addition
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019 01
Ran by dalila (03-03-2019 16:03:54)
Running from C:\Users\dalila\Desktop
Windows 10 Home Version 1703 15063.1387 (X64) (2017-06-13 03:13:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-4230046787-4224212327-3222585596-500 - Administrator - Disabled)
ASPNET (S-1-5-21-4230046787-4224212327-3222585596-1002 - Limited - Enabled)
dalila (S-1-5-21-4230046787-4224212327-3222585596-1001 - Administrator - Enabled) => C:\Users\dalila
DefaultAccount (S-1-5-21-4230046787-4224212327-3222585596-503 - Limited - Disabled)
Invitado (S-1-5-21-4230046787-4224212327-3222585596-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Actualización de NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Aplicaciones destacadas de Autodesk (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
App Manager de Autodesk (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.3.7.0 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.3.7.0 - ASUSTek COMPUTER INC.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.031 - ASUSTek Computer Inc.)
AutoCAD 2011 - Español (HKLM\...\{5783F2D7-9001-040A-0102-0060B0CE6BBA}) (Version: 18.1.116.0 - Autodesk) Hidden
AutoCAD 2011 - Español (HKLM\...\AutoCAD 2011 - Español) (Version: 18.1.49.0 - Autodesk)
AutoCAD 2011 - Español Version 2.1 (HKLM\...\AutoCAD 2011 - Español Version 2.1) (Version: 1 - Autodesk)
AutoCAD 2011 Language Pack - Español (HKLM\...\{5783F2D7-9001-040A-1102-0060B0CE6BBA}) (Version: 18.1.49.0 - Autodesk) Hidden
AutoCAD 2015 - Español (Spanish) (HKLM\...\{5783F2D7-E001-0000-0102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 - Español (Spanish) (HKLM\...\{5783F2D7-E001-040A-2102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack - Español (Spanish) (HKLM\...\{5783F2D7-E001-040A-1102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{556966D9-F7F6-421B-9707-D07901604DDF}) (Version: 5.2.3.1000 - Autodesk)
Autodesk AutoCAD 2015 - Español (Spanish) (HKLM\...\AutoCAD 2015 - Español (Spanish)) (Version: 20.0.51.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk BIM 360 Revit 2015 Add-in 64 bit (HKLM\...\{37E1C3A1-7DBF-4250-9314-46167B68383D}) (Version: 3.32.3357 - Autodesk)
Autodesk Collaboration for Revit 2018 (HKLM\...\{AA384BE4-1800-0010-0000-97E7D7D00B17}) (Version: 18.0.0.420 - Autodesk) Hidden
Autodesk Collaboration for Revit 2018 (HKLM\...\Autodesk Collaboration for Revit 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Content Service (HKLM-x32\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Design Review 2011 (HKLM-x32\...\{8D20B4D7-3422-4099-9332-39F27E617A6F}) (Version: 11.0.0.86 - Autodesk, Inc.) Hidden
Autodesk Design Review 2011 (HKLM-x32\...\Autodesk Design Review 2011) (Version: 11.0.0.86 - Autodesk, Inc.)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.6.272 - Autodesk)
Autodesk Material Library 2011 (HKLM-x32\...\{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Base Image library (HKLM-x32\...\{CD1E078C-A6B9-47DA-B035-6365C85C7832}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Medium Image library (HKLM-x32\...\{975951E7-14D0-49AF-A630-89680D12D7F6}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2015 (HKLM-x32\...\{4FBC9635-AC56-4378-8FDE-C4D3ED072681}) (Version: 5.2.8.100 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2018 (HKLM-x32\...\{1B0F011A-66B4-4865-98B7-0FE132841035}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.8.100 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2018 (HKLM-x32\...\{6EC5DA32-D02D-47D4-A3C4-988C1BC1A5FE}) (Version: 16.11.1.0 - Autodesk)
Autodesk ReCap (HKLM\...\{31ABA3F2-0000-1033-0102-111D43815377}) (Version: 1.3.1.39 - Autodesk) Hidden
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.1.39 - Autodesk)
Autodesk Revit 2015 - Español (Spanish) (HKLM\...\Autodesk Revit 2015 - Español (Spanish)) (Version: 15.0.207.0 - Autodesk)
Autodesk Revit 2018 (HKLM\...\Autodesk Revit 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Revit Content Libraries 2015 - Español (Spanish) (HKLM\...\Autodesk Revit Content Libraries 2015 - Español (Spanish)) (Version: 15.0.207.0 - Autodesk)
