Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-08-2019
Ran by Administrador (23-08-2019 14:20:29)
Running from C:\Users\Administrador\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2012-04-19 15:55:50)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
ADMIN (S-1-5-21-3646293972-1715237845-785201959-1000 - Administrator - Disabled) => C:\Users\ADMIN
Administrador (S-1-5-21-3646293972-1715237845-785201959-500 - Administrator - Enabled) => C:\Users\Administrador
HomeGroupUser$ (S-1-5-21-3646293972-1715237845-785201959-1002 - Limited - Enabled)
Invitado (S-1-5-21-3646293972-1715237845-785201959-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Internet Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
A360 Desktop (HKLM\...\{7758802D-9486-4883-9927-CCAC366A3BA4}) (Version: 7.2.3.1800 - Autodesk)
ACA & MEP 2017 Object Enabler (HKLM\...\{28B89EEF-0004-0000-5102-CF3F3A09B77D}) (Version: 7.9.45.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-0001-0000-3102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20036 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.238 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.207 - Adobe)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.5.205 - Adobe, Inc.)
Advanced SystemCare 12 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 12.3.0 - IObit)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Aplicaciones destacadas de Autodesk 2016-2017 (HKLM-x32\...\{27C15055-713B-4D0E-881F-19598A2DFD59}) (Version: 2.2.0 - Autodesk)
AutoCAD 2012 Language Pack - Spanish (HKLM\...\{5783F2D7-A001-040A-1102-0060B0CE6BBA}) (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2014 - Español (Spanish) (HKLM\...\{5783F2D7-D001-0000-0102-0060B0CE6BBA}) (Version: 19.1.108.0 - Autodesk) Hidden
AutoCAD 2014 - Español (Spanish) (HKLM\...\{5783F2D7-D001-040A-2102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - Español (Spanish) (HKLM\...\{5783F2D7-D001-040A-1102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2017 - Español (Spanish) (HKLM\...\{28B89EEF-0001-040A-2102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 Language Pack - Español (Spanish) (HKLM\...\{28B89EEF-0001-040A-1102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 (HKLM\...\{28B89EEF-0001-0000-0102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk App Manager 2016-2017 (HKLM-x32\...\{C0954809-F5DC-426C-847E-8409DE14E4C0}) (Version: 2.2.0 - Autodesk)
Autodesk AutoCAD 2014 - Español (Spanish) (HKLM\...\AutoCAD 2014 - Español (Spanish)) (Version: 19.1.18.0 - Autodesk)
Autodesk AutoCAD 2014 - Español (Spanish) SP1 (HKLM\...\AutoCAD 2014 - Español (Spanish) SP1) (Version: 1 - Autodesk)
Autodesk AutoCAD 2017 - Español (Spanish) (HKLM\...\AutoCAD 2017 - Español (Spanish)) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM-x32\...\{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}) (Version: 1.2.5.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM\...\{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}) (Version: 4.37.6853 - Autodesk)
Autodesk Content Service (HKLM-x32\...\{62F029AB-85F2-0000-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{62F029AB-85F2-0001-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.2.0.174 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk ReCap (HKLM\...\{31ABA3F2-0000-1033-0102-111D43815377}) (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
Autodesk ReCap 360 (HKLM\...\{5F0F7049-0000-1033-0102-73A6DA3D7FA6}) (Version: 3.0.0.52 - Autodesk) Hidden
Autodesk ReCap 360 (HKLM\...\Autodesk ReCap 360) (Version: 3.0.0.52 - Autodesk)
Autodesk ReCap Language Pack-English (HKLM\...\{31ABA3F2-0010-1033-0102-111D43815377}) (Version: 1.0.43.13 - Autodesk) Hidden
CCleaner (HKLM\...\CCleaner) (Version: - )
Centro de Mouse y Teclado de Microsoft (HKLM\...\{76396B67-5C94-4708-90BF-E90070CA5740}) (Version: 11.1.137.0 - Microsoft Corporation) Hidden
Centro de Mouse y Teclado de Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 11.1.137.0 - Microsoft Corporation)
Facebook Video Calling 1.2.0.159 (HKLM-x32\...\{7CAC6A44-C3DE-4153-ACA6-7524602C789E}) (Version: 1.2.159 - Skype Limited)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FARO LS 1.1.505.0 (64bit) (HKLM-x32\...\{8834451B-6209-4E02-9EF4-4EF9E3C1F70F}) (Version: 5.5.0.44203 - FARO Scanner Production)
FMW 1 (HKLM\...\{1C3364DF-40B5-4DA4-9810-652A9A792FB1}) (Version: 1.132.1 - AVG Technologies) Hidden
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Hewlett-Packard ACLM.NET v1.1.0.0 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Designjet 70 Series (HKLM-x32\...\HP Designjet 70 Series) (Version: - Hewlett-Packard Co.)
