Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2021 Ran by Pepinaso (16-04-2021 20:22:20) Running from C:\Users\Pepinaso\Desktop Windows 10 Home Version 20H2 19042.928 (X64) (2020-07-30 22:37:14) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-153542611-3615973289-1248043461-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-153542611-3615973289-1248043461-503 - Limited - Disabled) Guest (S-1-5-21-153542611-3615973289-1248043461-501 - Limited - Disabled) larac (S-1-5-21-153542611-3615973289-1248043461-1002 - Limited - Enabled) => C:\Users\larac marco (S-1-5-21-153542611-3615973289-1248043461-1004 - Limited - Disabled) Pepinaso (S-1-5-21-153542611-3615973289-1248043461-1001 - Administrator - Enabled) => C:\Users\Pepinaso WDAGUtilityAccount (S-1-5-21-153542611-3615973289-1248043461-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Blueline 1.1.1 (HKLM-x32\...\Blueline_is1) (Version: - ) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - ) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.) Canon MG6200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6200_series) (Version: - Canon Inc.) Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - ) Configurador_FNMT (HKLM-x32\...\{438D4C4C-B703-4971-9C3D-33FF8A010ADB}) (Version: 3.7 - FNMT-RCM) Dell Digital Delivery Services (HKLM-x32\...\{81C48559-E2EB-4F18-9854-51331B9DB552}) (Version: 4.0.70.0 - Dell Inc.) Dell Mobile Connect Drivers (HKLM\...\{98962E99-9DC0-4B16-9D48-2EED1F5D117E}) (Version: 1.2.6577 - Screenovate Technologies Ltd.) Dell SupportAssist (HKLM\...\{C5A70974-2F89-4BE0-90F7-749E62468C4D}) (Version: 3.8.1.23 - Dell Inc.) Dell SupportAssist Remediation (HKLM\...\{E9E87628-7D88-4557-9A80-49B2B4A81460}) (Version: 5.4.1.14954 - Dell Inc.) Hidden Dell SupportAssist Remediation (HKLM-x32\...\{ef6a1215-d616-4e4f-9453-525ed9903031}) (Version: 5.4.1.14954 - Dell Inc.) Dell Update - SupportAssist Update Plugin (HKLM\...\{3C4F6923-3BE1-4E6C-8DEE-9EEF1E433795}) (Version: 5.2.1.12926 - Dell Inc.) Hidden Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{8d32f870-d6fd-4420-b5cb-c29ac65f628d}) (Version: 5.2.1.12926 - Dell Inc.) Dell Update for Windows 10 (HKLM\...\{41D2D254-D869-4CD8-B440-5DF49083C4BA}) (Version: 4.1.0 - Dell Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 120.4.4598 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden foobar2000 v1.5.3 (HKLM-x32\...\foobar2000) (Version: 1.5.3 - Peter Pawlowski) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.128 - Google LLC) Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - ) Intel(R) Chipset Device Software (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel(R) Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2014.14.0.1540 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.9.1040 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1943.2 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.60.155.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{047f2156-ee7f-4a24-b3c2-c0c5c2c81557}) (Version: 1.60.155.0 - Intel Corporation) Hidden Intel® Hardware Accelerated Execution Manager (HKLM\...\{754CC9DC-3DB4-4FB2-B71E-87331DB9EA17}) (Version: 7.5.4 - Intel Corporation) Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{EEA36044-96B5-4E2A-AC59-3FC742EEDEF4}) (Version: 17.5.9.1040 - Intel Corporation) iPod Support (HKLM\...\{4B5933A1-A781-400E-B4A2-3ECC375375E4}) (Version: 120.7.3.55 - Apple Inc.) Java 8 Update 281 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180281F0}) (Version: 8.0.2810.9 - Oracle Corporation) Killer Performance Driver Suite UWD (HKLM\...\{3138A18C-B69F-4C99-ACB7-E579DF171032}) (Version: 2.0.1175 - Rivet Networks) Killer Wireless Driver UWD (HKLM\...\{D9007C95-A9B6-41FD-B6DF-B97DFFC4BE84}) (Version: 2.3.1513 - Rivet Networks) Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes) Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.13058.0 - Waves Audio Ltd.) Hidden Microsoft 365 - es-es (HKLM\...\o365homepremretail - es-es) (Version: 16.0.13901.20400 - Microsoft Corporation) Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.77 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 89.0.774.76 - Microsoft Corporation) Microsoft ODBC Driver 13 for SQL Server (HKLM\...\{2D98CD18-5754-4D94-B7E8-E6E11DAA56B1}) (Version: 13.0.811.168 - Microsoft Corporation) Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\ProPlus2019Retail - es-es) (Version: 16.0.13901.20400 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.13901.20400 - Microsoft Corporation) Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation) Microsoft Project - en-us (HKLM\...