Autodesk Revit Content Libraries 2018 (HKLM\...\Autodesk Revit Content Libraries 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Revit MEP Imperial Content (HKLM\...\{7A218E72-B73A-44AF-B4CA-D97EEEAACEFF}) (Version: 2.1 - Autodesk)
Autodesk Revit MEP Metric Content (HKLM\...\{14301A33-A4A1-41B8-A3BF-237AEC8561BB}) (Version: 2.1 - Autodesk)
Autodesk Revit Model Review 2018 (HKLM\...\{715812E8-1800-0010-0000-BBB894911B46}) (Version: 18.0.0.420 - Autodesk) Hidden
Autodesk Revit Model Review 2018 (HKLM\...\Autodesk Revit Model Review 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Workflows 2015 (HKLM\...\{A90DD6F8-60D2-4803-AFF6-796400E73E1B}) (Version: 5.2.14.100 - Autodesk, Inc.)
Autodesk Workflows 2018 (HKLM\...\{28B17270-375A-4844-9D34-754A457E17BF}) (Version: 16.11.1.0 - Autodesk, Inc.)
Batch Print for Autodesk Revit 2018 (HKLM\...\{82AF00E4-1800-0010-0000-FCE0F87063F9}) (Version: 18.0.0.420 - Autodesk) Hidden
Batch Print for Autodesk Revit 2018 (HKLM\...\Batch Print for Autodesk Revit 2018) (Version: 18.0.0.420 - Autodesk)
Call of Duty(R) 2 (HKLM-x32\...\{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.94 - NVIDIA Corporation) Hidden
DRAGON BALL XENOVERSE 2 (HKLM-x32\...\DRAGON BALL XENOVERSE 2_is1) (Version: - )
Dying Light Ultimate Edition MULTi9 - ElAmigos versión 1.15.0 (HKLM-x32\...\{081AEA41-828F-4775-8670-D83382BBD30F}_is1) (Version: 1.15.0 - Techland)
Dynamo Revit 1.2.2 (HKLM\...\{0FF47E28-76A5-44BA-8EEF-58824252F528}) (Version: 1.2.2.373 - Dynamo)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
eTransmit for Autodesk Revit 2018 (HKLM\...\{4477F08B-1800-0010-0000-9A09D834DFF5}) (Version: 18.0.0.420 - Autodesk) Hidden
eTransmit for Autodesk Revit 2018 (HKLM\...\eTransmit for Autodesk Revit 2018) (Version: 18.0.0.420 - Autodesk)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FARO LS 1.1.600.6 (64bit) (HKLM-x32\...\{510A08AF-1649-4844-94E5-EAC43A023685}) (Version: 6.0.6.5 - FARO Scanner Production)
FormIt Converter For Revit 2018 (HKLM\...\{9FFF4CAD-41A6-44D2-9467-A16AC4B6DC2A}) (Version: 1.9.3.0 - Autodesk)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Hellblade Senuas Sacrifice MULTi20 - ElAmigos versión 1.03 (HKLM-x32\...\{2B882A88-DC28-46C3-A736-17F08FC262F9}_is1) (Version: 1.03 - Ninja Theory)
Importación de SketchUp (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Network Connections 21.1.27.0 (HKLM\...\PROSetDX) (Version: 21.1.27.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
IronPython 2.7.3 (HKLM-x32\...\{1EBADAEA-1A0F-40E3-848C-0DD8C5E5A10D}) (Version: 2.7.31000.0 - IronPython Team)
Jump Force Ultimate Edition MULTi14 - ElAmigos versión 1.0 (HKLM-x32\...\{E7BE40FB-7006-42A9-ADCF-7F57D754B9F0}_is1) (Version: 1.0 - Bandai Namco Entertainment)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lumion 8.0 (HKLM\...\Lumion 8.0_is1) (Version: 8.0 - Act-3D B.V.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{52EBC484-44A1-4DC5-824A-0A503735ABD8}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
MPC-HC 1.7.10 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.10 - MPC-HC Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA Controlador de 3D Vision 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 416.94 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.94 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Panel de control de NVIDIA 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.94 - NVIDIA Corporation) Hidden
Paquete de idioma de Revit 2015 - Español (Spanish) (HKLM\...\{7346B4A0-1500-0511-040A-705C0D862004}) (Version: 15.0.207.0 - Autodesk) Hidden
Personal Accelerator for Revit (HKLM\...\{7C317DB0-F399-4024-A289-92CF4B6FB256}) (Version: 16.0.1205.0 - Autodesk) Hidden
Personal Accelerator for Revit (HKLM\...\Personal Accelerator for Revit) (Version: 16.0.1205.0 - Autodesk)
Prototype(TM) (HKLM-x32\...\{9322A850-9091-4D0E-B252-3E82EDA3D94A}) (Version: 1.0 - Activision) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7940 - Realtek Semiconductor Corp.)
