Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-11-2019 Ran by Propietario (08-11-2019 18:29:09) Running from C:\Users\Propietario\Desktop Windows 10 Home Version 1903 18362.449 (X64) (2019-11-06 12:36:54) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-46111833-480644225-1942068361-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-46111833-480644225-1942068361-503 - Limited - Disabled) Invitado (S-1-5-21-46111833-480644225-1942068361-501 - Limited - Disabled) Propietario (S-1-5-21-46111833-480644225-1942068361-1000 - Administrator - Enabled) => C:\Users\Propietario WDAGUtilityAccount (S-1-5-21-46111833-480644225-1942068361-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 18.05 (HKLM-x32\...\{23170F69-40C1-2701-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov) Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20049 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.270 - Adobe) Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation) BitComet 1.59 (HKLM-x32\...\BitComet_x64) (Version: 1.59 - CometNetwork) BrytonUpdate (HKLM-x32\...\{CF4B3534-FBC1-496F-9B04-72C8F85C3B5D}_is1) (Version: 1.0 - BrytonSport, Inc.) calibre 64bit (HKLM\...\{4D4D4686-D99D-4C19-AD38-CE7135518209}) (Version: 4.3.0 - Kovid Goyal) CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform) CDBurnerXP (HKLM-x32\...\{5B448B73-1651-4FD8-8B94-ECCEB88929F1}) (Version: 4.5.8.6795 - Canneverbe Limited) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: - ) Desinstalar impresora EPSON XP-255 257 Series (HKLM\...\EPSON XP-255 257 Series) (Version: - Seiko Epson Corporation) Epson Event Manager (HKLM-x32\...\{15F081E3-93FF-4FF3-B447-42CC458C4F79}) (Version: 3.11.0021 - Seiko Epson Corporation) Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation) EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.) Epson Software Updater (HKLM-x32\...\{FD036A57-F81D-4865-AAF0-811558EA76AE}) (Version: 4.5.1 - Seiko Epson Corporation) Freemake Video Converter versión 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Mixbyte Inc.) Google Chrome (HKLM\...\{6BE8C6A1-54E8-312E-A876-FF27463F3324}) (Version: 78.0.3904.87 - Google, Inc.) Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6518 - Intel Corporation) Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes) Manuales de EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.56.1.0 - Seiko Epson Corporation) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProplusRetail - es-es) (Version: 16.0.11126.20196 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-46111833-480644225-1942068361-1000\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: - ) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: - ) Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: - ) MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: - ) MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: - ) MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11126.20196 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20196 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20196 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.11126.20196 - Microsoft Corporation) Hidden OpenOffice 4.1.5 (HKLM-x32\...\{A93E0F8F-B3C1-4784-916D-15865808017B}) (Version: 4.15.9789 - Apache Software Foundation) PDF Reader for Windows 10 (HKLM\...\PDF Reader for Windows 10_is1) (Version: - PDFLogic Corporation) Photo Common (HKLM-x32\...\{CAA0F57A-BA8C-4AD8-AA03-F32B0E4F5623}) (Version: - ) Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: - ) Photo Gallery (HKLM-x32\...\{C992FFE0-AC32-4FA9-BC9A-F1637B9E655D}) (Version: - ) Polar FlowSync versión 3.0.0.1337 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 3.0.0.1337 - Polar Electro Oy) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8734.1 - Realtek Semiconductor Corp.) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation) Video to Video (HKLM-x32\...\{7F95A744-78DA-4AED-A8F0-A0AF330B8411}_is1) (Version: - Media Converters) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN) VueScan x64 (HKLM\...\VueScan x64) (Version: - Hamrick Software) Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: - ) Windows Live Essentials (HKLM-x32\...\{66B5819D-DE70-42BE-B40F-978FBA12452E}) (Version: - ) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: - ) Windows Live Mail (HKLM-x32\...\{BAD27F0E-5165-49A5-BE66-AF5BF73F2FEE}) (Version: - ) Windows Live Messenger (HKLM-x32\...\{BAD984EE-790E-4513-A428-3BE2D426DCA7}) (Version: - ) Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: - ) Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: - ) Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: - ) Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: - ) Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: - ) Windows Live UX Platform Language Pack (HKLM-x32\...\{6522F5F9-411B-4513-A75B-CEA00395F032}) (Version: - ) Windows Live Writer (HKLM-x32\...\{A2DC527D-FA79-46E9-973F-920897CA55E9}) (Version: - ) Windows Live Writer Resources (HKLM-x32\...\{0F974770-76EB-4C38-986E-E7BDD9C0DFC4}) (Version: - ) Windows Movie Maker 2017 (HKLM-x32\...