Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-06-2019 Ran by chefcito (19-06-2019 06:19:31) Running from C:\Users\chefcito\Downloads Windows 10 Home Single Language Version 1803 17134.829 (X64) (2018-06-06 15:46:43) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-3116818766-2193367744-924395030-500 - Administrator - Disabled) anett (S-1-5-21-3116818766-2193367744-924395030-1003 - Limited - Enabled) => C:\Users\anett chefcito (S-1-5-21-3116818766-2193367744-924395030-1001 - Administrator - Enabled) => C:\Users\chefcito DefaultAccount (S-1-5-21-3116818766-2193367744-924395030-503 - Limited - Disabled) Invitado (S-1-5-21-3116818766-2193367744-924395030-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3116818766-2193367744-924395030-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 5KPlayer 4.2 (HKLM-x32\...\5KPlayer_is1) (Version: - DearMob, Inc.) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.207 - Adobe) Apple Application Support (32-bit) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.) BioShock 2 (HKLM-x32\...\BioShock 2_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform) CGS17_Setup_x64 (HKLM\...\{83646B67-A878-4E95-BB4B-AF4A6E61F28C}) (Version: 17.0 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation) Corel Graphics - Windows Shell Extension (HKLM\...\{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.491 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit (HKLM\...\{FD4A43CE-ABAE-4161-83AC-314A3C804F42}) (Version: 17.0.491 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Capture (x64) (HKLM\...\{2C91CB9D-323D-43E5-A433-229B71CFB773}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (x64) (HKLM\...\{9178F0A8-B6F6-4DA7-AD63-317CC4875F4B}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (x64) (HKLM\...\{BD036E95-A9CD-4DED-B744-95AB1DCAFF0C}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (x64) (HKLM\...\{5162E418-BB43-4C8F-ACD6-069645EF98C3}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (x64) (HKLM\...\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - ES (x64) (HKLM\...\{65168D5C-A6DD-4C1B-BF5C-860A39CDD05E}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (x64) (HKLM\...\{D10A5CFA-FE33-4F06-AE37-554604F00A52}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (x64) (HKLM\...\{5406029B-67AD-4F8E-9F2D-F1959CD9CD86}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (x64) (HKLM\...\{EF44BCCD-13F9-4974-862C-CCFAF43EE082}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (x64) (HKLM\...\{13179AB2-69FD-459B-800F-81865A501AD4}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (HKLM\...\{C922F325-DD52-4E22-B204-431A06E63E51}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (HKLM\...\{1A73168F-5983-46A6-AAAB-FD83BC231E02}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (x64) (HKLM\...\{C57EDB5A-AC8E-4E03-9F1A-DC013A2BB9B2}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (x64) (HKLM\...\{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (x64) (HKLM\...\{5672E0DC-7489-4EAC-8CFD-E01B3868FCB5}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (HKLM\...\{966996DC-D67C-40E3-8BD4-31FA0F093571}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (x64) (HKLM\...\{D63404AC-C2F1-4B3D-96EA-9727AC9D994C}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation) CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12 - CyberLink Corp.) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd) Dell Customer Connect (HKLM-x32\...\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}) (Version: 1.5.1.0 - Dell Inc.) Dell Digital Delivery Services (HKLM-x32\...\{82157E05-6529-4355-9271-5160703457A7}) (Version: 4.0.28.0 - Dell Inc.) Dell Help & Support (HKLM\...\{8917AEA5-01A5-476F-AA27-A52EA6C94212}) (Version: 2.6.1.0 - Dell Inc.) Hidden Dell Help & Support (HKLM-x32\...\InstallShield_{8917AEA5-01A5-476F-AA27-A52EA6C94212}) (Version: 2.6.1.0 - Dell Inc.) Dell Product Registration (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.2.6793.01 - Dell) Dell SupportAssist Remediation (HKLM\...\{5832D99C-C9C6-437F-861C-43ED6333956F}) (Version: 4.1.0.6828 - Dell Inc.) Hidden Dell SupportAssist Remediation (HKLM-x32\...\{48253a97-70d4-4166-9a2b-80b3bb2fcc75}) (Version: 4.1.0.6828 - Dell Inc.) Dell Update - SupportAssist Update Plugin (HKLM\...\{ED23034C-BB55-432A-B216-C3DCC768A7D3}) (Version: 4.1.0.6828 - Dell Inc.) Hidden Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{de2492a6-682a-49a4-87be-f8448e1af207}) (Version: 4.1.0.6828 - Dell Inc.) Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.0.1 - Dell Inc.) Dropbox 20 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.2 - ) Find.Same.Images.OK (HKU\S-1-5-21-3116818766-2193367744-924395030-1001\...\Find.Same.Images.OK) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.) Google Earth Pro (HKLM-x32\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden Hotspot Shield 7.12.1 (HKLM-x32\...\{09f8e8f3-99c4-49a2-961c-30be45d6392b}) (Version: 7.12.1.11056 - AnchorFree Inc.) Hotspot Shield 7.12.1 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-4925C1E7BE53}) (Version: 7.12.1.11056 - AnchorFree Inc.) Hidden Hotspot Shield 7.12.1 (HKLM-x32\...\HotspotShield) (Version: 7.12.1 - AnchorFree Inc.) Hidden iCloud (HKLM\...\{82FCC407-A0E5-4B80-9241-5ABA78B61090}) (Version: 7.6.0.15 - Apple Inc.) Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4590 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.9.1053 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) iVMS-4200(v2.6.1.2) (HKLM-x32\...\{7697245D-2E00-4B83-AD27-C051DE314D1F}) (Version: 2.06.01.02 - hikvision) Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes) Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden MediaHuman YouTube to MP3 Converter 3.9.9.15 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.9.15 - MediaHuman) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_STANDARD_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_STANDARD_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version: - Microsoft) Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_STANDARD_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version: - Microsoft) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_STANDARD_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version: - Microsoft) Microsoft OneDrive (HKU\S-1-5-21-3116818766-2193367744-924395030-1001\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3116818766-2193367744-924395030-1003\...\OneDriveSetup.exe) (Version: 19.070.0410.0007 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{56F27690-F6EA-3356-980A-02BA379506EE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1b103cea-f037-4504-81de-956057b442c3}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) Mozilla Firefox 67.0.3 (x64 es-MX) (HKLM\...\Mozilla Firefox 67.0.3 (x64 es-MX)) (Version: 67.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.3 - Mozilla) Need for Speed - Rivals (HKLM-x32\...\Need for Speed - Rivals_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter) Need For Speed The Run version 1.4.0.0 (HKLM-x32\...\Need For Speed The Run_is1) (Version: 1.4.0.0 - Mr DJ) Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.10 - Panda Security) Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation) Product Registration (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.) Hidden Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64) Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.17.007 - Dell Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8142 - Realtek Semiconductor Corp.) Revo Uninstaller 2.0.6 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.6 - VS Revo Group, Ltd.) Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.) SmartByte Drivers and Services (HKLM\...\{CAFD2E75-129F-42AD-8258-0FC494ACBD8E}) (Version: 2.5.719 - Rivet Networks) Software Intel® PROSet/Wireless (HKLM-x32\...\{944a1449-c146-468f-a4d4-46ac4e9d9ce9}) (Version: 21.0.0 - Intel Corporation) Software para dispositivos de chipset Intel® (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden Spotify (HKU\S-1-5-21-3116818766-2193367744-924395030-1001\...\Spotify) (Version: 1.1.9.383.g9f48828e - Spotify AB) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden WhatsApp (HKU\S-1-5-21-3116818766-2193367744-924395030-1001\...