Hola, buenos días. Desde hace unas semana que mi laptop Toshiba Qosmio Intel Core i7-4700MQ CPU 2.40GHz Memoria RAM 16GB Sistema operativo de 64 bits, procesador x64 Windows 8.1 Single Language se cuelga de manera aleatoria y a veces las páginas de internet demoran en cargar o se cuelgan con mensaje aveces de script que no responde. He cumplido con la guia de desinfección del foro pero no he tenido solución. Copio los reportes y agradecería mucho me puedan orientar con respecto a qué solución podría intentar. Muchas Gracias!
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 9/12/19
Hora del análisis: 10:53
Archivo de registro: 0027c0f3-1a9c-11ea-bfa2-a0a8cdc99748.json
-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.770
Versión del paquete de actualización: 1.0.15882
Licencia: Gratis
-Información del sistema-
SO: Windows 8.1
CPU: x64
Sistema de archivos: NTFS
Usuario: SALVASLAP\Salvador
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 333858
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 2 min, 21 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 0
(No hay elementos maliciosos detectados)
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
# -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build: 11-21-2019
# Database: 2019-11-20.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-09-2019
# Duration: 00:00:02
# OS: Windows 8.1 Single Language
# Cleaned: 17
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.TOSHIBAPasswordUtility Folder C:\Program Files\TOSHIBA\PASSWORDUTILITY
Deleted Preinstalled.TOSHIBAPasswordUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}
Deleted Preinstalled.TOSHIBAPasswordUtility Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}
Deleted Preinstalled.TOSHIBAQualityApplication Folder C:\Program Files (x86)\TOSHIBA\TOSHIBAFB
Deleted Preinstalled.TOSHIBAQualityApplication Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{E69992ED-A7F6-406C-9280-1C156417BC49}
Deleted Preinstalled.TOSHIBARegistration Folder C:\Program Files (x86)\TOSHIBA\TOSHIBAREGISTRATION
Deleted Preinstalled.TOSHIBARegistration Folder C:\ProgramData\TOSHIBA\TOSHIBAREGISTRATION
Deleted Preinstalled.TOSHIBARegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{5AF550B4-BB67-4E7E-82F1-2C4300279050}
Deleted Preinstalled.TOSHIBASystemSettings Folder C:\Program Files (x86)\TOSHIBA\SYSTEM SETTING
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TCrdMain
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TSSSrv
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TCrdMain
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TSSSrv
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{05A55927-DB9B-4E26-BA44-828EBFF829F0}
Deleted Preinstalled.TOSHIBAUser'sGuide Folder C:\Program Files (x86)\TOSHIBA\DOCUMENTATION
Deleted Preinstalled.TOSHIBAUser'sGuide Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}
Deleted Preinstalled.TOSHIBAUtilities Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\UTILITIES
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner_Debug.log - [41330 octets] - [07/11/2019 22:53:07]
AdwCleaner[S00].txt - [4852 octets] - [07/11/2019 22:53:21]
AdwCleaner[C00].txt - [2915 octets] - [07/11/2019 22:55:16]
AdwCleaner[S01].txt - [3600 octets] - [07/11/2019 22:59:59]
AdwCleaner[S02].txt - [3661 octets] - [04/12/2019 11:19:03]
AdwCleaner[C02].txt - [4068 octets] - [04/12/2019 11:28:05]
AdwCleaner[S03].txt - [3783 octets] - [09/12/2019 11:09:23]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 8.1 Single Language x64
Ran by Salvador (Administrator) on 09/12/2019 at 11:16:37.51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09/12/2019 at 11:19:12.56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2019
Ran by Salvador (administrator) on SALVASLAP (TOSHIBA Qosmio X75-A) (09-12-2019 11:20:24)
Running from C:\Users\Salvador\Desktop
Loaded Profiles: Salvador (Available Profiles: Salvador & Salvador_2 & Administrador)
Platform: Windows 8.1 Single Language (Update) (X64) Language: Español (España, internacional)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Windows\SysWOW64\SMITSC.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(DTS, Inc. -> ) C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Electronic Arts, Inc. -> Electronic Arts) D:\Programas\Origin\OriginWebHelperService.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(philandro Software GmbH -> ) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(philandro Software GmbH -> ) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCUpdate.exe
