pivigames.blog\dst.v295201-pivigames.blog\data\bin\dontstarve_steam.exe] => (Allow) E:\isos\games\dst.v295201-pivigames.blog\dst.v295201-pivigames.blog\data\bin\dontstarve_steam.exe () [File not signed] FirewallRules: [TCP Query User{72B56AFB-9C86-4A4A-BE45-F7920EF136E9}E:\isos\games\dst.v295201-pivigames.blog\dst.v295201-pivigames.blog\data\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) E:\isos\games\dst.v295201-pivigames.blog\dst.v295201-pivigames.blog\data\bin\dontstarve_dedicated_server_nullrenderer.exe () [File not signed] FirewallRules: [UDP Query User{09CB2103-2BF3-478A-A622-CDA9AE2C4656}E:\isos\games\dst.v295201-pivigames.blog\dst.v295201-pivigames.blog\data\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) E:\isos\games\dst.v295201-pivigames.blog\dst.v295201-pivigames.blog\data\bin\dontstarve_dedicated_server_nullrenderer.exe () [File not signed] FirewallRules: [TCP Query User{9BFB590A-0E98-4CD5-8260-E4DDA316DF68}E:\destiny 2\destiny2.exe] => (Allow) E:\destiny 2\destiny2.exe (Bungie Inc. -> Bungie) FirewallRules: [UDP Query User{BDEC47E3-11BE-4724-91FC-CDBDAF149A31}E:\destiny 2\destiny2.exe] => (Allow) E:\destiny 2\destiny2.exe (Bungie Inc. -> Bungie) FirewallRules: [{5D44131F-A2C5-41C5-9729-0271D37BCA5F}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [{20CF0A5E-25BB-42AD-8332-D3141768B68D}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [{5B67B909-01A8-4F85-B665-A50545A2598E}] => (Allow) C:\WINDOWS\TEMP\steam.vbe No File FirewallRules: [{02B5CB96-6288-48BC-8696-29C926BAE1AB}] => (Allow) C:\WINDOWS\TEMP\steam.vbe No File FirewallRules: [{F73497F7-650B-4EFE-8129-4447365FF238}] => (Allow) C:\WINDOWS\TEMP\nfrv575A.tmp\svchost.exe No File FirewallRules: [{13A8DC5B-CA53-49EF-9D07-0A0358110991}] => (Allow) C:\WINDOWS\TEMP\nfrv575A.tmp\svchost.exe No File FirewallRules: [{0F8848E8-9728-44BC-B3E8-C473AA601F9B}] => (Allow) C:\WINDOWS\TEMP\rlab142X.tmp\lsass.exe No File FirewallRules: [{40F20774-5F6C-4B94-A9B6-A6430584DADF}] => (Allow) C:\WINDOWS\TEMP\rlab142X.tmp\lsass.exe No File FirewallRules: [{6EDCA606-F36A-493D-BF55-C498DB9DC148}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [{F8C28DB1-1F66-44E6-B064-864B1B8DD835}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [{CF7FB819-7693-4AE6-90A7-DEDE73679FDF}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [{562542A5-2DD1-4B58-941F-F39CAB95D1BD}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [{BAC00013-5DC2-4EEF-80BA-B84601017EB9}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [{D1FE195A-0B2D-4946-B5E4-15B07E0EEB9A}] => (Allow) C:\WINDOWS\System32\WScript.exe FirewallRules: [{B7A7200F-C951-4B93-99BB-10F19C515D18}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe (ZeroTier, Inc. -> ) FirewallRules: [{2FF9C8E5-070C-4A5C-9E39-7A0A8CDFB370}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe (ZeroTier, Inc. -> ) ==================== Restore Points ========================= 10-03-2019 23:25:30 Punto de control programado 12-03-2019 20:26:57 Installed ZeroTier One 16-03-2019 07:05:12 Windows Update ==================== Faulty Device Manager Devices ============= Name: ZeroTier One Virtual Port Description: ZeroTier One Virtual Port Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: ZeroTier Networks LLC Service: zttap300 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: NVIDIA High Definition Audio Description: NVIDIA High Definition Audio Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: NVIDIA Service: NVHDA Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM) Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM) Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: NVIDIA Service: nvvad_WaveExtensible Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Event log errors: ========================= Application errors: ================== Error: (03/17/2019 11:54:46 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: UsbFix.exe, versión: 10.0.0.22, marca de tiempo: 0x5c6a889e Nombre del módulo con errores: UsbFix.exe, versión: 10.0.0.22, marca de tiempo: 0x5c6a889e Código de excepción: 0xc0000005 Desplazamiento de errores: 0x00020fea Identificador del proceso con errores: 0xf44 Hora de inicio de la aplicación con errores: 0x01d4dcd72898acd1 Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\UsbFix\UsbFix.exe Ruta de acceso del módulo con errores: C:\Program Files (x86)\UsbFix\UsbFix.exe Identificador del informe: 64afb169-ee07-4b48-b931-474d77ba9232 Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: Error: (03/17/2019 11:29:09 AM) (Source: ESENT) (EventID: 490) (User: ) Description: taskhostw (5800,R,98) WebCacheLocal: Al intentar abrir el archivo "C:\Users\Maria\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" para acceso de lectura y escritura se produjo el error de sistema 5 (0x00000005): "Acceso denegado. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8). Error: (03/17/2019 11:29:08 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Error de la activación de licencia (slui.exe) con el siguiente código: hr=0x80004005 Argumentos de línea de comandos: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (03/17/2019 11:29:07 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Error de la activación de licencia (slui.exe) con el siguiente código: hr=0x800706BE Argumentos de línea de comandos: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (03/17/2019 11:28:59 AM) (Source: ESENT) (EventID: 439) (User: ) Description: taskhostw (5800,R,98) WebCacheLocal: No se puede escribir una copia sombra del encabezado para el archivo C:\Users\Maria\AppData\Local\Microsoft\Windows\WebCache\V01.chk. Error -1032. Error: (03/17/2019 11:28:59 AM) (Source: ESENT) (EventID: 490) (User: ) Description: taskhostw (5800,R,98) WebCacheLocal: Al intentar abrir el archivo "C:\Users\Maria\AppData\Local\Microsoft\Windows\WebCache\V01.chk" para acceso de lectura y escritura se produjo el error de sistema 5 (0x00000005): "Acceso denegado. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8). Error: (03/17/2019 11:28:49 AM) (Source: ESENT) (EventID: 490) (User: ) Description: taskhostw (5800,R,98) WebCacheLocal: Al intentar abrir el archivo "C:\Users\Maria\AppData\Local\Microsoft\Windows\WebCache\V01.chk" para acceso de lectura y escritura se produjo el error de sistema 5 (0x00000005): "Acceso denegado. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8). Error: (03/17/2019 11:28:39 AM) (Source: ESENT) (EventID: 490) (User: ) Description: taskhostw (5800,R,98) WebCacheLocal: Al intentar abrir el archivo "C:\Users\Maria\AppData\Local\Microsoft\Windows\WebCache\V01.chk" para acceso de lectura y escritura se produjo el error de sistema 5 (0x00000005): "Acceso denegado. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8). System errors: ============= Error: (03/17/2019 06:52:50 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: Error de DCOM "1084" al intentar iniciar el servicio EventSystem con argumentos "No disponible" para ejecutar el servidor: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (03/17/2019 06:52:11 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-HLAVDSN) Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (03/17/2019 06:52:05 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-HLAVDSN) Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (03/17/2019 06:51:51 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-HLAVDSN) Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (03/17/2019 06:51:31 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-HLAVDSN) Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (03/17/2019 06:50:56 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-HLAVDSN) Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (03/17/2019 06:50:49 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-HLAVDSN) Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (03/17/2019 06:50:44 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-HLAVDSN) Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor: {DD522ACC-F821-461A-A407-50B198B896DC} Windows Defender: =================================== Date: 2019-03-17 03:05:58.694 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {1947475C-C7D0-44EC-966F-0538551471CC} Tipo de examen: Antimalware Parámetros de examen: Examen personalizado Usuario: DESKTOP-HLAVDSN\Maria Date: 2019-02-07 15:12:38.310 Description: Antivirus de Windows Defender encontró un error al intentar actualizar las firmas. Nueva versión de firma: Versión de firma anterior: 1.285.1005.0 Origen de actualización: Servidor de Microsoft Update Tipo de firma: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión de motor actual: Versión de motor anterior: 1.1.15600.4 Código de error: 0x8024402c Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. CodeIntegrity: =================================== Date: 2019-03-16 22:20:14.967 Description: Windows blocked file \Device\HarddiskVolume4\Windows\System32\scrobj.dll which has been disallowed for protected processes. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz Percentage of memory in use: 13% Total physical RAM: 12227.72 MB Available physical RAM: 10604.61 MB Total Virtual: 14083.72 MB Available Virtual: 12855.37 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:243.16 GB) (Free:45.42 GB) NTFS Drive d: (Disco local) (Fixed) (Total:221.58 GB) (Free:61.5 GB) NTFS Drive e: (Disco local) (Fixed) (Total:465.76 GB) (Free:279.57 GB) NTFS Drive f: () (Removable) (Total:3.85 GB) (Free:3.85 GB) FAT32 \\?\Volume{593eaa44-8e86-4b81-a2a8-c94522481139}\ (Recuperación) (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS \\?\Volume{fb2d0e83-2560-4c30-9ca1-738e5cb4d215}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS \\?\Volume{6d3f8444-5a4e-4ecb-8005-272a1346723c}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0C894555) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 3.9 GB) (Disk ID: 1D473512) Partition 1: (Not Active) - (Size=3.9 GB) - (Type=0C) ==================== End of Addition.txt ============================