\{3CC29C1A-B5FE-457B-1234-32A2557A92C7}}_is1) (Version: - winmoviemaker) WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) Packages: ========= Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-16] (Microsoft Corporation) Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20368.0_x64__8wekyb3d8bbwe [2019-11-06] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-14] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-14] (Microsoft Corporation) [MS Ad] Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35042.0.0_x64__807d65c4rvak2 [2019-11-06] (Synaptics Incorporated) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Propietario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-26] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Propietario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-26] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Propietario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-26] (Mega Limited -> ) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Propietario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-26] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Propietario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-26] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Propietario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-26] (Mega Limited -> ) ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Propietario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-26] (Mega Limited -> ) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Propietario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-26] (Mega Limited -> ) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-07] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Propietario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-26] (Mega Limited -> ) ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Propietario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-26] (Mega Limited -> ) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki131191.inf_amd64_d668106cb6f2eae0\igfxDTCM.dll [2019-02-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-07] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= 2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll 2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll 2017-02-13 13:54 - 2017-02-13 13:54 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll 2009-10-21 16:39 - 2009-10-21 16:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll 2019-02-22 16:01 - 2019-02-22 16:01 - 000704512 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON\MyEpson Portal\Configration_00000171\MepCfg.dll 2019-02-22 14:09 - 2019-02-22 14:09 - 000475136 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON\MyEpson Portal\Online Manual_00000013\MepFAQ.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-46111833-480644225-1942068361-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg DNS Servers: 212.142.144.66 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\Run: => "SecurityHealth" HKU\S-1-5-21-46111833-480644225-1942068361-1000\...\StartupApproved\StartupFolder: => "MEGAsync.lnk" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{A226EC7F-EACD-4897-AE57-C226E4DD4E6A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{49069035-A045-45E8-BA14-296BF42DFFB2}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) FirewallRules: [{BFD559CE-71F3-4DDB-A0EE-50CEB74D02DE}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) FirewallRules: [{73E53360-2B48-4EC2-8DEE-7F198A94B403}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C5A20718-B6B6-4059-8021-D1FFCBE1696A}] => (Allow) C:\Program Files\VueScan\vuescan.exe (Hamrick Software -> Hamrick Software) FirewallRules: [{DE37D3D6-B309-4DB2-A56F-251916359330}] => (Allow) C:\Program Files\VueScan\vuescan.exe (Hamrick Software -> Hamrick Software) FirewallRules: [{35E8AC77-445F-4A74-BC19-C94EABDA829C}] => (Allow) LPort=1900 FirewallRules: [{CC2F13B8-CC83-4069-A7DA-19A94657909D}] => (Allow) LPort=2869 FirewallRules: [{4A269DDB-46F2-4290-BAA2-48EB859D8A89}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{13A7D11D-ED43-42FF-8089-2251570C8C39}] => (Allow) C:\Program Files\BitComet\BitComet.exe (Xing Wang -> www.BitComet.com) FirewallRules: [{136898EC-0EF8-490B-8EEE-3A5AEE1FC805}] => (Allow) C:\Program Files\BitComet\BitComet.exe (Xing Wang -> www.BitComet.com) FirewallRules: [{6BAB83BC-CC72-47AB-B258-2D02AE8C16D5}] => (Allow) LPort=5354 FirewallRules: [{01FC83C6-840F-4287-869C-4F59C3FD068F}] => (Allow) LPort=5354 FirewallRules: [{4B840F0F-67DF-4876-806A-B429079FCD68}] => (Allow) LPort=5354 FirewallRules: [{0EC00B7D-FD26-4FEC-93AF-9020988C1F75}] => (Allow) LPort=5354 FirewallRules: [{2A5360CE-FB7B-41D0-8686-0CEA1E743D9E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe] => enabled:@shell32.dll,-1 ==================== Restore Points ========================= 06-11-2019 15:15:26 Windows Update 08-11-2019 12:01:44 ZHPcleaner ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (11/08/2019 05:42:09 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Error al generar el contexto de activación para "C:\Users\Propietario\AppData\Local\chromium\Application\chrome.exe". No se encontró el ensamblado dependiente 63.0.3235.0,language="*",type="win32",version="63.0.3235.0". Use sxstrace.exe para obtener un diagnóstico detallado. Error: (11/08/2019 03:57:54 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Error al generar el contexto de activación para "C:\Users\Propietario\AppData\Local\chromium\Application\chrome.exe". No se encontró el ensamblado dependiente 63.0.3235.0,language="*",type="win32",version="63.0.3235.0". Use sxstrace.exe para obtener un diagnóstico detallado. Error: (11/08/2019 02:19:38 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Error al generar el