HP Mantenimiento del sistema para HP designjet 70 series (HKLM-x32\...\{0CA89D87-3F15-4DDC-8F6D-35B86842F846}) (Version: - )
HP Support Solutions Framework (HKLM-x32\...\{382A0798-6F57-46B7-94A6-4176616F0693}) (Version: 12.10.49.21 - HP Inc.)
Importación de SketchUp 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
Intel(R) Computing Improvement Program (HKLM\...\{F6B5BD59-21F0-47F8-A6C6-63BAEB1A6569}) (Version: 2.1.03720 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel(R) USB 3.0\3.1 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 5.0.3.42 - Intel Corporation)
IObit Uninstaller 8 (HKLM-x32\...\IObitUninstall) (Version: 8.5.0.8 - IObit)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
Malware Hunter 1.82.0.668 (HKLM-x32\...\Malware Hunter) (Version: 1.82.0.668 - Glarysoft Ltd)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 60.0 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 60.0 (x86 es-ES)) (Version: 60.0 - Mozilla)
Mozilla Firefox 68.0.2 (x64 es-AR) (HKLM\...\Mozilla Firefox 68.0.2 (x64 es-AR)) (Version: 68.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8.3.2.1 (HKLM-x32\...\Nero8WinuE_is1) (Version: 8.3.2.1 - Bj @ WinuE)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
RapiCapWin 2.0.2 (HKLM-x32\...\RapiCapWin_is1) (Version: 2.0.2 - RapiCapWin.com)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Registro web de HP (HKLM-x32\...\{59DAED4E-96BE-4C54-B7D3-090A5865350B}) (Version: 1.0.0.0 - Hewlett Packard, Co.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SketchUp 2017 (HKLM\...\{0917C390-BE6D-4B90-9C8B-FF11BA43933A}) (Version: 17.0.18899 - Trimble Navigation Limited)
Smart Defrag 6 (HKLM-x32\...\Smart Defrag_is1) (Version: 6.1 - IObit)
SnailDriver version 1.0.0.3 (HKLM-x32\...\{3189DA22-4E71-4794-9F3D-39A3DE0062DE}_is1) (Version: 1.0.0.3 - SnailSuite)
SoftPerfect WiFi Guard version 1.0.5 (HKLM\...\{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1) (Version: 1.0.5 - SoftPerfect Research)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1030 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Ninja version 3.1.5 (HKLM-x32\...\{6E67710E-206D-43AB-BF21-E7CD63056C55}_is1) (Version: 3.1.5 - SingularLabs)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.0.13880 - TeamViewer)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WinUtilities Professional Edition 15.7 (HKLM-x32\...\{FC274982-5AAD-4C20-848D-4424A5043009}_is1) (Version: 15.7 - YL Computing, Inc)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E9}) (Version: 19.5.11475 - WinZip Computing, S.L. )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3646293972-1715237845-785201959-500_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3646293972-1715237845-785201959-500_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3646293972-1715237845-785201959-500_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3646293972-1715237845-785201959-500_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3646293972-1715237845-785201959-500_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3646293972-1715237845-785201959-500_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3646293972-1715237845-785201959-500_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-3646293972-1715237845-785201959-500_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\es-ES\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-15] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Identificador de icono superpuesto para firmas digitales de AutoCAD] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-15] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-15] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2019-04-16] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll [2019-06-10] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\WZSHLS64.DLL [2015-04-28] (WinZip Computing LLC -> WinZip Computing, S.L.)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2019-04-16] (IObit Information Technology -> IObit)
