Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-11-2019 01 Ran by Jorge (27-11-2019 18:32:50) Running from C:\Users\Jorge\Desktop Windows 10 Home Version 1903 18362.476 (X64) (2019-09-30 10:46:16) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-3019531136-2723180675-2681884879-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3019531136-2723180675-2681884879-503 - Limited - Disabled) Invitado (S-1-5-21-3019531136-2723180675-2681884879-501 - Limited - Disabled) Jorge (S-1-5-21-3019531136-2723180675-2681884879-1001 - Administrator - Enabled) => C:\Users\Jorge WDAGUtilityAccount (S-1-5-21-3019531136-2723180675-2681884879-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: Bitdefender Antivirus (Disabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Bitdefender Cortafuego (Enabled) {362C5A58-E860-6396-9204-BEEEF20CA463} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Actualización de NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Hidden Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20056 - Adobe Systems Incorporated) AutoFirma (HKLM-x32\...\AutoFirma) (Version: 1.6.5 - Gobierno de España) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 24.0.1.143 - Bitdefender) Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 24.0.12.72 - Bitdefender) Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 24.0.6.31 - Bitdefender) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) calibre (HKLM-x32\...\{FD6B4DA3-5E7B-499E-841D-B797BED0CC47}) (Version: 3.48.0 - Kovid Goyal) CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform) Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.) HP 3D DriveGuard (HKLM-x32\...\{301F57A8-9CF2-4E0B-B742-26A80AF43CE6}) (Version: 6.0.44.1 - HP) HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.) HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.13.0 - HP Inc.) HP CoolSense (HKLM-x32\...\{10F0BF3E-DBDB-422A-8C12-B4D46711D7C8}) (Version: 2.22.2 - HP Inc.) HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.) HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.) HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.32 - HP Inc.) HP JumpStart Bridge (HKLM-x32\...\{3FC961DB-BD36-4D8D-B276-0C456A2BB638}) (Version: 1.4.0.441 - HP Inc.) HP JumpStart Launch (HKLM-x32\...\{F213102E-FD30-4E22-AF73-4C682D65FFEE}) (Version: 1.4.441.0 - HP Inc.) HP Support Solutions Framework (HKLM-x32\...\{B7053964-E2C7-4BA9-84DE-D3A98B5FBA24}) (Version: 12.8.37.11 - HP Inc.) HP System Event Utility (HKLM-x32\...\{57058272-92B0-4EFA-8FDD-ED3E5D689D37}) (Version: 1.4.32 - HP Inc.) HP Wireless Button Driver (HKLM-x32\...\{2EC9AB64-3ACA-460D-B309-0A7052B0C8C0}) (Version: 1.1.21.1 - HP) Intel XTU SDK (HKLM-x32\...\{43A58350-CB99-4F4E-9BB6-F058D7B27985}) (Version: 1.0.7 - HP Inc.) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11003.3588 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4944 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.5.5.1040 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000071-0190-1034-84C8-B8D95FA3C8C3}) (Version: 19.71.0 - Intel Corporation) LibreOffice 6.3.2.2 (HKLM\...\{6110D2CC-70B4-415E-AF5A-7BB496AB264B}) (Version: 6.3.2.2 - The Document Foundation) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Mi PC Suite (HKU\S-1-5-21-3019531136-2723180675-2681884879-1001\...\MiPhoneManager) (Version: - Xiaomi Inc.) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation) Minimal ADB and Fastboot version 1.4.3 (HKLM-x32\...\{B561660D-8B3C-491D-9E3E-293F14FCAADA}_is1) (Version: 1.4.3 - Samuel Rodberg) Mozilla Firefox 70.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 70.0.1 (x64 es-ES)) (Version: 70.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.1 - Mozilla) NVIDIA Controlador de gráficos 387.99 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 387.99 - NVIDIA Corporation) NVIDIA GeForce Experience 3.9.0.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.97 - NVIDIA Corporation) NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) OMEN Command Center (HKLM\...\{B13CB0A1-4411-404C-A7DB-BB1441B089EC}) (Version: 1.3.124 - HP Inc.) Panel de control de NVIDIA 431.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 431.36 - NVIDIA Corporation) Hidden Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.4.1112.111915 - Razer Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.156 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.18.526.2017 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8703.1 - Realtek Semiconductor Corp.) Software Intel® PROSet/Wireless (HKLM-x32\...