Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2019 Ran by Clara (17-11-2019 10:40:12) Running from C:\Users\Clara\Desktop Windows 10 Pro Version 1903 18362.476 (X64) (2019-09-01 13:22:16) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-970989147-967587906-971501549-500 - Administrator - Disabled) Clara (S-1-5-21-970989147-967587906-971501549-1001 - Administrator - Enabled) => C:\Users\Clara DefaultAccount (S-1-5-21-970989147-967587906-971501549-503 - Limited - Disabled) Invitado (S-1-5-21-970989147-967587906-971501549-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-970989147-967587906-971501549-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.021.20056 - Adobe Systems Incorporated) AutoFirma (HKLM-x32\...\AutoFirma) (Version: 1.6.5 - Gobierno de España) Backup and Sync from Google (HKLM\...\{93EBD8BA-7A14-4636-8F1F-E929ADF2C3A9}) (Version: 3.47.7654.0300 - Google, Inc.) calibre (HKLM-x32\...\{1E7FE48B-D11C-4B7A-BEEE-461ECC16BAAA}) (Version: 3.44.0 - Kovid Goyal) CCleaner (HKLM\...\CCleaner) (Version: 5.59 - Piriform) Desinstalar impresora EPSON Universal Print Driver (HKLM\...\EPSON Universal Print Driver) (Version: - SEIKO EPSON Corporation) Dropbox (HKLM-x32\...\Dropbox) (Version: 85.4.155 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.97 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden HP Deskjet 1050 J410 series Software básico del dispositivo (HKLM\...\{C585DE2E-0AC0-404C-AC0E-8F5ED300BA93}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Softpaq SP46137 (HKLM-x32\...\SP46137) (Version: - ) Intel(R) Management Engine Interface (HKLM\...\HECI) (Version: - Intel Corporation) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) Logitech SetPoint 6.69 (HKLM\...\sp6) (Version: 6.69.123 - Logitech) Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes) Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\ProPlus2019Retail - es-es) (Version: 16.0.12130.20272 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.12130.20272 - Microsoft Corporation) Microsoft Office Professionnel Plus 2019 - fr-fr (HKLM\...\ProPlus2019Retail - fr-fr) (Version: 16.0.12130.20272 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-970989147-967587906-971501549-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Mozilla Firefox 69.0.3 (x64 es-ES) (HKLM\...\Mozilla Firefox 69.0.3 (x64 es-ES)) (Version: 69.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.4 - Mozilla) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden Screenleap (HKLM-x32\...\{3BEF84FF-3678-4ED0-83E1-12CFD5DD8778}) (Version: 14.2.6.0 - Screenleap, Inc.) Packages: ========= Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.23.7.0_x86__kgqvnymyfvs32 [2019-10-24] (king.com) Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1630.7.0_x86__kgqvnymyfvs32 [2019-11-04] (king.com) Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20368.0_x64__8wekyb3d8bbwe [2019-11-07] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-02] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-02] (Microsoft Corporation) [MS Ad] Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-15] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-12] (Microsoft Studios) [MS Ad] MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad] MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-12] (Microsoft Corporation) [MS Ad] ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Clara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default ==================== Loaded Modules (Whitelisted) ============= 2019-10-11 21:05 - 2019-10-11 21:05 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\acrotray.esp 2019-10-22 10:05 - 2019-11-13 07:39 - 006061056 _____ () [File not signed] C:\Users\Clara\AppData\Local\Screenleap\screenleap-win-x86.dll 2019-10-22 10:05 - 2019-10-22 10:05 - 000280576 _____ () [File not signed] C:\Users\Clara\AppData\Local\Screenleap\sllib-win-x86.dll 2019-11-17 09:18 - 2019-11-17 09:18 - 000114176 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\_ctypes.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000173056 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\_elementtree.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 001808896 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\_hashlib.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000032256 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\_multiprocessing.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000046080 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\_psutil_windows.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000047616 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\_socket.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 002241024 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\_ssl.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000026112 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\_yappi.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000080896 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\bz2.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000016384 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\common.time34.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000007680 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\hashobjs_ext.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000301568 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\PIL._imaging.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000169472 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\pyexpat.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 001084416 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\pysqlite2._sqlite.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000548864 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\pythoncom27.dll 2019-11-17 09:18 - 2019-11-17 09:18 - 000137728 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\pywintypes27.dll 2019-11-17 09:18 - 2019-11-17 09:18 - 000010752 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\select.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000020992 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\thumbnails_ext.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000689664 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\unicodedata.