(Shenzhen Yi Xing Investment Co., Ltd. -> Iskysoft) C:\Program Files (x86)\iSkysoft\IAF\2.4.3.227\IsAppService.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) G:\Programas\SA\SASCore64.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TOSHIBA CORPORATION -> Toshiba Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(VIVOTEK INC. -> ) C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSBackupServer.exe
(VIVOTEK INC. -> ) C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSConfigurationServer.exe
(VIVOTEK INC. -> ) C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSEventServer.exe
(VIVOTEK INC. -> ) C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSQueryServer.exe
(VIVOTEK INC. -> ) C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSRecordingServer.exe
(VIVOTEK INC. -> ) C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSStreamingServer.exe
(VIVOTEK INC. -> ) C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSUranusWatchDog.exe
(VIVOTEK INC. -> VIVOTEK) C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSWebServer.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
Continuación de FRST
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-09 11:19 - 2018-01-03 13:32 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-12-09 11:19 - 2016-11-18 19:34 - 000000000 ____D C:\Users\Salvador\AppData\LocalLow\Mozilla
2019-12-09 11:18 - 2018-01-05 18:33 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-09 11:17 - 2018-01-03 13:07 - 000003594 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2558096425-18442944-2156315313-1002
2019-12-09 11:16 - 2019-09-19 15:08 - 000000576 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2558096425-18442944-2156315313-1002.job
2019-12-09 11:16 - 2013-11-05 04:53 - 001613712 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-09 11:16 - 2013-08-28 19:06 - 000704954 _____ C:\WINDOWS\system32\perfh00A.dat
2019-12-09 11:16 - 2013-08-28 19:06 - 000141322 _____ C:\WINDOWS\system32\perfc00A.dat
2019-12-09 11:16 - 2013-08-22 08:36 - 000000000 ____D C:\WINDOWS\Inf
2019-12-09 11:14 - 2019-09-19 15:08 - 000000672 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2558096425-18442944-2156315313-1002.job
2019-12-09 11:14 - 2019-01-03 15:21 - 000000000 ____D C:\Users\Salvador\AppData\Local\LogMeIn Hamachi
2019-12-09 11:12 - 2018-01-03 16:27 - 000000970 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2019-12-09 11:12 - 2014-11-13 15:38 - 000000000 __RDO C:\Users\Salvador\SkyDrive
2019-12-09 11:12 - 2013-08-22 09:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-09 11:11 - 2013-11-05 05:31 - 000000000 ____D C:\Program Files (x86)\Toshiba
2019-12-09 11:11 - 2013-11-05 05:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2019-12-09 11:11 - 2013-11-05 05:29 - 000000000 ____D C:\Program Files\Toshiba
2019-12-09 11:11 - 2013-08-22 08:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2019-12-09 10:57 - 2018-01-03 16:27 - 000000974 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2019-12-09 10:53 - 2018-01-03 13:38 - 000000000 ____D C:\Users\Salvador\AppData\Local\CrashDumps
2019-12-09 10:49 - 2018-01-03 14:51 - 000000000 ____D C:\Program Files\CCleaner
2019-12-09 10:48 - 2018-01-03 14:51 - 000004128 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-12-09 10:48 - 2014-12-13 12:42 - 000000805 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-09 10:48 - 2014-12-13 12:42 - 000000805 _____ C:\ProgramData\Desktop\CCleaner.lnk
2019-12-09 00:03 - 2018-04-04 20:38 - 000034055 _____ C:\Users\Salvador\AppData\Roaming\VoiceMeeterDefault.xml
2019-12-08 21:59 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-08 20:53 - 2019-09-06 15:23 - 000000000 ____D C:\Users\Salvador\AppData\Local\cache
2019-12-08 20:53 - 2018-01-03 14:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-12-08 20:52 - 2013-08-22 10:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-08 20:33 - 2018-03-04 22:10 - 000000000 ____D C:\WINDOWS\Minidump
2019-12-08 19:50 - 2019-10-09 18:21 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-12-08 19:50 - 2019-10-09 18:21 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-12-07 21:48 - 2018-01-03 15:36 - 000000000 ____D C:\Users\Salvador\AppData\Roaming\WhatsApp
2019-12-07 21:47 - 2019-09-19 15:08 - 000003680 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-2558096425-18442944-2156315313-1002
2019-12-07 21:47 - 2019-09-19 15:08 - 000003584 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-2558096425-18442944-2156315313-1002
2019-12-07 21:47 - 2019-09-19 15:08 - 000000000 ____D C:\Users\Salvador\AppData\Local\GoToMeeting
2019-12-06 14:23 - 2018-01-03 16:27 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-12-06 13:25 - 2013-08-22 10:36 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-06 12:06 - 2014-11-13 15:36 - 000000000 ____D C:\Users\Salvador\AppData\Local\Packages