Revit 2015 - Español (Spanish) (HKLM\...\{7346B4A0-1500-0510-0000-705C0D862004}) (Version: 15.0.207.0 - Autodesk) Hidden
Revit 2018 (HKLM\...\{7346B4A0-1800-0510-0000-705C0D862004}) (Version: 18.0.0.420 - Autodesk) Hidden
Revit Content Libraries 2015 - Español (Spanish) (HKLM\...\{941030D0-1500-0410-0000-818BB38A95FC}) (Version: 15.0.207.0 - Autodesk) Hidden
Revit Content Libraries 2018 (HKLM\...\{941030D0-1800-0410-0000-818BB38A95FC}) (Version: 18.0.0.420 - Autodesk) Hidden
Shadow of the Tomb Raider Croft Edition MULTi12 - ElAmigos versión 1.0.237.6 (HKLM-x32\...\{5749598C-C7FE-4BCB-BF30-CC8996E73C76}_is1) (Version: 1.0.237.6 - Square Enix)
SketchUp 2015 (HKLM\...\{7C62B699-5E17-48F4-BF4E-9250FFCE5E72}) (Version: 15.3.331 - Trimble Navigation Limited)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{13668B9F-F140-4BAB-AB06-08E0D43564F4}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{EC4F72E8-52FE-454E-B70F-DBE5C0FA44C5}) (Version: 1.20.0.0 - Microsoft Corporation) Hidden
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WarCraft III versión 1.26a (HKLM-x32\...\WarCraft III_is1) (Version: 1.26a - Blizzard Entertainment)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Worksharing Monitor for Autodesk Revit 2018 (HKLM\...\{5063E738-1800-0010-0000-7B7B9AB0B696}) (Version: 18.0.0.420 - Autodesk) Hidden
Worksharing Monitor for Autodesk Revit 2018 (HKLM\...\Worksharing Monitor for Autodesk Revit 2018) (Version: 18.0.0.420 - Autodesk)
XSplit Gamecaster (HKLM-x32\...\{8915913F-E4AF-46C5-B4EF-3535D83BFFDE}) (Version: 2.5.1507.3018 - SplitmediaLabs)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> E:\autocad 2015\AutoCAD 2015\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> E:\autocad 2015\AutoCAD 2015\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> E:\autocad 2011\autocad\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> E:\autocad 2011\autocad\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> E:\autocad 2011\autocad\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> E:\autocad 2011\autocad\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Identificador de icono superpuesto para firmas digitales de AutoCAD] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2014-02-07] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1-x32: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files (x86)\Common Files\Autodesk Shared\DWF Common\DWFShellExtension.dll [2010-01-11] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\igfxDTCM.dll [2018-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-11-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09DA6A8F-F243-471E-BA23-ABE33EBC74C5} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {10E8493A-D84F-4781-B84F-0D310E1E5258} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {11654289-0C05-4668-A2F1-A4C5EFEB8CF7} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistant => C:\Windows\UpdateAssistant\UpdateAssistant.exe
Task: {1F280736-D9CC-4710-A490-558559E5DAE8} - System32\Tasks\S-1-5-21-4230046787-4224212327-3222585596-1001\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe (Microsoft Windows -> Microsoft Corporation)
Task: {214FA2BF-4E8E-4A53-BFBB-2840323D6309} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {2A997591-D4F2-4535-A0F7-4557B095CA32} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2ABB88EE-339C-4061-B51A-1C95FE9EF434} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe (ASUSTeK Computer Inc. -> ) [File not signed]
Task: {2D18D859-CCBC-4359-B22B-32D9658367C9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {33CCC1F2-84B5-4140-A08C-8F358DD2C3D4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {36917C68-1DC7-4919-966D-10B1112234FA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {396F8FDE-A7D9-4EAB-871A-18CF997E336C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\Windows\UpdateAssistant\UpdateAssistant.exe
Task: {46312FFE-293A-40CB-B919-6407AC7893B6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {499577AB-FDB4-4545-9980-92897E0947BA} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4A7D27EB-3003-4468-88D1-83846B886D40} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {5BD71536-A3FE-4963-B9AE-59DF35AC8FFA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {644AAE09-3796-4E5A-A582-CD9E54D6E596} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe
Task: {71E21C04-8573-4A91-8DDA-DC3DDF06F957} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7E132284-231A-4B8F-9D7F-205791B4F935} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {894A0C1A-FA05-4CEE-9ACF-916A7B23863D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {9A797DF6-88B7-4BCA-8173-034A7F6FC68A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe
Task: {A6AAECBB-EF97-421A-843F-700E0C05E314} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A7DF9CC8-3458-4475-8014-ED5A6888C1C9} - System32\Tasks\Microsoft\Windows\rempl\shell-maintenance => C:\Program Files\rempl\remsh.exe
Task: {A8C57FDF-B490-4002-B45C-3B442C3EF13A} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe
Task: {BC4B6BDC-DFD0-43F8-9C0E-4E01226946C0} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E0A0E6B0-1370-4D2A-A1B1-92A9D574FDDD} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe
Task: {E12E2BFF-7A71-4E34-9914-C5C827324463} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)
Task: {E5AF1A45-2091-4357-9621-A05A8517F0B5} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {E950C347-BEF0-4382-BDB1-E7CA6BB247E4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {EAB2D582-2B4E-472F-9159-3F230E8B82B1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ECF4DEDC-542B-4C3A-B72B-129379C2D881} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe (Microsoft Windows -> Microsoft Corporation)
Task: {EF8F39D8-5BE4-40B6-B8D6-6FEAA961D91C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\...\1-2005-search.com -> www.1-2005-search.com
There are 12682 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 18:03 - 2019-03-03 15:58 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKCU\Environment\\Path: %USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-4230046787-4224212327-3222585596-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dalila\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 100.72.3.97 - 100.72.3.117
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\Services: AdAppMgrSvc => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Autodesk Content Service => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: cplspcon => 3
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: FlexNet Licensing Service 64 => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 3
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: igfxCUIService2.0.0.0 => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) PROSet Monitoring Service => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvTelemetryContainer => 2
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C91D8026-F96D-4D26-B98C-2C7DEEA71F31}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BE9C16BD-8580-40D6-9CB9-2C2200B1FAEE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EB8B459D-A6D8-43E5-96D7-AF4E52DC03AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E743E5E7-CF64-49C3-A44C-067ED4B0ED86}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{74240F3C-7635-4B58-BAD4-8E9894E4E71F}] => (Allow) LPort=59200
FirewallRules: [{5FD03B9B-C821-4A2C-9779-C7D59D87DA45}] => (Allow) LPort=5000
FirewallRules: [{A9734053-E0C4-4FD6-AD4D-14AD11BF791E}] => (Allow) LPort=50248
FirewallRules: [{A668D845-E010-4F04-BD6A-461CEFABA7DB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{DB50ADA3-BAEB-45CD-A2FB-063D6ED22AC9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{42F1872A-280A-44B1-8E1A-6AD880F9F534}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{5C7DF577-6EB5-4940-923E-B541C373B2AB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{A921E671-6A8E-4F44-91C0-3E01996CCDBE}E:\dying light\dying light\dyinglightgame.exe] => (Allow) E:\dying light\dying light\dyinglightgame.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [UDP Query User{1B56A3A9-9D5D-4FDF-BAE6-967D2B0FA43C}E:\dying light\dying light\dyinglightgame.exe] => (Allow) E:\dying light\dying light\dyinglightgame.