\{8060a69f-ee27-444b-b126-775f861232ea}) (Version: 20.0.2 - Intel Corporation) Software para dispositivos de chipset Intel® (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.35.1 - Synaptics Incorporated) TegraRcmGUI (HKLM-x32\...\{FD7196C9-BD86-4736-AF9D-7CFCB9E03E67}) (Version: 2.6.0 - eliboa) Hidden TegraRcmGUI (HKLM-x32\...\TegraRcmGUI 2.6.0) (Version: 2.6.0 - eliboa) The Outer Worlds (HKLM-x32\...\The Outer Worlds_is1) (Version: - ) UE4 Prerequisites (x64) (HKLM\...\{FE402882-ADE0-46E3-AEB8-07C3FA7F8C32}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x64) (HKLM-x32\...\{e56c5d4b-34ff-44c0-b1ae-5e04aca0b8ac}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN) Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) Packages: ========= Ajuste del suelo -> C:\WINDOWS\SystemApps\RoomAdjustment_cw5n1h2txyewy [2019-11-15] (Microsoft Corporation) Connect -> C:\WINDOWS\SystemApps\Microsoft.Windows.DevicesFlowHost_cw5n1h2txyewy [2019-11-15] (Microsoft Corporation) Descubrir la realidad mixta -> C:\WINDOWS\SystemApps\MixedRealityLearning_cw5n1h2txyewy [2019-11-15] (Microsoft Corporation) HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.4.443.0_x86__v10z8vjag6ke6 [2019-09-30] (HP Inc.) HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.38.0_x64__v10z8vjag6ke6 [2019-11-09] (HP Inc.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-09-30] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-30] (Microsoft Corporation) [MS Ad] MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-25] (Microsoft Corporation) [MS Ad] Novedades para ti -> C:\WINDOWS\SystemApps\WhatsNew_cw5n1h2txyewy [2019-11-15] (Microsoft Corporation) Passthrough -> C:\WINDOWS\SystemApps\passthrough_cw5n1h2txyewy [2019-11-15] (Microsoft Corporation) Sign In -> C:\WINDOWS\SystemApps\WebAuthBridgeInternet_cw5n1h2txyewy [2019-11-15] (ms-resource:PublisherDisplayName) Sign In -> C:\WINDOWS\SystemApps\WebAuthBridgeInternetSso_cw5n1h2txyewy [2019-11-15] (ms-resource:PublisherDisplayName) Sign In -> C:\WINDOWS\SystemApps\WebAuthBridgeIntranetSso_cw5n1h2txyewy [2019-11-15] (ms-resource:PublisherDisplayName) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3019531136-2723180675-2681884879-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Jorge\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Jorge\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Jorge\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Jorge\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Jorge\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Jorge\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jorge\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jorge\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jorge\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jorge\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki126754.inf_amd64_27fe88d0d60806a7\igfxDTCM.dll [2018-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-07-03] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= 2019-10-31 22:11 - 2019-10-31 22:11 - 000138240 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\2d56253141f8857651048a4fd2a5a6c2\Interop.IWshRuntimeLibrary.ni.dll 2019-10-31 22:07 - 2019-10-31 22:07 - 000160768 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\bb53d7688e3b47977db7c9995924c443\BRIDGECommon.ni.dll 2019-10-31 22:09 - 2019-10-31 22:09 - 000125440 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\2465a89f93f916f47725ea4ca2ff0fbb\BridgeExtension.ni.dll 2019-10-31 22:10 - 2019-10-31 22:10 - 000395264 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\0191531924c7f89968f731104fecc190\CleanStartController.ni.dll 2019-10-31 22:10 - 2019-10-31 22:10 - 000145920 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Registratio4eabc192#\64d1449ba59788251a013a043c21012b\RegistrationUtilities.ni.dll 2019-10-31 22:11 - 2019-10-31 22:11 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\a319b6bd8b05616ac2a87a33c90598bb\Hardcodet.Wpf.TaskbarNotification.ni.dll 2019-10-31 22:09 - 2019-10-31 22:09 - 000136192 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\1866fd055d234348d389e7f9f288c65d\CommonPortable.ni.dll 2019-10-31 22:11 - 2019-10-31 22:11 - 001585152 _____ (Mark Heath) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\1e8a8721a9c05544dddfa0ef8480142a\NAudio.ni.dll 2019-10-31 22:07 - 2019-10-31 22:07 - 002306560 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\09feb0edcbcae53f807948d2ebdcf7bf\Newtonsoft.Json.ni.dll 2018-01-16 02:19 - 2017-07-20 14:36 - 000235008 _____ (Realtek Semiconductor Corp.) [File not signed] C:\WINDOWS\SYSTEM32\RtBWCtrl.dll 2018-01-16 02:19 - 2017-02-23 20:22 - 000064000 _____ (Realtek Semiconductor Corp.) [File not signed] C:\WINDOWS\SYSTEM32\RtFDrvIOCtrl.dll 2019-10-31 22:11 - 2019-10-31 22:11 - 000792064 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\7c90b27f1ed0f4367900adfa9033b920\log4net.ni.dll 2018-01-16 02:19 - 2017-04-13 10:23 - 002216448 _____ (TODO: ) [File not signed] C:\WINDOWS\SYSTEM32\wlanCliDLL.