\ProjectPro2019Retail - en-us) (Version: 16.0.13901.20400 - Microsoft Corporation) Microsoft Project - es-es (HKLM\...\ProjectPro2019Retail - es-es) (Version: 16.0.13901.20400 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation) Microsoft Visio - en-us (HKLM\...\VisioPro2019Retail - en-us) (Version: 16.0.13901.20400 - Microsoft Corporation) Microsoft Visio - es-es (HKLM\...\VisioPro2019Retail - es-es) (Version: 16.0.13901.20400 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation) Mozilla Firefox 86.0 (x64 en-US) (HKLM\...\Mozilla Firefox 86.0 (x64 en-US)) (Version: 86.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.1 - Mozilla) MyBackupPC from Rerware, LLC (HKLM-x32\...\MyBackupPC) (Version: - ) NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation) NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation) NVIDIA Graphics Driver 460.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.89 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation) NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20400 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20400 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.5.56.33908 - Electronic Arts, Inc.) psqlODBC_x64 (HKLM\...\{3D4F4C5A-28C7-441D-81DC-2AA2C1A61B6A}) (Version: 09.06.0201 - PostgreSQL Global Development Group) Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10518 - Qualcomm) RAR Password Unlocker (HKLM-x32\...\{69B77D45-F5AD-4AB9-933D-352703324469}_is1) (Version: - RAR Password Unlocker, Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.24.34 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9107.1 - Realtek Semiconductor Corp.) RescuePRO Deluxe 7.0.0.8 (HKLM-x32\...\{38D9AAB8-116B-40BB-A801-50B71DF82D24}_is1) (Version: 7.0.0.8 - LC Technology International, Inc.) Revo Uninstaller Pro 3.1.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.8 - VS Revo Group, Ltd.) Skype version 8.65 (HKLM-x32\...\Skype_is1) (Version: 8.65 - Skype Technologies S.A.) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN) Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden Vysor (HKU\S-1-5-21-153542611-3615973289-1248043461-1001\...\Vysor) (Version: 2.2.2 - ClockworkMod) Waves Central (HKLM\...\{ab507e17-892b-5203-838d-d58d8d09c50f}) (Version: 11.0.60 - Waves Audio Ltd) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) XnView 2.49.2 (HKLM-x32\...\XnView_is1) (Version: 2.49.2 - Gougelet Pierre-e) Zoom (HKU\S-1-5-21-153542611-3615973289-1248043461-1001\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.) Zoom (HKU\S-1-5-21-153542611-3615973289-1248043461-1002\...\ZoomUMX) (Version: 5.1 - Zoom Video Communications, Inc.) Packages: ========= Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.2.52.0_x64__htrsf667h5kn2 [2021-04-07] (Dell Inc) Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.70.0_x64__htrsf667h5kn2 [2021-02-26] (Dell Inc) Dell Mobile Connect -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.2.9771.0_x64__0vhbc3ng4wbp0 [2021-02-26] (Screenovate Technologies) [Startup Task] Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.8.10.0_x64__htrsf667h5kn2 [2021-03-02] (Dell Inc) Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.1.15.0_x86__htrsf667h5kn2 [2021-02-26] (Dell Inc) Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.2028.0_x64__rz1tebttyb220 [2021-03-30] (Dolby Laboratories) Dolby Atmos -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmos_3.20201.255.0_x64__rz1tebttyb220 [2020-06-02] (Dolby Laboratories) DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2020.4.45.0_x64__t5j2fzbtdg37r [2020-12-18] (DTS, Inc.) iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2020-12-11] (Apple Inc.) [Startup Task] Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_2.2.3267.0_x64__rh07ty8m5nkag [2020-08-12] (Rivet Networks LLC) [Startup Task] Lake Baikal -> C:\Program Files\WindowsApps\Microsoft.LakeBaikal_1.0.0.0_neutral__8wekyb3d8bbwe [2020-02-10] (Microsoft Corporation) Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.MediaSuiteEssentialsforDell_2.6.4028.0_x86__mcezb6ze687jp [2020-03-27] (CYBERLINK CORPORATION.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad] MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation) My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_1.7.33.0_x64__htrsf667h5kn2 [2021-03-30] (Dell Inc) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-02-26] (NVIDIA Corp.) Panoramic Cityscapes PREMIUM -> C:\Program Files\WindowsApps\Microsoft.PanoramicCityscapesPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2020-02-10] (Microsoft Corporation) Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.3224.0_x86__mcezb6ze687jp [2021-03-30] (CYBERLINK CORPORATION.) Power2Go for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_11.0.3920.0_x86__mcezb6ze687jp [2020-08-12] (CYBERLINK CORPORATION.) [Startup Task] PowerDirector for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerDirectorforDell_15.0.4409.0_x64__mcezb6ze687jp [2018-11-17] (CYBERLINK CORPORATION.) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-153542611-3615973289-1248043461-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd) CustomCLSID: HKU\S-1-5-21-153542611-3615973289-1248043461-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Pepinaso\Dropbox [2018-11-17 08:01] ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-12-10] (Intel(R) Rapid Storage Technology -> ) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-13] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1-x32: [IXnView] -> {A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A} => C:\Program Files (x86)\XnView\ShellEx\XnViewShellExt.dll [2019-12-12] () [File not signed] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-16] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-12-10] (Intel(R) Rapid Storage Technology -> ) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-13] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-13] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2dadf80722c4f751\igfxDTCM.dll [2021-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvddi.inf_amd64_f3fdc49044533477\nvshext.dll [2020-12-12] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-16] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group -> VS Revo Group) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [vidc.i420] => lvcod64.dll HKLM\...\Drivers32-x32: [vidc.i420] => lvcodec2.dll ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= 2020-11-19 12:12 - 2020-11-19 12:12 - 000019456 _____ () [File not signed] C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.HSA.Server.dll 2019-03-12 10:35 - 2012-06-14 16:18 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL 2020-08-12 19:57 - 2020-08-12 19:58 - 001774080 _____ (Robert Simpson, et al.) [File not signed] [File is in use] C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_2.2.3267.0_x64__rh07ty8m5nkag\KillerControlCenter_v2\System.Data.SQLite.dll 2021-01-09 07:35 - 2021-01-09 07:35 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-153542611-3615973289-1248043461-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-153542611-3615973289-1248043461-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE HKU\S-1-5-21-153542611-3615973289-1248043461-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=en-au HKU\S-1-5-21-153542611-3615973289-1248043461-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE HKU\S-1-5-21-153542611-3615973289-1248043461-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE SearchScopes: HKU\S-1-5-21-153542611-3615973289-1248043461-1001 -> DefaultScope {40E2E7F1-677B-40E3-A6B2-36D232063638} URL = hxxp://www.bing.com/search?FORM=U453DF&PC=U453&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-153542611-3615973289-1248043461-1001 -> {40E2E7F1-677B-40E3-A6B2-36D232063638} URL = hxxp://www.bing.com/search?FORM=U453DF&PC=U453&q={searchTerms}&src=IE-SearchBox BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\ssv.dll [2021-01-25] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\jp2ssv.dll [2021-01-25] (Oracle America, Inc. -> Oracle Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-153542611-3615973289-1248043461-1001\...\fnmt.es -> hxxp://fnmt.es IE trusted site: HKU\S-1-5-21-153542611-3615973289-1248043461-1001\...\fnmt.es -> hxxps://fnmt.es IE trusted site: HKU\S-1-5-21-153542611-3615973289-1248043461-1001\...\fnmt.gob.es -> hxxps://fnmt.gob.es IE trusted site: HKU\S-1-5-21-153542611-3615973289-1248043461-1001\...\fnmt.gob.es -> hxxp://fnmt.gob.es IE trusted site: HKU\S-1-5-21-153542611-3615973289-1248043461-1002\...\fnmt.es -> hxxps://fnmt.es IE trusted site: HKU\S-1-5-21-153542611-3615973289-1248043461-1002\...\fnmt.es%20,%20https -> hxxps://fnmt.es%20,%20https IE trusted site: HKU\S-1-5-21-153542611-3615973289-1248043461-1002\...\gob.es -> hxxps://fnmt.gob.es ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2021-04-15 10:19 - 2021-04-15 10:19 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL HKU\S-1-5-21-153542611-3615973289-1248043461-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pepinaso\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper HKU\S-1-5-21-153542611-3615973289-1248043461-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\dell\Wallpaper_Pirelli_FINAL.jpg DNS Servers: 192.168.20.