Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-05-2020 Ran by Gianna Catalina (08-05-2020 12:47:47) Running from C:\Users\Gianna Catalina\Desktop Windows 10 Pro Version 1909 18363.778 (X64) (2020-05-03 07:59:28) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2553645042-3655948027-308666166-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2553645042-3655948027-308666166-503 - Limited - Disabled) Gianna Catalina (S-1-5-21-2553645042-3655948027-308666166-1001 - Administrator - Enabled) => C:\Users\Gianna Catalina Guest (S-1-5-21-2553645042-3655948027-308666166-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2553645042-3655948027-308666166-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.66 - Piriform) Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Estudio para la mejora del producto HP Deskjet 1510 series (HKLM\...\{71000761-BD38-48D3-8041-A445E260797F}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden HP Deskjet 1510 series Ayuda (HKLM-x32\...\{6E20FBAA-BCB2-4429-A9A9-C8EED1254BE4}) (Version: 30.0.0 - Hewlett Packard) HP Deskjet 1510 series Software básico del dispositivo (HKLM\...\{B610C583-FDD7-41B6-8CED-C668E51114AC}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Intel® Hardware Accelerated Execution Manager (HKLM\...\{7563302D-BD6B-4153-BA7D-3E3432E7C22D}) (Version: 7.5.6 - Intel Corporation) Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 81.0.416.72 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.127.21 - ) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2553645042-3655948027-308666166-1001\...\OneDriveSetup.exe) (Version: 20.052.0311.0011 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Nuance PDF Converter Professional 8 (HKLM\...\{BCE93D4F-0E1C-495D-8710-C753FE5924A3}) (Version: 8.10.6242 - Nuance Communications, Inc.) Nuance PDF Converter Professional 8 (HKLM-x32\...\{BCE93D4F-0E1C-495D-8710-C753FE5924A3}) (Version: 8.10.6242 - Nuance Communications, Inc.) Nuance PDF Converter Professional 8 Update x64 (HKLM\...\{45AE5880-34A1-4575-92A6-11D0DC182F24}) (Version: 8.11.0000 - Nuance Communications, Inc.) Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.) Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Revo Uninstaller Pro 4.3.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.3.1 - VS Revo Group, Ltd.) Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated) Update for Skype for Business 2015 (KB4484097) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1EB78C78-BFAF-4052-BD35-9A0F99B941CC}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4484097) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{1EB78C78-BFAF-4052-BD35-9A0F99B941CC}) (Version: - Microsoft) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden Zoom (HKU\S-1-5-21-2553645042-3655948027-308666166-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.) Packages: ========= Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe [2020-05-03] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-05-04] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-05-04] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2020-04-25] (Microsoft Studios) [MS Ad] MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.3.193.0_x86__8wekyb3d8bbwe [2020-04-25] (Microsoft Corporation) [MS Ad] MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.3.193.0_x86__8wekyb3d8bbwe [2020-04-25] (Microsoft Corporation) [MS Ad] MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2020-05-03] (Microsoft Corporation) [MS Ad] MSN Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.3.193.0_x86__8wekyb3d8bbwe [2020-04-25] (Microsoft Corporation) [MS Ad] Presentation pptx free -> C:\Program Files\WindowsApps\48494ChristianRegli.Presentationpptxfree_1.2.9.0_x64__vx3q36yknjvra [2020-05-04] (Christian Regli) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2553645042-3655948027-308666166-1001_Classes\CLSID\{994DDB09-5EF2-4b68-9599-29BB1A2A6944}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated) ContextMenuHandlers1: [PDFC7.ShellExtension] -> {877327F4-8A93-4320-932C-338069C27BEA} => C:\Program Files (x86)\Nuance\PDF Professional 8\ShellExt70.dll [2012-10-23] (Nuance Communications, Inc. -> Nuance Communications, Inc.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-25] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2020-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-25] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Gianna Catalina\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default ShortcutWithArgument: C:\Users\Gianna Catalina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default ==================== Loaded Modules (Whitelisted) ============= ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:AEC0AC81 [137] ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-07-10 06:04 - 2020-05-07 23:27 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2553645042-3655948027-308666166-1001\Control Panel\Desktop\\Wallpaper -> E:\fotos\cel hector 02-ago-2018\20181222_131207.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 06-05-2020 08:55:46 Windows Update ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (05/08/2020 12:54:42 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3640,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (05/08/2020 12:44:58 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3016,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (05/08/2020 12:38:20 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Error de la activación de licencia (slui.exe) con el siguiente código: hr=0xC004F074 Argumentos de línea de comandos: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (05/08/2020 12:32:41 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Error de la activación de licencia (slui.exe) con el siguiente código: hr=0x8007139F Argumentos de línea de comandos: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (05/08/2020 11:01:02 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (6812,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (05/08/2020 10:53:47 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Error de la activación de licencia (slui.exe) con el siguiente código: hr=0xC004F074 Argumentos de línea de comandos: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (05/08/2020 10:45:21 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (6444,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (05/08/2020 10:31:55 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (2984,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. System errors: ============= Error: (05/08/2020 12:32:08 PM) (Source: IntelHaxm) (EventID: 10) (User: ) Description: HAXM can't work on system with VT disabled Error: (05/08/2020 12:32:03 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: El cierre anterior del sistema a las 10:55:46 AM del ‎5/‎8/‎2020 resultó inesperado. Error: (05/08/2020 10:23:46 AM) (Source: IntelHaxm) (EventID: 10) (User: ) Description: HAXM can't work on system with VT disabled Error: (05/08/2020 10:14:45 AM) (Source: IntelHaxm) (EventID: 10) (User: ) Description: HAXM can't work on system with VT disabled Error: (05/08/2020 10:14:42 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: El cierre anterior del sistema a las 9:46:34 AM del ‎5/‎8/‎2020 resultó inesperado. Error: (05/07/2020 11:29:12 PM) (Source: IntelHaxm) (EventID: 10) (User: ) Description: HAXM can't work on system with VT disabled Error: (05/07/2020 11:24:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio Servicio Hacer clic y ejecutar de Microsoft Office terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio. Error: (05/07/2020 11:24:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio Windows Search terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio. CodeIntegrity: =================================== Date: 2020-05-08 09:53:24.099 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2020-05-08 09:52:15.483 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2020-05-08 09:52:13.243 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2020-05-08 09:52:11.618 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2020-05-08 09:51:11.994 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2020-05-08 09:51:09.342 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2020-05-08 09:51:07.327 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2020-05-08 09:51:06.100 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: Insyde F.05 07/23/2012 Motherboard: Hewlett-Packard 1854 Processor: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz Percentage of memory in use: 75% Total physical RAM: 1948.36 MB Available physical RAM: 485.61 MB Total Virtual: 4252.36 MB Available Virtual: 2272.4 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:231.9 GB) (Free:185.1 GB) NTFS Drive e: () (Fixed) (Total:232.88 GB) (Free:109.1 GB) NTFS \\?\Volume{11fa6494-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.1 GB) NTFS \\?\Volume{11fa6494-0000-0000-0000-700f3a000000}\ () (Fixed) (Total:0.64 GB) (Free:0.08 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 11FA6494) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=231.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=655 MB) - (Type=27) Partition 4: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS) ==================== End of Addition.txt =======================