ContextMenuHandlers2: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll [2019-06-10] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2019-04-16] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2017-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll [2019-06-10] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\WZSHLS64.DLL [2015-04-28] (WinZip Computing LLC -> WinZip Computing, S.L.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) ==============
2013-03-15 21:37 - 2013-03-15 21:37 - 000010752 ____H (Microsoft Corporation) [File not signed] C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-03-15 21:37 - 2013-03-15 21:37 - 000003584 ____H (Microsoft Corporation) [File not signed] C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-15 21:37 - 2013-03-15 21:37 - 000002560 ____H (Microsoft Corporation) [File not signed] C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-15 21:37 - 2013-03-15 21:37 - 000005632 ____H (Microsoft Corporation) [File not signed] C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-15 21:37 - 2013-03-15 21:37 - 000003072 ____H (Microsoft Corporation) [File not signed] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-15 21:37 - 2013-03-15 21:37 - 000009728 ____H (Microsoft Corporation) [File not signed] C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-15 21:37 - 2013-03-15 21:37 - 000005632 ____H (Microsoft Corporation) [File not signed] C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-15 21:37 - 2013-03-15 21:37 - 000004096 ____H (Microsoft Corporation) [File not signed] C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-15 21:37 - 2013-03-15 21:37 - 000003072 ____H (Microsoft Corporation) [File not signed] C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-12 12:57 - 2013-11-22 19:48 - 003928064 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\d2d1.dll
2013-03-15 21:37 - 2013-03-15 21:37 - 000194560 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\d3d10_1.dll
2013-03-15 21:37 - 2013-03-15 21:37 - 000333312 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\d3d10_1core.dll
2013-03-15 21:37 - 2013-03-15 21:37 - 000363008 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\dxgi.dll
2013-03-15 21:37 - 2013-03-15 21:37 - 000245248 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\windowscodecsext.dll
2015-03-20 21:13 - 2015-02-04 00:16 - 000465920 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wmphoto.dll
2013-03-15 21:37 - 2013-03-15 21:37 - 000010752 ____H (Microsoft Corporation) [File not signed] C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-03-15 21:37 - 2013-03-15 21:37 - 000002560 ____H (Microsoft Corporation) [File not signed] C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-15 21:37 - 2013-03-15 21:37 - 000005632 ____H (Microsoft Corporation) [File not signed] C:\Windows\syswow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-15 21:37 - 2013-03-15 21:37 - 000009728 ____H (Microsoft Corporation) [File not signed] C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-15 21:37 - 2013-03-15 21:37 - 000004096 ____H (Microsoft Corporation) [File not signed] C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-15 21:37 - 2013-03-15 21:37 - 000003072 ____H (Microsoft Corporation) [File not signed] C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:0B3EF173 [127]
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [163]
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [144]
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-3646293972-1715237845-785201959-500\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7890 more sites.