\WhatsApp) (Version: 0.3.3328 - WhatsApp) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR 5.40 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.3 - win.rar GmbH) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden Packages: ========= Adobe Photoshop Express: Editor de imágenes, Ajustes, Filtros, Efectos, Bordes -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.0.316.0_x64__ynb6jyjzte8ga [2019-05-24] (Adobe Inc.) Complemento de teléfono de Microsoft -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-27] (Microsoft Corporation) Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-29] (Microsoft Corporation) [MS Ad] Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.36.0_x64__htrsf667h5kn2 [2019-04-10] (Dell Inc) Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.520.0_x64__rz1tebttyb220 [2019-03-11] (Dolby Laboratories) Forza Hub -> C:\Program Files\WindowsApps\Microsoft.Lucille_1.0.4.0_x64__8wekyb3d8bbwe [2017-06-08] (Microsoft Studios) Forza Motorsport 6: Apex -> C:\Program Files\WindowsApps\Microsoft.ApexPG_2.8.18.1000_x64__8wekyb3d8bbwe [2018-04-08] (Microsoft Studios) Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_41.1788.50991.0_x86__8xx8rvfyw5nnt [2018-07-24] (Instagram) iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa [2019-05-29] (Apple Inc.) Messenger -> C:\Program Files\WindowsApps\Facebook.317180B0BB486_196.2292.59195.0_x86__8xx8rvfyw5nnt [2019-05-22] (Facebook Inc) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad] MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.375.0_x64__mcm4njqhnhss8 [2019-02-19] (Netflix, Inc.) Office Online -> C:\Program Files\WindowsApps\Microsoft.OfficeOnline_1.5.8.0_neutral__8wekyb3d8bbwe [2018-04-30] (Microsoft Corporation) OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_17.30.3.0_x64__8wekyb3d8bbwe [2018-09-17] (Microsoft Corporation) Teléfono Microsoft -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-11] (Microsoft Corporation) TuneIn Radio -> C:\Program Files\WindowsApps\TuneIn.TuneInRadio_4.0.5.1000_x64__6bhtb546zcxnj [2019-05-22] (TuneIn) [MS Ad] ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-01-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\chefcito\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed] ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\chefcito\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed] ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\chefcito\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed] ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\chefcito\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed] ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\chefcito\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed] ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\chefcito\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed] ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-08-19] (CyberLink Corp. -> Cyberlink) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\chefcito\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed] ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-06-26] (Apple Inc. -> Apple Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-07-02] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-07-02] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-08-19] (CyberLink Corp. -> Cyberlink) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\chefcito\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed] ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\chefcito\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed] ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\chefcito\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed] ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxDTCM.dll [2018-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-07-02] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-07-02] (win.rar GmbH -> Alexander Roshal) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2019-02-28 15:33 - 2019-02-28 15:33 - 000018432 _____ () [File not signed] C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.HSA.Server.dll 2017-07-19 14:55 - 2017-07-19 14:55 - 000665088 _____ () [File not signed] C:\Program Files\EqualizerAPO\EqualizerAPO.dll 2017-07-08 05:52 - 2017-07-08 05:52 - 002983917 _____ () [File not signed] C:\Program Files\EqualizerAPO\libfftw3f-3.dll 2015-11-22 15:05 - 2015-11-22 15:05 - 001530880 _____ () [File not signed] C:\Program Files\EqualizerAPO\libsndfile-1.dll 2017-10-18 16:51 - 2017-10-18 16:51 - 000598528 _____ () [File not signed] C:\Users\chefcito\AppData\Local\MEGAsync\ShellExtX64.dll 2015-05-19 12:11 - 2015-05-19 12:11 - 000335872 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe 2018-03-22 05:21 - 2018-03-22 05:21 - 049966712 _____ (IntelVPGSigning2018 -> Intel Corporation) [File not signed] C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igd9dxva32.dll 2017-02-28 15:11 - 2016-11-10 16:20 - 000489984 _____ (Newtonsoft) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\Newtonsoft.Json.dll 2019-03-07 10:24 - 2019-03-07 10:24 - 000102400 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll 2017-02-28 15:11 - 2016-11-16 15:15 - 000072704 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppCollect.dll 2017-02-28 15:11 - 2016-11-16 15:15 - 000331776 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppCommon.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-3116818766-2193367744-924395030-1001\...\localhost -> localhost ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-07-10 06:04 - 2018-10-09 22:07 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 2018-04-12 14:17 - 2018-09-11 21:26 - 000000441 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;%C_EM64T_REDIST11%bin\Intel64;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ HKU\S-1-5-21-3116818766-2193367744-924395030-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\chefcito\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\stay_hungry_stay_foolish_2-wallpaper-1366x768.jpg HKU\S-1-5-21-3116818766-2193367744-924395030-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\anett\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\50422494_235512214058283_1931397302103048192_n.jpg DNS Servers: Media is not connected to internet. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp" HKLM\...\StartupApproved\Run32: => "5KPlayer.exe" HKU\S-1-5-21-3116818766-2193367744-924395030-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk" HKU\S-1-5-21-3116818766-2193367744-924395030-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3116818766-2193367744-924395030-1001\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-3116818766-2193367744-924395030-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-3116818766-2193367744-924395030-1001\...\StartupApproved\Run: => "DAEMON Tools Lite" HKU\S-1-5-21-3116818766-2193367744-924395030-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-3116818766-2193367744-924395030-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-3116818766-2193367744-924395030-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-3116818766-2193367744-924395030-1001\...\StartupApproved\Run: => "ApplePhotoStreams" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{1346C04C-B9AE-4AED-8681-6967534D4562}C:\users\chefcito\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\chefcito\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{D602E2F9-5306-435E-AB61-A17C5B9A53D0}C:\users\chefcito\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\chefcito\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{DCEFA8F8-DD9C-4F96-948D-EA4BB39566B1}] => (Block) C:\users\chefcito\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{98934F98-F1FD-4D38-834E-A57B809FB7E6}] => (Block) C:\users\chefcito\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{113E84BF-B594-4D41-9021-756A15F8ADC9}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe No File FirewallRules: [UDP Query User{2588DF57-F7CE-493B-92E7-9FDA6E1B5D7A}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe No File FirewallRules: [TCP Query User{F58B984E-5F39-47A2-9F26-5FBECAAA929B}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [UDP Query User{3868C8C4-0448-4ED5-A80A-6017B4289CD1}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [{563A4E33-F518-427C-A7DD-46F085A869F5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{2AA49AC9-B53A-4558-9B3A-41CCA94D6112}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{3FCDEF8F-9BB0-447E-B4C5-09470EC4F370}C:\program files\corel\coreldraw graphics suite x7\programs64\coreldrw.exe] => (Allow) C:\program files\corel\coreldraw graphics suite x7\programs64\coreldrw.exe (Corel Corporation -> Corel Corporation) FirewallRules: [{7E457B4D-E229-4F3E-8731-D68C02AC895B}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation) FirewallRules: [TCP Query User{D68333EC-4C40-4858-BDB5-1A1A807E9AC1}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> ) FirewallRules: [UDP Query User{94C7B764-2A28-4C59-B4A8-F8679B9EB74B}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> ) FirewallRules: [{FAB79D5A-99BB-4DBC-AB0E-F5B3B602BDA4}] => (Block) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> ) FirewallRules: [{BD895899-4BD0-45CC-97C2-C1455FC4618D}] => (Block) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> ) FirewallRules: [TCP Query User{FC7A6DC1-91F1-461B-8106-B3376492F540}C:\games\grand theft auto v\gta5.exe] => (Block) C:\games\grand theft auto v\gta5.exe No File FirewallRules: [UDP Query User{485B1E77-E484-4B43-BC9D-F09831E45F24}C:\games\grand