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000119808 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\usb_ext.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000128512 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\win32api.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000438784 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\win32com.shell.shell.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000011776 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\win32crypt.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000023040 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\win32event.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000149504 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\win32file.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000223232 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\win32gui.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000048128 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\win32inet.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000029696 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\win32pdh.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000027648 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\win32pipe.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000044032 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\win32process.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000020480 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\win32profile.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000136192 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\win32security.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000026624 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\win32ts.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000034816 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\windows.conditional.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000038400 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\windows.connectivity.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000071680 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\windows.device_monitor.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000109056 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\windows.volumes.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000020480 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\windows.winwrap.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 001325056 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\wx._controls_.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 001489408 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\wx._core_.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 001007104 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\wx._gdi_.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000103424 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\wx._html2.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 000916992 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\wx._misc_.pyd 2019-11-17 09:18 - 2019-11-17 09:18 - 001039872 _____ () [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\wx._windows_.pyd 2015-03-17 00:34 - 2015-03-17 00:34 - 000013824 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp 2019-10-22 10:05 - 2019-10-22 10:05 - 000330752 _____ (hxxp://lame.sf.net) [File not signed] C:\Users\Clara\AppData\Local\Screenleap\mp3lame-win-x86.dll 2019-07-02 19:43 - 2019-02-21 16:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll 2019-11-17 09:18 - 2019-11-17 09:18 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\python27.dll 2019-11-17 09:18 - 2019-11-17 09:18 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\wxbase30u_net_vc90_x64.dll 2019-11-17 09:18 - 2019-11-17 09:18 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\wxbase30u_vc90_x64.dll 2019-11-17 09:18 - 2019-11-17 09:18 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\wxmsw30u_adv_vc90_x64.dll 2019-11-17 09:18 - 2019-11-17 09:18 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\wxmsw30u_core_vc90_x64.dll 2019-11-17 09:18 - 2019-11-17 09:18 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\wxmsw30u_html_vc90_x64.dll 2019-11-17 09:18 - 2019-11-17 09:18 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Clara\AppData\Local\Temp\_MEI47202\wxmsw30u_webview_vc90_x64.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2018-09-15 07:31 - 2019-11-16 08:16 - 000000948 _____ C:\WINDOWS\system32\drivers\etc\hosts 0.0.0.0 serius.mwbsys.com 0.0.0.0 keystone.mwbsys.com 0.0.0.0 keystone-prod.elasticbeanstalk.com 0.0.0.0 test.bypclife ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-970989147-967587906-971501549-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 80.58.61.254 - 80.58.61.250 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{5C98D1BF-0EFE-490C-8735-3ECFFCDA84BE}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{23BB5844-F1D6-455E-834B-5FF89072AE1B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{640F35B9-5EEB-4AB2-8F3B-B8ABD0920EF2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{AA1100AA-46FB-4CBF-83CC-685E3E92B670}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe FirewallRules: [UDP Query User{7519FBE3-1BB3-42FF-A500-7241FD76C502}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe FirewallRules: [{098E3196-0E9F-4ABE-ACBB-719387F5BA1D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6271A6A8-B6E8-41D2-A24F-948E40B8397E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{8675BEB9-84F0-4924-96BF-6C5A33DC06FC}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) ==================== Restore Points ========================= 30-10-2019 12:05:14 Punto de control programado 07-11-2019 11:11:51 Punto de control programado 15-11-2019 08:16:31 Windows Update ==================== Faulty Device Manager Devices ============ Name: Teclado PS/2 estándar Description: Teclado PS/2 estándar Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (Teclados estándar) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Mouse compatible PS/2 Description: Mouse compatible PS/2 Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ======================== Application