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\StartupFolder: => "ScpToolkit Tray Notifications.lnk" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "Dropbox" HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX" HKLM\...\StartupApproved\Run32: => "MyBackupPC" HKLM\...\StartupApproved\Run32: => "Razer Synapse" HKU\S-1-5-21-153542611-3615973289-1248043461-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-153542611-3615973289-1248043461-1001\...\StartupApproved\Run: => "Plex Media Server" HKU\S-1-5-21-153542611-3615973289-1248043461-1001\...\StartupApproved\Run: => "Skype for Desktop" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [UDP Query User{4C497C5E-79B7-4B50-B2C9-6862FEADC3D4}C:\users\pepinaso\appdata\local\vysor\app-2.2.2\vysor.exe] => (Block) C:\users\pepinaso\appdata\local\vysor\app-2.2.2\vysor.exe (ClockworkMod) [File not signed] FirewallRules: [TCP Query User{0FECC90B-8171-46A8-9B1C-86936FA38935}C:\users\pepinaso\appdata\local\vysor\app-2.2.2\vysor.exe] => (Block) C:\users\pepinaso\appdata\local\vysor\app-2.2.2\vysor.exe (ClockworkMod) [File not signed] FirewallRules: [UDP Query User{A3F9EB4A-B2DD-4820-8795-A0B7A6D3FE50}C:\users\pepinaso\appdata\local\vysor\app-2.1.2\vysor.exe] => (Allow) C:\users\pepinaso\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed] FirewallRules: [TCP Query User{70B43EA4-CEC2-4F97-8F94-F14659EE5BD5}C:\users\pepinaso\appdata\local\vysor\app-2.1.2\vysor.exe] => (Allow) C:\users\pepinaso\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed] FirewallRules: [{14E9F0A1-2F9F-4850-AC4D-F3A879558E6C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A534E2E8-998A-4E4F-AE67-0756C8E8B1F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F297C9BE-6281-45EB-87F4-653763DC6FE2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{776C887D-9353-47BA-B302-E171804CC5E2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{D4706ABE-5D95-478A-8279-478FC2FE2926}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{466E0DD1-2F8B-48DF-BB01-ED64D746B5EC}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{BAFFCAAE-346E-4BBD-95EC-3E6144DB72A4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16050.11029.20079.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{32B988A9-29F9-49D7-B4E0-713AAE981854}] => (Allow) C:\Users\Pepinaso\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{67885BE0-93C9-46B0-96A0-826717085C79}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{D9DBE777-D09B-4EC6-9FA9-B0EFBF17F46F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A81F9C2D-9FB2-4CDC-BABA-A9E1CB079864}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{58C17C4A-3284-4556-BF79-6A711185D386}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{2561B3EE-2EFB-4B26-B03F-D0D2C61387B6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{05BBACC2-AE42-412C-9892-9024F95DCB99}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{1CE2C2F1-3052-4F53-B196-A07A49E98A82}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{DA81C066-61CA-4577-B7F7-6BE39BE47650}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{2C8B328E-03E7-4DD7-94C0-6382C653765F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{0F2E385D-5764-421C-AABD-F0D90322E20F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{6FBD1DBA-F301-4481-8B4B-B3E12792F35D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6E82A44F-2DFC-48F2-8831-A85FC3DA3186}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.2.9771.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) FirewallRules: [{A8D40B45-E44C-4224-9116-4AEA81087C57}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.2.9771.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) FirewallRules: [{8631FE4F-504C-4005-A6C6-74E834AFE76E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{069A3108-BBD0-4814-9626-139886AAB09F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5C4FED68-9B24-4D18-992F-5BB0C9463252}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{326B1388-3850-43AB-9AE0-13ADE6C7ECC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{C1579041-928A-4D7C-A3E0-736D9FFBBFD2}] => (Allow) C:\Users\Pepinaso\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{25DB9142-9607-42E8-833D-B77E7A6B5D4F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{00837DF4-A833-4E34-BA53-250B5BDE64A4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0E9F8DA3-8B45-4890-B6D4-D8DC7C704889}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8D5FD69F-1C48-496C-B9D9-96F6F0E16398}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{E893778A-BB8C-4398-B3E8-E0051EDD1374}D:\downloads\anydesk.exe] => (Allow) D:\downloads\anydesk.exe => No File FirewallRules: [UDP Query User{6627FEFB-795D-4CE9-9F4F-B9B293C27744}D:\downloads\anydesk.exe] => (Allow) D:\downloads\anydesk.exe => No File FirewallRules: [{A343D2B9-1C2B-4D88-AC06-299375DE8678}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{3DFB02AB-33AD-4C50-89AE-5467E2056C6B}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\89.0.774.76\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{DC5E9B9E-9564-4EC9-8014-86782E7F0111}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) ==================== Restore Points ========================= 07-04-2021 15:44:43 Dell SupportAssist Remediation 12-04-2021 07:38:22 Revo Uninstaller Pro's restore point - AnyDesk 12-04-2021 07:40:10 Revo Uninstaller Pro's restore point - Adobe Acrobat XI Pro 12-04-2021 07:40:33 Removed Adobe Acrobat XI Pro. 12-04-2021 07:43:38 Revo Uninstaller Pro's restore point - Adobe Digital Editions 4.5 12-04-2021 07:47:05 Revo Uninstaller Pro's restore point - Cyberpunk 2077 MULTi18 - ElAmigos version 1.03 12-04-2021 07:52:33 Revo Uninstaller Pro's restore point - Folder Size 4.5.0.0 12-04-2021 07:54:21 Revo Uninstaller Pro's restore point - MYOB AccountRight Enterprise v19.11.1 ED 12-04-2021 07:56:11 Revo Uninstaller Pro's restore point - MYOB ODBC Direct v10 AUS 12-04-2021 08:00:44 Revo Uninstaller Pro's restore point - PlayStation™Now 12-04-2021 08:00:57 Removed PlayStation™Now 12-04-2021 08:01:38 Revo Uninstaller Pro's restore point - Windscribe 12-04-2021 08:02:37 Revo Uninstaller Pro's restore point - Windows Driver Package - Sony Computer Entertainment Inc. Wireless controller for PLAYSTATION(R)3 Driver Package (01/20/2012 1.4.0.0) 12-04-2021 08:04:31 Revo Uninstaller Pro's restore point - REDlauncher 12-04-2021 08:05:08 Revo Uninstaller Pro's restore point - PowerISO 7.8 15-04-2021 09:22:35 Windows Modules Installer 15-04-2021 09:24:14 Windows Modules Installer 15-04-2021 09:30:33 Revo Uninstaller Pro's restore point - Malwarebytes version 4.3.0.98 ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (04/16/2021 08:13:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: OriginWebHelperService.exe, version: 10.5.56.33908, time stamp: 0x5dd474e2 Faulting module name: OriginWebHelperService.exe, version: 10.5.56.33908, time stamp: 0x5dd474e2 Exception code: 0xc0000005 Fault offset: 0x00098210 Faulting process ID: 0x1380 Faulting application start time: 0x01d732a925ead048 Faulting application path: C:\Program Files (x86)\Origin\OriginWebHelperService.exe Faulting module path: C:\Program Files (x86)\Origin\OriginWebHelperService.exe Report ID: 17a005a4-f013-473e-ab03-b25fc6dc523b Faulting package full name: Faulting package-relative application ID: Error: (04/16/2021 05:15:28 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: The storage optimiser couldn't complete retrim on Packard Bell (H:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A) Error: (04/16/2021 05:14:03 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: The storage optimiser couldn't complete retrim on SYSTEM RESERVED (G:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A) Error: (04/16/2021 05:02:11 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: The storage optimiser couldn't complete retrim on SYSTEM RESERVED (G:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A) Error: (04/16/2021 04:55:39 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: The storage optimiser couldn't complete retrim on SYSTEM RESERVED (G:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A) Error: (04/16/2021 04:38:41 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: The storage optimiser couldn't complete retrim on SYSTEM RESERVED (G:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A) Error: (04/16/2021 04:22:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: The storage optimiser couldn't complete retrim on SYSTEM RESERVED (G:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A) Error: (04/16/2021 04:15:45 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: The storage optimiser couldn't complete retrim on SYSTEM RESERVED (G:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A) System errors: ============= Error: (04/16/2021 08:13:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Origin Web Helper Service service terminated unexpectedly. It has done this 1 time(s). Error: (04/16/2021 08:12:53 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} Error: (04/16/2021 08:12:53 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} Error: (04/16/2021 