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [{A93224EC-38BB-429B-AC0F-70FCBAB55B1B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{83D65765-E7C0-4619-8AF6-A617E608B537}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4F5515B9-EECB-4D81-BBEE-F5E5335748AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BC39CB83-826F-433C-8507-AFA3585DA9C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4DCA5856-20D5-40D5-BD67-9744A270DE78}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AD405369-55FB-4DDD-9C25-4C0D51452958}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{BD9DD5D5-B6BF-4F4C-8CB3-8AF54014593E}D:\jump force\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe] => (Allow) D:\jump force\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [UDP Query User{C3EA6AF5-EB7F-4A36-82C9-047831ACC0DB}D:\jump force\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe] => (Allow) D:\jump force\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [{D2C89B81-F9D1-41D0-93DD-4E1E3791E9BF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)
FirewallRules: [{06E98C78-D787-4993-ABC0-2EADB733B5A0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)
FirewallRules: [{E448BF5D-58B0-407A-9FFF-732FC24B519F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
==================== Restore Points =========================
28-02-2019 17:14:50 Windows Update
03-03-2019 13:40:40 Copias de seguridad de Windows
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/03/2019 02:58:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().
Details:
AddWin32ServiceFiles: Unable to back up image of service AvastWscReporter since QueryServiceConfig API failed
System Error:
El sistema no puede encontrar el archivo especificado.
.
Error: (03/03/2019 01:40:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().
Details:
AddWin32ServiceFiles: Unable to back up image of service AvastWscReporter since QueryServiceConfig API failed
System Error:
El sistema no puede encontrar el archivo especificado.
.
Error: (03/03/2019 01:40:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().
Details:
AddWin32ServiceFiles: Unable to back up image of service AvastWscReporter since QueryServiceConfig API failed
System Error:
El sistema no puede encontrar el archivo especificado.
.
Error: (03/03/2019 01:40:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().
Details:
AddWin32ServiceFiles: Unable to back up image of service AvastWscReporter since QueryServiceConfig API failed
System Error:
El sistema no puede encontrar el archivo especificado.
.
Error: (03/03/2019 01:39:51 PM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (9156) Al intentar abrir el archivo "C:\Users\dalila\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" para acceso de sólo lectura se produjo el error de sistema 32 (0x00000020): "El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8).
Error: (03/03/2019 01:30:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().
Details:
AddWin32ServiceFiles: Unable to back up image of service AvastWscReporter since QueryServiceConfig API failed
System Error:
El sistema no puede encontrar el archivo especificado.
.
Error: (03/03/2019 01:19:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().
Details:
AddWin32ServiceFiles: Unable to back up image of service AvastWscReporter since QueryServiceConfig API failed
System Error:
El sistema no puede encontrar el archivo especificado.
.
Error: (03/03/2019 12:55:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().
Details:
AddWin32ServiceFiles: Unable to back up image of service AvastWscReporter since QueryServiceConfig API failed
System Error:
El sistema no puede encontrar el archivo especificado.
.
System errors:
=============
Error: (03/03/2019 03:59:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio HvHost se cerró con el siguiente error:
Uno de los dispositivos conectados al sistema no funciona.
Error: (03/03/2019 03:58:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Windows Search no pudo iniciarse debido al siguiente error:
No se puede iniciar el servicio debido a un error en el inicio de sesión.
Error: (03/03/2019 03:58:50 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: El servicio WSearch no se pudo iniciarse como NT AUTHORITY\SYSTEM con la contraseña configurada actualmente debido al siguiente error:
Solicitud no compatible.