IE restricted site: HKU\S-1-5-21-3646293972-1715237845-785201959-500\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3646293972-1715237845-785201959-500\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3646293972-1715237845-785201959-500\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3646293972-1715237845-785201959-500\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3646293972-1715237845-785201959-500\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3646293972-1715237845-785201959-500\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3646293972-1715237845-785201959-500\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3646293972-1715237845-785201959-500\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3646293972-1715237845-785201959-500\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3646293972-1715237845-785201959-500\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3646293972-1715237845-785201959-500\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3646293972-1715237845-785201959-500\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3646293972-1715237845-785201959-500\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3646293972-1715237845-785201959-500\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3646293972-1715237845-785201959-500\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3646293972-1715237845-785201959-500\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3646293972-1715237845-785201959-500\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3646293972-1715237845-785201959-500\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3646293972-1715237845-785201959-500\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3646293972-1715237845-785201959-500\...\123simsen.com -> www.123simsen.com
There are 7890 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 23:34 - 2019-08-22 12:30 - 000749438 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.0 telemetry.malwarebytes.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Internet Explorer;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static
HKU\S-1-5-21-3646293972-1715237845-785201959-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrador\AppData\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 200.42.4.204 - 200.49.130.41
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: WinDefend => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FAH.lnk => C:\Windows\pss\FAH.lnk.CommonStartup
MSCONFIG\startupreg: AMD AVT => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Rainlendar2 => C:\Program Files\Rainlendar2\Rainlendar2.exe
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Skype =>
MSCONFIG\startupreg: StartCCC =>
MSCONFIG\startupreg: SunJavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MSCONFIG\startupreg: USB3MON =>
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{55D7F586-2C8A-4315-A30A-E94D62B08292}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{83A52CEA-682C-4646-9791-10E770D6FB04}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
==================== Restore Points =========================
21-08-2019 18:34:17 Google Chrome restore point
21-08-2019 18:49:58 Removed Google Update Helper
21-08-2019 19:54:02 Operación de restauración
21-08-2019 20:24:22 Windows Update
21-08-2019 20:34:00 Operación de restauración
21-08-2019 20:48:06 Windows Update
22-08-2019 00:15:01 Windows Update
22-08-2019 12:32:02 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/23/2019 01:27:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (08/23/2019 12:36:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (08/22/2019 02:42:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: 1NPE.exe, versión: 5.3.0.47, marca de tiempo: 0x5ccc52bc
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.24499, marca de tiempo: 0x5d011861
Código de excepción: 0xc00000fd
Desplazamiento de errores: 0x0002df96
Id. del proceso con errores: 0x1bbc
Hora de inicio de la aplicación con errores: 0x01d55910d3042a44
Ruta de acceso de la aplicación con errores: C:\Users\Administrador\Desktop\1NPE.exe
Ruta de acceso del módulo con errores: C:\Windows\SysWOW64\ntdll.dll
Id. del informe: 3cc85230-c504-11e9-92f4-fcaa146fb8fe
Error: (08/22/2019 02:41:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: 1NPE.exe, versión: 5.3.0.47, marca de tiempo: 0x5ccc52bc
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.24499, marca de tiempo: 0x5d011861
Código de excepción: 0xc00000fd
Desplazamiento de errores: 0x0002df96
Id. del proceso con errores: 0x1750
Hora de inicio de la aplicación con errores: 0x01d559106ff8998d
Ruta de acceso de la aplicación con errores: C:\Users\Administrador\Desktop\1NPE.exe
Ruta de acceso del módulo con errores: C:\Windows\SysWOW64\ntdll.dll
Id. del informe: 07c6a933-c504-11e9-92f4-fcaa146fb8fe
Error: (08/22/2019 12:45:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: WSCommCntr4.exe, versión: 4.0.3.0, marca de tiempo: 0x50dcb523
Nombre del módulo con errores: WSCommCntr4.exe, versión: 4.0.3.0, marca de tiempo: 0x50dcb523
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000016490
Id. del proceso con errores: 0x15bc
Hora de inicio de la aplicación con errores: 0x01d558ffe06854fe
Ruta de acceso de la aplicación con errores: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exe
Ruta de acceso del módulo con errores: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exe
Id. del informe: eeb97108-c4f3-11e9-92f4-fcaa146fb8fe
Error: (08/22/2019 12:37:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (08/22/2019 12:01:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (08/22/2019 12:06:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
System errors:
=============
Error: (08/23/2019 01:29:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio HP Network Devices Support se cerró con el siguiente error:
El sistema no puede encontrar el archivo especificado.
Error: (08/23/2019 01:27:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Servicio de directivas de diagnóstico se cerró con el siguiente error:
Acceso denegado.