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2017-09-29 14:46 - 2019-11-27 18:09 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Calibre2\;C:\Program Files\AutoFirma\AutoFirma;C:\Users\Jorge\AppData\Local\Microsoft\WindowsApps;C:\adb HKU\S-1-5-21-3019531136-2723180675-2681884879-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jorge\AppData\Roaming\Mozilla\Firefox\Fondo de escritorio.bmp DNS Servers: 192.168.31.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKU\S-1-5-21-3019531136-2723180675-2681884879-1001\...\StartupApproved\Run: => "MiPhoneManager" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{EE99FF8E-EFCC-42E4-AD76-471668DAD071}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel(R) Wireless Connectivity Solutions -> ) FirewallRules: [{C52999BB-C674-48A3-A1A7-BA8F477BE6E8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{A6564F1D-C58B-4A4A-B861-D0250539A530}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{3A14D012-ED67-4711-8612-E2A5A62065CF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{3F4B0C0A-A395-4F29-9A57-9BDA23C73193}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{22189E6D-84D9-4C49-9242-40AD956D01A6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{51540D15-7F71-4003-A1CE-56D546E52D82}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{FAF37ACE-10AF-4E07-94EC-AD9B15AC2474}] => (Allow) C:\Users\Jorge\AppData\Local\MiPhoneManager\main\MiPCSuite.exe (Xiaomi Technology Inc -> Xiaomi.Inc) ==================== Restore Points ========================= ATTENTION: System Restore is disabled (Total:118.01 GB) (Free:68.15 GB) (58%) ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (11/27/2019 06:20:46 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (4444,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (11/27/2019 06:09:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: Razer Synapse Service.exe, versión: 1.0.0.0, marca de tiempo: 0x5dd38a08 Nombre del módulo con errores: wintrust.dll, versión: 10.0.18362.387, marca de tiempo: 0x701f7291 Código de excepción: 0xc0000005 Desplazamiento de errores: 0x0001b89b Identificador del proceso con errores: 0x1ff4 Hora de inicio de la aplicación con errores: 0x01d5a5455e1de55b Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe Ruta de acceso del módulo con errores: C:\WINDOWS\System32\wintrust.dll Identificador del informe: df59a163-ff43-44c4-891d-938ef2ca0b70 Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: Error: (11/27/2019 06:09:22 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicación: Razer Synapse Service.exe Versión de Framework: v4.0.30319 Descripción: el proceso terminó debido a una excepción no controlada. Información de la excepción: System.AccessViolationException en Security.WinTrust.WinTrust.WinVerifyTrust(IntPtr, System.Guid, Security.WinTrust.WinTrustData) en Security.WinTrust.WinTrust.VerifyEmbeddedSignature(System.String) en Synapse3.Host.ProcessExtensions.IsSignedByRazer(System.String) en Common.NativeDeviceDetectionWrapper.DeviceDetectionWrapper.Start() en Common.DeviceDetection.DeviceDetection.Start(Boolean) en Common.DeviceDetection.DeviceDetection.b__46_0() en System.Threading.Tasks.Task.InnerInvoke() en System.Threading.Tasks.Task.Execute() en System.Threading.Tasks.Task.ExecutionContextCallback(System.Object) en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) en System.Threading.Tasks.Task.ExecuteWithThreadLocal(System.Threading.Tasks.Task ByRef) en System.Threading.Tasks.Task.ExecuteEntry(Boolean) en System.Threading.Tasks.Task.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() en System.Threading.ThreadPoolWorkQueue.Dispatch() en System.Threading._ThreadPoolWaitCallback.PerformWaitCallback() Error: (11/27/2019 06:03:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: ccsetup562.exe, versión: 5.62.0.7538, marca de tiempo: 0x5682fc79 Nombre del módulo con errores: atcuf32.dll, versión: 1.28.222.0, marca de tiempo: 0x5d874f64 Código de excepción: 0xc000041d Desplazamiento de errores: 0x00002d8e Identificador del proceso con errores: 0x3994 Hora de inicio de la aplicación con errores: 0x01d5a5448d722eba Ruta de acceso de la aplicación con errores: C:\Users\Jorge\Desktop\ccsetup562.exe Ruta de acceso del módulo con errores: C:\Program Files\Bitdefender\Bitdefender Security\atcuf\264375999145070003\atcuf32.dll Identificador del informe: 293d96cd-a4fc-47d2-9fce-99dcff2a42b1 Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: Error: (11/27/2019 06:03:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: ccsetup562.exe, versión: 5.62.0.7538, marca de tiempo: 0x5682fc79 Nombre del módulo con errores: atcuf32.dll, versión: 1.28.222.0, marca de tiempo: 0x5d874f64 Código de excepción: 0xc0000005 Desplazamiento de errores: 0x00002d8e Identificador del proceso con errores: 0x3994 Hora de inicio de la aplicación con errores: 0x01d5a5448d722eba Ruta de acceso de la aplicación con errores: C:\Users\Jorge\Desktop\ccsetup562.exe Ruta de acceso del módulo con errores: C:\Program Files\Bitdefender\Bitdefender Security\atcuf\264375999145070003\atcuf32.dll Identificador del informe: cbba2f6e-1fc6-489e-831c-1bef92d7ce1f Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: Error: (11/27/2019 06:01:47 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (2240,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (11/27/2019 05:12:44 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (12900,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (11/27/2019 05:05:36 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3012,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. System errors: ============= Error: (11/27/2019 06:34:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 2 veces. Se realizará la siguiente acción correctora en 8000 milisegundos: Reiniciar el servicio. Error: (11/27/2019 06:34:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: El servicio NVIDIA Display Container LS se cerró con el siguiente error: Un ejecutable de comandos genéricos devolvió un resultado que indica un error. Error: (11/27/2019 06:34:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio. Error: (11/27/2019 06:34:47 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: El servicio NVIDIA Display Container LS se cerró con el siguiente error: Un ejecutable de comandos genéricos devolvió un resultado que indica un error. Error: (11/27/2019 06:34:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 3 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Ejecutar el programa de recuperación configurado. Error: (11/27/2019 06:34:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: El servicio NVIDIA Display Container LS se cerró con el siguiente error: Un ejecutable de comandos genéricos devolvió un resultado que indica un error. Error: (11/27/2019 06:34:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 2 veces. Se realizará la siguiente acción correctora en 8000 milisegundos: Reiniciar el servicio. Error: (11/27/2019 06:34:28 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: El servicio NVIDIA Display Container LS se cerró con el siguiente error: Un ejecutable de comandos genéricos devolvió un resultado que indica un error. CodeIntegrity: =================================== Date: 2019-11-27 18:09:40.261 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-11-27 18:09:40.240 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-09-30 15:09:51.751 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements. Date: 2019-09-30 15:09:51.709 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements. Date: 2019-09-30 14:03:21.470 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements. Date: 2019-09-30 14:03:21.464 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements. Date: 2019-09-30 14:03:21.451 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements. Date: 2019-09-30 14:02:34.084 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. F.19 04/18/2019 Motherboard: HP 838F Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz Percentage of memory in use: 29% Total physical RAM: 16262.89 MB Available physical RAM: 11430.78 MB Total Virtual: 18694.89 MB Available Virtual: 12292.75 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:118.01 GB) (Free:68.15 GB) NTFS Drive d: (DATA) (Fixed) (Total:917.32 GB) (Free:628.92 GB) NTFS Drive e: (RECOVERY) (Fixed) (Total:14.19 GB) (Free:1.66 GB) NTFS ==>[system with boot components (obtained from drive)] \\?\Volume{19b38873-5690-4551-bbe6-c9e242a9dc22}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.33 GB) NTFS \\?\Volume{d656fbda-cf77-46d1-b4d5-f0c0addfbde8}\ () (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: A493E173) Partition: GPT. ========================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 6ECC98D7) Partition: GPT. ==================== End of Addition.txt =======================