Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-10-2019 Ran by Eliecer (23-10-2019 18:45:22) Running from C:\Users\Eliecer\Desktop Windows 10 Pro Version 1903 18362.418 (X64) (2019-07-10 09:46:46) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-4058952113-1512256569-4060134003-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-4058952113-1512256569-4060134003-503 - Limited - Disabled) Eliecer (S-1-5-21-4058952113-1512256569-4060134003-1000 - Administrator - Enabled) => C:\Users\Eliecer familia y otros (S-1-5-21-4058952113-1512256569-4060134003-1003 - Limited - Enabled) => C:\Users\familia y otros HomeGroupUser$ (S-1-5-21-4058952113-1512256569-4060134003-1002 - Limited - Enabled) Invitado (S-1-5-21-4058952113-1512256569-4060134003-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-4058952113-1512256569-4060134003-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov) Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20048 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.125 - Adobe) Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 19.1.7734 - AVAST Software) Glary Utilities 5.129 (HKLM-x32\...\Glary Utilities 5) (Version: 5.129.0.155 - Glarysoft Ltd) Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.12026.20334 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4058952113-1512256569-4060134003-1000\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4058952113-1512256569-4060134003-1003\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation) MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12026.20334 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20334 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20334 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.12026.20334 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8467 - Realtek Semiconductor Corp.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) Packages: ========= AdBlock -> C:\Program Files\WindowsApps\BetaFish.AdBlock_2.9.0.0_neutral__c1wakc4j0nefm [2019-05-01] (BetaFish) Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.22.7.0_x86__kgqvnymyfvs32 [2019-10-03] (king.com) Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1610.2.0_x86__kgqvnymyfvs32 [2019-10-10] (king.com) Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1809.1.0_x64__8wekyb3d8bbwe [2019-07-29] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1809.1.0_x86__8wekyb3d8bbwe [2019-07-29] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-02] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-02] (Microsoft Corporation) [MS Ad] Microsoft Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-13] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x64__8wekyb3d8bbwe [2019-10-10] (Microsoft Studios) [MS Ad] MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-13] (Microsoft Corporation) [MS Ad] Pantalla inalámbrica Microsoft -> C:\Program Files\WindowsApps\Microsoft.SurfaceWirelessDisplayAdapter_3.4.137.1000_x64__8wekyb3d8bbwe [2019-07-29] (Microsoft Corporation) Samsung Flow -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.3.5.0_x64__wyx1vj98g3asy [2019-09-13] (Samsung Electronics Co, Ltd.) Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.7.33.0_x64__43tkc6nmykmb6 [2019-07-29] (Ookla) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0 [2019-10-10] (Spotify AB) [Startup Task] ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Eliecer\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-22] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Eliecer\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-22] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Eliecer\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-22] (Mega Limited -> ) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Eliecer\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-22] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Eliecer\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-22] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Eliecer\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-22] (Mega Limited -> ) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-10] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Eliecer\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-22] (Mega Limited -> ) ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-10] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Eliecer\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-22] (Mega Limited -> ) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Eliecer\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-22] (Mega Limited -> ) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Eliecer\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-22] (Mega Limited -> ) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2012-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-10] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ==================== Codecs (Whitelisted) ================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Eliecer\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm Shortcut: C:\Users\Eliecer\Favorites\Sitio para descargas de NCH Software.lnk -> hxxp://www.nchsoftware.com/es/index.htm ==================== Loaded Modules (Whitelisted) ============== 2019-10-21 19:09 - 2016-09-12 15:53 - 048936448 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll 2019-02-21 21:00 - 2019-02-21 21:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll 2019-05-02 21:03 - 2019-05-02 21:03 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll 2019-05-02 21:03 - 2019-05-02 21:03 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll ==================== Alternate Data Streams (Whitelisted) ========= ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== ==================== Internet Explorer trusted/restricted =============== ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2019-05-01 00:00 - 2019-04-30 23:54 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4058952113-1512256569-4060134003-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Eliecer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper HKU\S-1-5-21-4058952113-1512256569-4060134003-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 190.157.8.100 - 190.157.8.42 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\Run: => "AvastUI.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{EEB8CA22-6D17-4D8B-A010-CF8DE4C270AB}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe No File FirewallRules: [{14757C7A-4343-448A-A1C7-C5AFED833859}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe No File FirewallRules: [{944320F9-7A6D-48A9-B6A6-E6B21FDA9DD0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{2B5C7751-DA58-4EC7-9496-8B7AE6901EDD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{063804E5-0F94-43AD-9E82-1BC866A1CA59}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E6FA57C5-B888-4FA9-9C90-0A63A1D6135E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{2F6582E9-292A-4CF4-B539-D2495509CFA2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6C9DD787-BABA-465C-BD56-80A46300C1EB}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.3.5.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> ) FirewallRules: [{D99BF26B-542D-4EF9-BDD2-7183B46459FD}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.3.5.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> ) FirewallRules: [{5A8DB396-5102-4446-956C-010278B354FA}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.3.5.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> ) FirewallRules: [{CDD7946F-E93E-4547-B0C5-CC89F8697703}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.3.5.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> ) FirewallRules: [{54DC199B-7F3F-4813-A6E5-E759F5D06B7B}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.3.5.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> ) FirewallRules: [{39F2B987-3B04-4510-8938-9506D51F5CEA}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.3.5.