Error: (08/23/2019 01:26:38 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Error en la inicialización del archivo de volcado
Error: (08/23/2019 01:15:40 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: El servicio Adobe Acrobat Update Service ha sido marcado como servicio interactivo. Sin embargo, el sistema está configurado para no permitir servicios interactivos. Este servicio puede tener un funcionamiento incorrecto.
Error: (08/23/2019 01:15:35 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: El servicio IObit Uninstaller Service ha sido marcado como servicio interactivo. Sin embargo, el sistema está configurado para no permitir servicios interactivos. Este servicio puede tener un funcionamiento incorrecto.
Error: (08/23/2019 12:38:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio HP Network Devices Support se cerró con el siguiente error:
El sistema no puede encontrar el archivo especificado.
Error: (08/23/2019 12:36:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Servicio de directivas de diagnóstico se cerró con el siguiente error:
Acceso denegado.
Error: (08/22/2019 12:39:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio HP Network Devices Support se cerró con el siguiente error:
El sistema no puede encontrar el archivo especificado.
Windows Defender:
===================================
Date: 2016-02-20 03:45:29.166
Description:
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{3194B668-B136-4A85-A9A1-55587DFD71EC}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red
Date: 2013-07-19 16:58:45.861
Description:
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/AddLyrics&threatid=195750
Nombre:Adware:Win32/AddLyrics
Id.:195750
Gravedad:Media
Categoría:Adware
Ruta de acceso encontrada:bho:HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{463B0ED4-8AFA-404B-90E7-4063A0708050};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{463B0ED4-8AFA-404B-90E7-4063A0708050};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{463B0ED4-8AFA-404B-90E7-4063A0708050};file:C:\Program Files (x86)\LyricsContainer\122.dll;ieaddon:HKCU@S-1-5-21-3646293972-1715237845-785201959-500\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{463B0ED4-8AFA-404B-90E7-4063A0708050};ieaddon:HKCU@S-1-5-21-3646293972-1715237845-785201959-500\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{463B0ED4-8AFA-404B-90E7-4063A0708050};interface:HKLM\SOFTWARE\CLASSES\INTERFACE\{D9A613A0-E419-4BF8-80D1-1B21CA6FD76D};interface:HKLM\SOFTWARE\Wow6432Node\CLASSES\INTERFACE\{D9A613A0-E419-4BF8-80D1-1B21CA6FD76D};regkey:HKCU@S-1-5-21-3646293972-1715237845-785201959-500\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{463B0ED4-8AFA-404B-90E7-4063A0708050};regkey:HKCU@S-1-5-21-3646293972-171523784
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\SYSTEM
Nombre de proceso:
Date: 2013-07-19 16:31:29.697
Description:
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/AddLyrics&threatid=195750
Nombre:Adware:Win32/AddLyrics
Id.:195750
Gravedad:Media
Categoría:Adware
Ruta de acceso encontrada:file:C:\Program Files (x86)\LyricsContainer\122.dll;file:C:\Users\Administrador\AppData\Local\Temp\nsmBBE4.tmp\LyricsContainer_1707-a2e3c3cf.exe;process:pid:3024
Tipo de detección:Concreto
Origen de detección:Protección en tiempo real
Estado:Desconocido
Usuario:\
Nombre de proceso:
Date: 2013-07-19 16:28:34.490
Description:
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/AddLyrics&threatid=195750
Nombre:Adware:Win32/AddLyrics
Id.:195750
Gravedad:Media
Categoría:Adware
Ruta de acceso encontrada:file:C:\Users\Administrador\AppData\Local\Temp\nsmBBE4.tmp\LyricsContainer_1707-a2e3c3cf.exe;process:pid:3024
Tipo de detección:Concreto
Origen de detección:Protección en tiempo real
Estado:Desconocido
Usuario:\
Nombre de proceso:
Date: 2012-09-19 21:04:52.616
Description:
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Small.gen!I&threatid=92596
Nombre:TrojanDownloader:Win32/Small.gen!I
Id.:92596
Gravedad:Grave
Categoría:Descargador troyano