theft auto v\gta5.exe] => (Block) C:\games\grand theft auto v\gta5.exe No File FirewallRules: [{F26485F2-F928-456E-B534-6D1788836055}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe No File FirewallRules: [{22F67C78-934E-479A-BE78-963ABD498657}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe No File FirewallRules: [{06386CA7-18A1-454F-90CD-6DF26FDBD1BD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe No File FirewallRules: [{FE5717DA-AADE-44A5-ADA3-83E0FA88A8EF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe No File FirewallRules: [{8C987C92-337B-4562-BDD5-880333A08B55}] => (Allow) C:\Program Files (x86)\Mr DJ\Need For Speed The Run\Need For Speed The Run.exe (Electronic Arts, Inc.) [File not signed] FirewallRules: [{931EF293-AB1F-4325-92D4-E433B890E665}] => (Allow) C:\Program Files (x86)\Mr DJ\Need For Speed The Run\Need For Speed The Run.exe (Electronic Arts, Inc.) [File not signed] FirewallRules: [{335DDA36-13D8-4877-B724-3046C6569884}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) FirewallRules: [{9026BEC9-BCAB-4A46-821A-655A5B116CE2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{2C639307-4E16-489F-942D-CD5FF481D7E4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{B48A9E98-792A-4D57-B38B-C25343BA1A44}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{49C2123E-9F4C-4ABC-B968-85EDDA6EE2EE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{CD5882CD-5959-41BF-81DA-351117AC1ACA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{463C3AD2-AF66-42C1-8E35-6E23DA169005}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{20A0E084-51AF-4865-B144-BE26F61A635A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{762C1540-B5A9-4925-8799-C7FD4498B309}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{A0A08ABA-E84A-4E12-ADEA-8E8FB3B890DE}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> ) ==================== Restore Points ========================= 19-06-2019 06:00:33 Punto de control programado ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/19/2019 05:53:14 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: MsMpEng.exe, versión: 4.18.1905.4, marca de tiempo: 0xe20f39e1 Nombre del módulo con errores: mpengine.dll, versión: 1.1.16000.6, marca de tiempo: 0x5ce73787 Código de excepción: 0xc0000005 Desplazamiento de errores: 0x00000000003580e6 Identificador del proceso con errores: 0x2e78 Hora de inicio de la aplicación con errores: 0x01d5268d09daf18b Ruta de acceso de la aplicación con errores: C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe Ruta de acceso del módulo con errores: C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2CCD40F5-20AD-402B-A775-C20CEE31E6B0}\mpengine.dll Identificador del informe: 4b3aa276-548b-4129-a2e1-dd49e44a942e Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: Error: (06/18/2019 11:52:25 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 7422 Error: (06/18/2019 11:52:25 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 7422 Error: (06/18/2019 11:52:25 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/18/2019 11:52:23 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5656 Error: (06/18/2019 11:52:23 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 5656 Error: (06/18/2019 11:52:23 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/18/2019 11:52:21 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3859 System errors: ============= Error: (06/19/2019 06:50:11 AM) (Source: Disk) (EventID: 7) (User: ) Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso. Error: (06/19/2019 06:50:08 AM) (Source: Disk) (EventID: 7) (User: ) Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso. Error: (06/19/2019 06:50:06 AM) (Source: Disk) (EventID: 7) (User: ) Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso. Error: (06/19/2019 06:48:57 AM) (Source: Disk) (EventID: 7) (User: ) Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso. Error: (06/19/2019 06:48:54 AM) (Source: Disk) (EventID: 7) (User: ) Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso. Error: (06/19/2019 06:46:39 AM) (Source: Disk) (EventID: 7) (User: ) Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso. Error: (06/19/2019 06:46:36 AM) (Source: Disk) (EventID: 7) (User: ) Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso. Error: (06/19/2019 06:42:09 AM) (Source: Disk) (EventID: 7) (User: ) Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso. Windows Defender: =================================== Date: 2019-06-09 15:02:59.935 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {F7B61902-B3F2-475A-B16C-C61B66B7C6BD} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2019-06-09 14:54:45.906 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {9B8C6B4A-B0C1-48D8-A3B6-704CF13AEFFD} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2019-06-07 12:33:08.572 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {1B0656F2-414C-4AD5-956C-081BE95D04D1} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2019-06-07 12:24:06.674 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {F3ED7B8A-00A4-4F52-A7EC-02CE6FB7A923} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2019-06-07 12:00:29.646 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {C3259F4E-7F1A-4EE0-AF0A-D2F0B1755F32} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2019-06-19 05:52:14.993 Description: El motor de Antivirus de Windows Defender finalizó debido a un error inesperado. Tipo de error: Bloqueo Código de excepción: 0xc0000005 Recurso: Date: 2019-06-19 05:52:14.852 Description: Antivirus de Windows Defender encontró un error al intentar actualizar las firmas. Nueva versión de firma: 1.295.1019.0 Versión de firma anterior: 1.295.730.0 Origen de actualización: Carpeta de actualizaciones de firmas Tipo de firma: AntiSpyware Tipo de actualización: Diferencia Usuario: NT AUTHORITY\SYSTEM Versión de motor actual: 1.1.16000.6 Versión de motor anterior: 1.1.16000.6 Código de error: 0x80070241 Descripción del error: Windows no puede comprobar la firma digital en este archivo. Un cambio reciente en el hardware o en el software podría haber instalado un archivo con una firma incorrecta o dañada, o podría también tratarse de un software malintencionado proveniente de un origen desconocido. Date: 2019-06-19 05:52:14.851 Description: Antivirus de Windows Defender encontró un error al intentar actualizar las firmas. Nueva versión de firma: 1.295.1019.0 Versión de firma anterior: 1.295.730.0 Origen de actualización: Carpeta de actualizaciones de firmas Tipo de firma: AntiVirus Tipo de actualización: Diferencia Usuario: NT AUTHORITY\SYSTEM Versión de motor actual: 1.1.16000.6 Versión de motor anterior: 1.1.16000.6 Código de error: 0x80070241 Descripción del error: Windows no puede comprobar la firma digital en este archivo. Un cambio reciente en el hardware o en el software podría haber instalado un archivo con una firma incorrecta o dañada, o podría también tratarse de un software malintencionado proveniente de un origen desconocido. Date: 2019-06-18 21:49:39.982 Description: El motor de Antivirus de Windows Defender finalizó debido a un error inesperado. Tipo de error: Bloqueo Código de excepción: 0xc0000005 Recurso: Date: 2019-06-18 14:11:50.263 Description: El motor de Antivirus de Windows Defender finalizó debido a un error inesperado. Tipo de error: Bloqueo Código de excepción: 0xc0000005 Recurso: CodeIntegrity: =================================== Date: 2019-06-19 05:53:15.959 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system. Date: 2019-06-19 05:53:15.795 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system. Date: 2019-06-19 05:53:15.536 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system. Date: 2019-06-19 05:53:15.368 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system. Date: 2019-06-19 05:53:15.195 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system. Date: 2019-06-19 05:53:15.032 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system. Date: 2019-06-19 05:53:14.604 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system. Date: 2019-06-19 05:53:14.455 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== BIOS: Dell Inc. 1.5.2 07/18/2018 Motherboard: Dell Inc. 06CMH7 Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz Percentage of memory in use: 54% Total physical RAM: 8083.9 MB Available physical RAM: 3638.68 MB Total Virtual: 11083.9 MB Available Virtual: 5959.92 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:918.16 GB) (Free:554.6 GB) NTFS \\?\Volume{237fd491-666e-4fba-9098-f9e8eba87de8}\ (WINRETOOLS) (Fixed) (Total:0.87 GB) (Free:0.48 GB) NTFS \\?\Volume{e2ce6c3d-1f09-4411-bba8-48d19f83a79b}\ (Image) (Fixed) (Total:11.87 GB) (Free:0.39 GB) NTFS \\?\Volume{f907e68b-117c-42fd-824c-c5719e6bbc4f}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 165AE242) Partition: GPT. ==================== End of Addition.txt ============================