contexto de activación para "C:\Users\Propietario\AppData\Local\chromium\Application\chrome.exe". No se encontró el ensamblado dependiente 63.0.3235.0,language="*",type="win32",version="63.0.3235.0". Use sxstrace.exe para obtener un diagnóstico detallado. Error: (11/08/2019 11:48:07 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Error al generar el contexto de activación para "C:\Users\Propietario\AppData\Local\chromium\Application\chrome.exe". No se encontró el ensamblado dependiente 63.0.3235.0,language="*",type="win32",version="63.0.3235.0". Use sxstrace.exe para obtener un diagnóstico detallado. Error: (11/08/2019 11:44:37 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Error al generar el contexto de activación para "C:\Users\Propietario\AppData\Local\chromium\Application\chrome.exe". No se encontró el ensamblado dependiente 63.0.3235.0,language="*",type="win32",version="63.0.3235.0". Use sxstrace.exe para obtener un diagnóstico detallado. Error: (11/08/2019 11:33:37 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: Morgan.exe, versión: 1.0.1.0, marca de tiempo: 0x5d325074 Nombre del módulo con errores: ntdll.dll, versión: 10.0.18362.387, marca de tiempo: 0xa4208572 Código de excepción: 0xc0000374 Desplazamiento de errores: 0x000df94d Identificador del proceso con errores: 0x25cc Hora de inicio de la aplicación con errores: 0x01d5961d0afdcd75 Ruta de acceso de la aplicación con errores: C:\Users\Propietario\AppData\Local\Programs\morgan\Morgan.exe Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll Identificador del informe: dd7732d8-c83d-45b5-b0c8-592b634d3e84 Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: Error: (11/08/2019 11:33:24 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity(). Details: AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed System Error: El sistema no puede encontrar el archivo especificado. . Error: (11/08/2019 11:33:24 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity(). Details: AddWin32ServiceFiles: Unable to back up image of service aswbIDSAgent since QueryServiceConfig API failed System Error: El sistema no puede encontrar el archivo especificado. . System errors: ============= Error: (11/08/2019 03:54:29 PM) (Source: DCOM) (EventID: 10010) (User: PC-1547457620) Description: El servidor {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} no se registró con DCOM dentro del tiempo de espera requerido. Error: (11/08/2019 02:30:24 PM) (Source: disk) (EventID: 11) (User: ) Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR5. Error: (11/08/2019 02:29:04 PM) (Source: disk) (EventID: 11) (User: ) Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1. Error: (11/08/2019 12:02:54 PM) (Source: DCOM) (EventID: 10000) (User: PC-1547457620) Description: No se puede iniciar un servidor DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Error "2147942767" al iniciar este comando: C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} Error: (11/08/2019 11:47:09 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente. Ruta de acceso del módulo: C:\WINDOWS\system32\Rtlihvs.dll Error: (11/08/2019 11:47:09 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente. Ruta de acceso del módulo: C:\WINDOWS\system32\Rtlihvs.dll Error: (11/08/2019 11:47:07 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente. Ruta de acceso del módulo: C:\WINDOWS\system32\Rtlihvs.dll Error: (11/08/2019 11:47:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: El servicio Intel(R) Content Protection HECI Service se terminó de manera inesperada. Esto ha sucedido 1 veces. CodeIntegrity: =================================== Date: 2019-11-08 11:43:03.091 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Segurazo\SInspector.dll that did not meet the Microsoft signing level requirements. Date: 2019-11-08 11:36:30.434 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Segurazo\SInspector.dll that did not meet the Microsoft signing level requirements. Date: 2019-11-08 11:13:21.779 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2019-11-08 11:13:21.685 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2019-11-07 12:13:51.809 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Segurazo\SInspector.dll that did not meet the Microsoft signing level requirements. Date: 2019-11-07 12:05:57.784 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Segurazo\SInspector.dll that did not meet the Microsoft signing level requirements. Date: 2019-11-07 11:58:17.023 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Segurazo\SInspector.dll that did not meet the Microsoft signing level requirements. Date: 2019-11-07 11:49:39.929 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Segurazo\SInspector.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: Insyde F.42 08/06/2018 Motherboard: HP 8328 Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz Percentage of memory in use: 43% Total physical RAM: 8108.82 MB Available physical RAM: 4572.67 MB Total Virtual: 9388.82 MB Available Virtual: 6061.37 MB ==================== Drives ================================ Drive c: (Sistema) (Fixed) (Total:237.2 GB) (Free:60.49 GB) NTFS \\?\Volume{bfce4675-b6cd-4c39-bf55-851a0c596e30}\ () (Fixed) (Total:0.86 GB) (Free:0.3 GB) NTFS \\?\Volume{cba2ca35-5713-4e1a-a4a0-8b6b168653d1}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: 3AA33B6A) Partition: GPT. ==================== End of Addition.txt =======================