Ruta de acceso encontrada:containerfile:C:\Users\Administrador\Desktop\Cactus Joiner2.5.rar;file:C:\Users\Administrador\Desktop\Cactus Joiner2.5.rar->Cactus Joiner2.5\cactus.EXE;filelocalcopy:C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{5162DDA3-1D48-439B-ACED-1322433E7E93}-Cactus Joiner2.5.rar;webfile:C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{5162DDA3-1D48-439B-ACED-1322433E7E93}-Cactus Joiner2.5.rar|http://205.196.122.200/7jhjkm0x48ug/2ra6aloq3z26ne7/Cactus+Joiner2.5.rar;webfile:C:\Users\Administrador\Desktop\Cactus Joiner2.5.rar|http://205.196.122.200/7jhjkm0x48ug/2ra6aloq3z26ne7/Cactus+Joiner2.5.rar
Tipo de detección:Genérico
Origen de detección:Descargas y datos adjuntos
Estado:Desconocido
Usuario:ADMIN-PC\Administrador
Nombre de proceso:C:\Program Files (x86)\Internet Explorer\iexplore.exe
Date: 2016-01-22 05:00:51.877
Description:
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado.
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0
Date: 2014-06-03 18:35:22.269
Description:
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:1.175.1203.0
Versión de firma anterior:
Origen de actualización:Usuario
Tipo de firma:AntiSpyware
Tipo de actualización:Completa
Usuario:NT AUTHORITY\SYSTEM
Versión de motor actual:1.1.10600.0
Versión de motor anterior:
Código de error:0x80508001
Descripción de error:Un problema impide que el programa se inicie. Instale todas las actualizaciones disponibles y después intente iniciarlo de nuevo. Para obtener información sobre cómo instalar las actualizaciones, consulte Ayuda y soporte técnico.
Date: 2014-06-03 18:35:22.269
Description:
Windows Defender encontró un error al intentar actualizar el motor.
Nueva versión de motor:1.1.10600.0
Versión de motor anterior:
Origen de actualización:Usuario
Usuario:NT AUTHORITY\SYSTEM
Código de error:0x80508001
Descripción de error:Un problema impide que el programa se inicie. Instale todas las actualizaciones disponibles y después intente iniciarlo de nuevo. Para obtener información sobre cómo instalar las actualizaciones, consulte Ayuda y soporte técnico.
Date: 2014-06-03 18:18:55.631
Description:
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado.
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0
Date: 2013-03-01 19:52:11.659
Description:
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado.
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0
CodeIntegrity:
===================================
Date: 2019-08-21 20:20:02.021
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\anodlwfx.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2019-08-21 20:20:02.005
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\anodlwfx.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2019-08-14 14:21:06.149
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\anodlwfx.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2019-08-14 14:21:06.118
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\anodlwfx.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2019-08-14 14:14:27.253
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\anodlwfx.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2019-08-14 14:14:27.238
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\anodlwfx.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2019-08-14 14:11:19.910
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\anodlwfx.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2019-08-14 14:11:19.894
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\anodlwfx.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
==================== Memory info ===========================
BIOS: American Megatrends Inc. FF 06/20/2014
Motherboard: Gigabyte Technology Co., Ltd. H81M-S1
Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 56%
Total physical RAM: 8079.85 MB
Available physical RAM: 3528.01 MB
Total Virtual: 16157.84 MB
Available Virtual: 11327.48 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:292.87 GB) (Free:135.06 GB) NTFS
Drive d: () (Fixed) (Total:638.54 GB) (Free:437.97 GB) NTFS
Drive f: () (Removable) (Total:7.49 GB) (Free:6.94 GB) FAT32
\\?\Volume{962a1444-8a37-11e1-8068-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2F60DFE2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=292.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=638.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 656D2F6F)
No partition Table on disk 1.
==================== End of Addition.txt ============================