Para asegurarse de que el servicio esté correctamente configurado, use el complemento Servicios en Microsoft Management Console (MMC).
Error: (03/03/2019 03:58:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Remediation Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.
Error: (03/03/2019 03:58:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Search terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.
Error: (03/03/2019 03:58:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio SQL Server VSS Writer se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (03/03/2019 03:58:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio PnkBstrA se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (03/03/2019 03:54:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media se cerró con el siguiente error:
Se intentó hacer referencia a un token que no existe.
Windows Defender:
===================================
Date: 2019-03-03 03:55:22.606
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {D9698348-B64A-4060-AE5B-CDCDB206EAFE}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-03-03 01:06:00.947
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_E:\Desktop\Documents\diego el mejor\programas utiles\activador win 10\KMSAuto Net 2015 v1.3.7\KMSAuto Net.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.287.354.0, AS: 1.287.354.0, NIS: 1.287.354.0
Versión de motor: AM: 1.1.15700.8, NIS: 1.1.15700.8
Date: 2019-02-19 19:02:30.751
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_E:\Desktop\Documents\diego el mejor\programas utiles\activador win 10\KMSAuto Net 2015 v1.3.7\KMSAuto Net.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-OE0ML4N\dalila
Nombre de proceso: C:\Windows\explorer.exe
Versión de firma: AV: 1.287.354.0, AS: 1.287.354.0, NIS: 1.287.354.0
Versión de motor: AM: 1.1.15700.8, NIS: 1.1.15700.8
Date: 2019-02-19 19:02:25.865
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_E:\Desktop\Documents\diego el mejor\programas utiles\activador win 10\KMSAuto Net 2015 v1.3.7\KMSAuto Net.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-OE0ML4N\dalila
Nombre de proceso: C:\Program Files\WinRAR\WinRAR.exe
Versión de firma: AV: 1.287.354.0, AS: 1.287.354.0, NIS: 1.287.354.0
Versión de motor: AM: 1.1.15700.8, NIS: 1.1.15700.8
Date: 2019-02-19 18:51:09.230
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_E:\Desktop\Documents\diego el mejor\programas utiles\office 2016 + activador\ac2016\KMSTEST5+\KMSAuto.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.287.189.0, AS: 1.287.189.0, NIS: 1.287.189.0
Versión de motor: AM: 1.1.15700.8, NIS: 1.1.15700.8
Date: 2019-02-15 16:19:29.145
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior:
Origen de actualización: Usuario
Tipo de firma:
Tipo de actualización:
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior:
Código de error: 0x80070652
Descripción del error: Existe otra instalación en curso. Complete dicha instalación antes de continuar con ésta.
Date: 2019-02-05 12:17:20.705
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.283.2845.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual:
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección
Date: 2019-02-05 12:17:20.705
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.283.2845.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual:
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección
Date: 2019-02-05 12:17:20.704
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.283.2845.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual:
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección
Date: 2019-02-05 12:17:20.700
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.283.2845.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual:
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección
CodeIntegrity:
===================================
Date: 2019-02-15 17:56:39.742
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-10 15:15:30.454
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-06 22:02:59.870
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-01-13 01:04:03.428
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\icarus\appdata\Bin64\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.
Date: 2019-01-11 16:34:08.132
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\icarus\appdata\Bin64\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.
Date: 2019-01-11 16:19:07.153
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\icarus\appdata\Bin64\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.
Date: 2019-01-11 16:12:50.805
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\icarus\appdata\Bin64\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.
Date: 2019-01-08 22:07:05.187
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\icarus\appdata\Bin64\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-7600 CPU @ 3.50GHz
Percentage of memory in use: 28%
Total physical RAM: 8139.76 MB
Available physical RAM: 5816.25 MB
Total Virtual: 11851.76 MB
Available Virtual: 8918.4 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:488.06 GB) (Free:377.15 GB) NTFS
Drive d: () (Fixed) (Total:465.75 GB) (Free:35.9 GB) NTFS
Drive e: (Datos) (Fixed) (Total:443.23 GB) (Free:142.49 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 733FD22C)
Partition: GPT.
==================== End of Addition.txt ============================