08:10:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel(R) Content Protection HDCP Service service terminated unexpectedly. It has done this 1 time(s). Error: (04/16/2021 08:10:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Dell Data Vault Collector service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. Error: (04/16/2021 08:10:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Dell Hardware Support service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (04/16/2021 08:10:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Servicio Hacer clic y ejecutar de Microsoft Office service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. Error: (04/16/2021 08:10:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Dell SupportAssist Remediation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Windows Defender: ================ Date: 2021-04-16 10:47:47 Description: El examen de Microsoft Defender Antivirus se detuvo antes de completarse. Id. de examen: {79EFA349-67EE-498F-A12D-A47A32D81F61} Tipo de examen: Antimalware Parámetros de examen: Quick Scan Usuario: NT AUTHORITY\SYSTEM Date: 2021-04-16 10:43:01 Description: El examen de Microsoft Defender Antivirus se detuvo antes de completarse. Id. de examen: {D818080D-39C4-40B9-A61E-CD9D430DF5A2} Tipo de examen: Antimalware Parámetros de examen: Quick Scan Usuario: NT AUTHORITY\SYSTEM Date: 2021-04-16 09:55:29 Description: El examen de Microsoft Defender Antivirus se detuvo antes de completarse. Id. de examen: {349DC443-7E41-41FC-B760-8F6239B59A04} Tipo de examen: Antimalware Parámetros de examen: Quick Scan Usuario: NT AUTHORITY\SYSTEM Date: 2021-04-15 10:14:32 Description: El examen de Microsoft Defender Antivirus se detuvo antes de completarse. Id. de examen: {91AAEB6A-A97A-4EB2-A29C-8C71FC3A3F14} Tipo de examen: Antimalware Parámetros de examen: Quick Scan Usuario: NT AUTHORITY\SYSTEM Date: 2021-04-13 11:48:54 Description: Microsoft Defender Antivirus detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0 Nombre: HackTool:Win32/Keygen Id.: 2147593794 Gravedad: High Categoría: Tool Ruta de acceso: containerfile:_D:\Programs\Uninstallers\Revo Uninstaller Pro 121120\patch-MrSzzS.rar; file:_D:\Programs\Uninstallers\Revo Uninstaller Pro 121120\patch-MrSzzS.rar->(x32bit.).exe; file:_D:\Programs\Uninstallers\Revo Uninstaller Pro 121120\patch-MrSzzS.rar->(x64bit.).exe Origen de detección: Local machine Tipo de detección: Concrete Origen de detección: User Usuario: DESKTOP-33RB2E0\Pepinaso Nombre de proceso: Unknown Versión de inteligencia de seguridad: AV: 1.335.723.0, AS: 1.335.723.0, NIS: 1.335.723.0 Versión de motor: AM: 1.1.18000.5, NIS: 1.1.18000.5  CodeIntegrity: =============== Date: 2020-09-22 15:45:59 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\Installer\MSI9FC4.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-09-22 15:45:53 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\Installer\MSI8867.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== BIOS: Dell Inc. 1.1.16 01/06/2021 Motherboard: Dell Inc. 0DF42J Processor: Intel(R) Core(TM) i7-8700 CPU @ 3.20GHz Percentage of memory in use: 32% Total physical RAM: 16190.71 MB Available physical RAM: 10945.81 MB Total Virtual: 18622.71 MB Available Virtual: 10825.67 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:221.42 GB) (Free:116.43 GB) NTFS Drive d: (DATA) (Fixed) (Total:1862.89 GB) (Free:1163.05 GB) NTFS Drive g: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.01 GB) NTFS ==>[system with boot components (obtained from drive)] Drive h: (Packard Bell) (Fixed) (Total:2027.9 GB) (Free:475.51 GB) NTFS \\?\Volume{8d1d88d4-0b08-4afe-9748-79ef21164fdc}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.51 GB) NTFS \\?\Volume{44a63dce-3f3a-4b52-9bae-2530d3861fc9}\ (Image) (Fixed) (Total:14.24 GB) (Free:0.21 GB) NTFS \\?\Volume{07501a9c-6485-4670-8c7f-b641ef5dc8e8}\ (DELLSUPPORT) (Fixed) (Total:1.08 GB) (Free:0.31 GB) NTFS \\?\Volume{e96d90ef-0000-0000-0000-100000000000}\ (PQSERVICE) (Fixed) (Total:20 GB) (Free:2.3 GB) NTFS \\?\Volume{b44e8c54-9a64-4947-be87-0d7fbbcb135a}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 1863 GB) (Disk ID: 50C36C57) Partition: GPT. ========================================================== Disk: 1 (Size: 238.5 GB) (Disk ID: 50C36C1E) Partition: GPT. ========================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 2794.5 GB) (Disk ID: E96D90EF) Partition 1: (Not Active) - (Size=20 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=2027.9 GB) - (Type=07 NTFS) ==================== End of Addition.txt =======================