2019-12-06 12:04 - 2013-08-22 09:44 - 005098112 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-06 11:58 - 2017-07-06 17:30 - 000000000 ____D C:\Users\Salvador\Documents\Snagit
2019-12-06 11:58 - 2017-04-18 23:58 - 000000000 ____D C:\Users\Salvador\Documents\Starcraft
2019-12-06 11:58 - 2015-02-21 11:04 - 000000000 ____D C:\Users\Salvador\Documents\Camtasia Studio
2019-12-06 11:58 - 2013-08-22 08:25 - 000000128 _____ C:\WINDOWS\win.ini
2019-12-06 11:44 - 2018-01-03 13:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-12-06 11:39 - 2018-01-03 13:18 - 000000959 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-12-05 19:16 - 2013-08-22 10:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-05 19:16 - 2013-08-22 10:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-12-05 19:15 - 2018-10-03 11:13 - 000000000 ____D C:\Program Files\Microsoft Office
2019-12-05 17:32 - 2018-12-28 15:03 - 000000000 ____D C:\Users\Salvador\AppData\Roaming\obs-studio
2019-12-05 14:36 - 2018-01-04 12:18 - 000207784 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2019-12-04 12:00 - 2013-11-05 05:31 - 000000000 ____D C:\ProgramData\Toshiba
2019-12-03 15:06 - 2018-01-03 14:44 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2019-12-03 15:06 - 2017-09-30 13:06 - 000000000 ____D C:\Users\Salvador\Desktop\mbar
2019-12-03 12:49 - 2015-08-12 12:04 - 000000000 ___RD C:\Users\Salvador\Google Drive
2019-12-02 22:26 - 2017-11-29 12:50 - 000000000 ____D C:\Users\Salvador\Downloads\BetterCam1
2019-12-02 22:17 - 2018-01-03 17:36 - 000000000 ____D C:\Program Files\KMSpico
2019-12-02 22:16 - 2018-01-05 18:33 - 000000000 ____D C:\Users\UpdatusUser
2019-12-02 22:16 - 2018-01-03 13:00 - 000000000 ____D C:\Users\Salvador_2
2019-12-02 22:16 - 2013-11-05 04:47 - 000000000 ____D C:\Users\Administrator
2019-12-02 22:06 - 2018-08-31 19:32 - 000000000 ____D C:\Users\Salvador\AppData\Local\LarianLauncher
2019-12-02 20:49 - 2018-01-03 13:26 - 000000000 ____D C:\Users\Salvador\AppData\Roaming\discord
2019-11-29 14:20 - 2018-08-18 15:30 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2019-11-29 00:47 - 2018-01-03 13:00 - 000000000 ____D C:\Users\Salvador
2019-11-28 09:14 - 2018-01-04 16:08 - 000000000 ____D C:\Users\Salvador\AppData\Roaming\GlarySoft
2019-11-28 09:01 - 2019-02-26 15:44 - 000000734 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2019-11-28 09:01 - 2019-02-26 15:44 - 000000734 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2019-11-28 09:01 - 2019-02-26 15:44 - 000000734 _____ C:\ProgramData\Desktop\Glary Utilities 5.lnk
2019-11-27 21:16 - 2018-01-04 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-11-27 21:15 - 2014-08-13 23:22 - 000000000 ____D C:\ProgramData\Package Cache
2019-11-25 17:50 - 2019-01-21 17:47 - 000000000 ____D C:\Users\Salvador\Google Drive Personal
2019-11-25 15:28 - 2018-01-03 15:36 - 000000000 ____D C:\Users\Salvador\AppData\Local\WhatsApp
2019-11-25 11:13 - 2018-12-27 16:13 - 000003584 _____ C:\Users\Salvador\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-11-25 11:00 - 2018-01-05 10:33 - 000003182 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2558096425-18442944-2156315313-1002
2019-11-25 11:00 - 2018-01-04 22:26 - 000002352 _____ C:\Users\Salvador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive para la Empresa.lnk
2019-11-20 12:52 - 2018-01-03 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2019-11-20 12:52 - 2013-11-05 05:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-11-20 12:44 - 2018-02-06 13:05 - 000000000 ____D C:\Program Files\Defraggler
2019-11-20 12:18 - 2018-01-05 18:20 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-11-20 12:17 - 2018-07-23 16:22 - 000004146 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-20 12:17 - 2018-07-23 16:22 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-20 12:17 - 2018-07-23 16:22 - 000003798 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-20 12:17 - 2018-07-23 16:22 - 000003790 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-20 12:17 - 2018-07-23 16:22 - 000001357 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2019-11-20 12:17 - 2018-07-23 16:22 - 000001357 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2019-11-20 12:16 - 2018-01-05 18:00 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-11-20 12:16 - 2018-01-05 18:00 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-11-20 12:15 - 2018-01-05 19:12 - 000000000 ____D C:\Users\Salvador\AppData\Local\NVIDIA Corporation