errors: ================== Error: (11/17/2019 09:38:29 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (10456,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (11/16/2019 09:43:48 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (12748,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (11/16/2019 09:15:16 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (5264,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (11/16/2019 08:23:27 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (5632,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (11/16/2019 08:09:57 AM) (Source: DbxSvc) (EventID: 281) (User: ) Description: CertFindCertificateInStore failed with: (-2146885628) No puede encontrar el objeto o propiedad Error: (11/16/2019 08:09:57 AM) (Source: DbxSvc) (EventID: 281) (User: ) Description: CertFindCertificateInStore failed with: (-2146885628) No puede encontrar el objeto o propiedad Error: (11/15/2019 02:57:46 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (9488,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (11/15/2019 02:50:05 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (4368,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. System errors: ============= Error: (11/13/2019 07:43:40 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-21RUIAV) Description: No se puede iniciar un servidor DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Error "2147942767" al iniciar este comando: C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} Error: (11/13/2019 07:25:54 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-21RUIAV) Description: El servidor {9BA05972-F6A8-11CF-A442-00A0C90A8F39} no se registró con DCOM dentro del tiempo de espera requerido. Error: (11/13/2019 07:25:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: El servicio Adobe Genuine Monitor Service se terminó de manera inesperada. Esto ha sucedido 1 veces. Error: (11/13/2019 07:25:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio Microsoft Office Click-to-Run Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio. Error: (11/13/2019 07:25:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: El servicio Adobe Genuine Software Integrity Service se terminó de manera inesperada. Esto ha sucedido 1 veces. Error: (11/13/2019 07:25:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: El servicio Service KMSELDI se terminó de manera inesperada. Esto ha sucedido 1 veces. Error: (11/13/2019 07:25:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: El servicio Adobe Acrobat Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces. Error: (11/13/2019 07:25:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: El servicio DbxSvc se terminó de manera inesperada. Esto ha sucedido 1 veces. Windows Defender: =================================== Date: 2019-11-11 08:40:25.946 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {20D8B2A1-80B5-40C8-B3B4-7C1502DBD4D7} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2019-11-10 18:58:19.476 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {A2EF7A79-B301-492D-8658-89FAEC57ADBD} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2019-11-10 18:27:34.416 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {686D5B8D-97CF-4476-AB25-E5C8B615A555} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2019-11-10 18:13:29.317 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {B5EB98DC-7444-47D3-B5E0-8D9A4FB11BCE} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2019-11-07 12:38:25.737 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {1296B319-5C25-4ABA-B214-6A10C953D79F} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2019-11-14 20:53:36.282 Description: La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error: Característica: Supervisión de comportamiento Código de error: 0x80004005 Descripción del error: Error no especificado Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema. Date: 2019-11-14 20:53:36.282 Description: La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error: Característica: Supervisión de comportamiento Código de error: 0x80004005 Descripción del error: Error no especificado Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema. Date: 2019-11-14 20:53:35.419 Description: La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error: Característica: Supervisión de comportamiento Código de error: 0x80004005 Descripción del error: Error no especificado Motivo: La protección en tiempo real dejó de funcionar por motivos desconocidos. Reinicie el servicio para recuperarla. CodeIntegrity: =================================== Date: 2019-11-17 09:28:04.843 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2019-11-16 09:20:49.488 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2019-11-15 14:35:16.663 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements. Date: 2019-11-15 08:07:36.608 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2019-11-14 20:53:19.492 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2019-11-14 08:10:15.787 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2019-11-13 19:58:02.462 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2019-11-13 19:57:55.834 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. ==================== Memory info =========================== BIOS: Hewlett-Packard 786F2 v01.60 10/26/2015 Motherboard: Hewlett-Packard 2820h Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz Percentage of memory in use: 62% Total physical RAM: 8111.3 MB Available physical RAM: 3057.8 MB Total Virtual: 9391.3 MB Available Virtual: 3182.6 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:464.71 GB) (Free:415.26 GB) NTFS Drive d: (DATOS) (Fixed) (Total:465.76 GB) (Free:319.85 GB) NTFS \\?\Volume{23522351-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS \\?\Volume{23522351-0000-0000-0000-f04f74000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 23522351) Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=464.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=523 MB) - (Type=27) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 758099EF) Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS) ==================== End of Addition.txt =======================