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> ) FirewallRules: [{D461D379-85C1-4A15-AD7F-AB458CC4C8EF}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.3.5.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> ) FirewallRules: [{7C9008A4-B738-42F4-8D7F-F37792C3A1C8}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.3.5.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> ) FirewallRules: [{3A214F59-EB7E-48F7-A726-D21A893B33A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BF1E1A26-2202-4FF7-8C3E-536BD5FD1588}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{60AC0079-04BE-49E8-BA9F-522F7F8E23C6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{A0008593-2475-4ED0-8000-6BA417321F7D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{48CB31BF-A4FE-4E09-A157-450D6C74739F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C3F4913F-482B-4E05-89FE-B04578856033}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D9C7FFF7-4B75-49E9-ABBD-E738723C0419}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{3C43FF9F-B3C8-49B2-A45C-15BD0496FD87}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) ==================== Restore Points ========================= ATTENTION: System Restore is disabled (Total:101.16 GB) (Free:19.14 GB) (19%) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/23/2019 06:41:16 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (7476,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (10/23/2019 06:29:20 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (10260,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (10/23/2019 06:15:16 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3208,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (10/23/2019 06:08:53 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" en la línea 1. La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado. La referencia es UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". La definición es UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Use sxstrace.exe para obtener un diagnóstico detallado. Error: (10/21/2019 08:44:09 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY) Description: El subárbol del usuario se carga mediante otro proceso (bloqueo del registro) nombre del proceso: C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe, PID: 4088, ProfSvc PID: 1320. Error: (10/21/2019 08:44:09 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY) Description: El subárbol del usuario se carga mediante otro proceso (bloqueo del registro) nombre del proceso: C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe, PID: 4088, ProfSvc PID: 1320. Error: (10/21/2019 08:38:37 PM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Security Center failed to validate caller with error %1. Error: (10/21/2019 08:36:49 PM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Security Center failed to validate caller with error %1. System errors: ============= Error: (10/23/2019 06:02:21 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio CleanupPSvc. Error: (10/21/2019 08:51:56 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 5 Error: (10/21/2019 08:09:53 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio ClickToRunSvc. Error: (10/21/2019 08:09:53 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio CleanupPSvc. Error: (10/21/2019 08:09:16 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: El servicio Malwarebytes Service no se cerró correctamente después de recibir un control de aviso de apagado. Error: (10/21/2019 06:03:23 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 5 Error: (10/18/2019 11:19:04 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 5 Error: (10/18/2019 04:02:10 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 5 Windows Defender: =================================== Date: 2019-10-23 18:26:54.731 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {2553B049-DEB2-4916-89A7-BE8997DC97E1} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2019-10-21 20:27:26.679 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {9E3B6C88-E08C-4537-86A5-13DDCE3456FA} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2019-10-21 20:04:11.532 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {C035EB16-EADB-4FF1-8E34-C81D1EFBC75F} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2019-10-21 19:37:46.774 Description: El acceso controlado a carpetas impidió que C:\Users\Eliecer\AppData\Local\Temp\~nsuA.tmp\Au_.exe realizara cambios en la memoria. Tiempo de detección: 2019-10-22T00:37:46.772Z Usuario: Gateway-PC\Eliecer Ruta de acceso: \Device\Harddisk0\DR0 Nombre del proceso: C:\Users\Eliecer\AppData\Local\Temp\~nsuA.tmp\Au_.exe Versión de inteligencia de seguridad: 1.305.304.0 Versión del motor: 1.1.16500.1 Versión del producto: 4.18.1909.6 Date: 2019-10-21 17:58:49.483 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {FD60DC9C-8532-43A5-BA21-C4756071A03D} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2019-10-18 22:12:44.549 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.305.98.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.16500.1 Código de error: 0x80240016 Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulta Ayuda y soporte técnico. Date: 2019-10-15 15:49:43.125 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.303.1406.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.16400.2 Código de error: 0x80240022 Descripción del error: El programa no puede comprobar actualizaciones de definiciones. Date: 2019-10-15 15:48:28.048 Description: La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error: Característica: Supervisión de comportamiento Código de error: 0x80508023 Descripción del error: The program could not find the malware and other potentially unwanted software on this device. Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema. Date: 2019-10-10 20:25:34.893 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.303.1406.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.16400.2 Código de error: 0x80240016 Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulta Ayuda y soporte técnico. Date: 2019-10-07 18:13:38.648 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.303.993.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.16400.2 Código de error: 0x80240022 Descripción del error: El programa no puede comprobar actualizaciones de definiciones. CodeIntegrity: =================================== Date: 2019-10-23 18:02:40.029 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2019-10-21 20:45:07.269 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2019-10-21 20:39:43.819 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2019-10-21 20:39:37.891 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2019-10-21 20:39:20.102 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2019-10-21 20:39:19.418 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2019-10-21 20:28:33.346 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2019-10-21 20:28:27.376 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. ==================== Memory info =========================== BIOS: Phoenix Technologies LTD V1.12 05/04/2010 Motherboard: Gateway NV49C Processor: Intel(R) Core(TM) i5 CPU M 480 @ 2.67GHz Percentage of memory in use: 72% Total physical RAM: 3764.5 MB Available physical RAM: 1021.16 MB Total Virtual: 5620.5 MB Available Virtual: 2347.09 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:101.16 GB) (Free:19.14 GB) NTFS Drive d: () (Fixed) (Total:363.22 GB) (Free:2.67 GB) NTFS \\?\Volume{f7a27bd3-af0e-11e2-9c1b-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{80d07a95-0000-0000-0000-a05019000000}\ () (Fixed) (Total:0.8 GB) (Free:0.29 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 80D07A95) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=101.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=819 MB) - (Type=27) Partition 4: (Not Active) - (Size=363.2 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================