2019-11-20 12:15 - 2018-01-05 15:49 - 000003738 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-20 12:15 - 2018-01-05 15:49 - 000003494 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-20 12:11 - 2018-02-06 13:05 - 000001707 _____ C:\Users\Public\Desktop\Defraggler.lnk
2019-11-20 12:11 - 2018-02-06 13:05 - 000001707 _____ C:\ProgramData\Desktop\Defraggler.lnk
2019-11-20 12:11 - 2018-01-03 13:37 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-20 00:17 - 2018-06-01 21:03 - 000000000 ____D C:\ProgramData\Origin
2019-11-20 00:16 - 2015-08-01 19:20 - 000000000 ____D C:\Users\Salvador\Documents\The Witcher 3
2019-11-19 12:29 - 2018-09-03 20:43 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-11-19 12:29 - 2018-06-01 21:05 - 000000000 ____D C:\Users\Salvador\AppData\Roaming\Origin
2019-11-17 12:46 - 2015-10-26 21:16 - 000000000 ____D C:\Users\Salvador\Documents\My Games
2019-11-14 14:59 - 2018-05-07 12:28 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-11-13 20:37 - 2018-01-03 16:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-11-13 20:32 - 2018-01-03 16:13 - 128443096 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-11-12 21:38 - 2018-01-03 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-11-12 16:03 - 2018-01-04 12:16 - 000748816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-11-12 15:35 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-11-11 11:26 - 2018-03-12 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-11-11 11:26 - 2018-03-12 19:38 - 000000000 ____D C:\Program Files\Java
2019-11-11 11:25 - 2018-03-12 19:38 - 000129080 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
==================== Files in the root of some directories ========
2018-03-12 11:40 - 2018-03-12 11:44 - 000000132 _____ () C:\Users\Salvador\AppData\Roaming\Adobe BMP Format CS6 Prefs
2018-03-12 11:43 - 2019-01-03 17:48 - 000000132 _____ () C:\Users\Salvador\AppData\Roaming\Adobe PNG Format CS6 Prefs
2018-11-16 18:29 - 2018-11-16 18:29 - 000000132 _____ () C:\Users\Salvador\AppData\Roaming\Prefs. de filtro IllExport de Adobe CS6
2018-05-08 18:03 - 2018-11-20 17:18 - 000000132 _____ () C:\Users\Salvador\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2018-04-04 20:38 - 2019-12-09 00:03 - 000034055 _____ () C:\Users\Salvador\AppData\Roaming\VoiceMeeterDefault.xml
2018-11-16 18:26 - 2018-11-28 19:03 - 000001456 _____ () C:\Users\Salvador\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2018-11-27 11:07 - 2018-12-11 12:14 - 000001456 _____ () C:\Users\Salvador\AppData\Local\Adobe Save for Web 13.0 Prefs
2018-12-27 16:13 - 2019-11-25 11:13 - 000003584 _____ () C:\Users\Salvador\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-28 10:13 - 2018-09-28 10:13 - 000000000 _____ () C:\Users\Salvador\AppData\Local\oobelibMkey.log
2019-09-06 16:48 - 2019-09-06 16:48 - 000001003 _____ () C:\Users\Salvador\AppData\Local\recently-used.xbel
2018-05-29 01:27 - 2018-05-29 01:27 - 000007609 _____ () C:\Users\Salvador\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2018-07-15 17:36
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2019
Ran by Salvador (09-12-2019 11:21:10)
Running from C:\Users\Salvador\Desktop
Windows 8.1 Single Language (Update) (X64) (2018-01-03 18:00:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-2558096425-18442944-2156315313-500 - Administrator - Disabled) => C:\Users\Administrator
ASPNET (S-1-5-21-2558096425-18442944-2156315313-1006 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2558096425-18442944-2156315313-1004 - Limited - Enabled)
Invitado (S-1-5-21-2558096425-18442944-2156315313-501 - Limited - Disabled)
Salvador (S-1-5-21-2558096425-18442944-2156315313-1002 - Administrator - Enabled) => C:\Users\Salvador
Salvador_2 (S-1-5-21-2558096425-18442944-2156315313-1005 - Administrator - Enabled) => C:\Users\Salvador_2
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Actualización de NVIDIA 38.0.2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.2.0 - NVIDIA Corporation) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20056 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.23 - Adobe Systems)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.270 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\Akamai) (Version: - Akamai Technologies, Inc)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 5.4.0 - philandro Software GmbH)
Aplicación de escritorio Cisco Webex Meetings (HKLM-x32\...\{1EFB7178-5F7C-4591-8C66-DA7557BBAD27}) (Version: 33.6.2.16 - Cisco Webex LLC)
Apple Application Support (32 bits) (HKLM-x32\...\{80B42CAA-28C0-4FBD-A46E-D61F45E2F9FC}) (Version: 7.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{466D00D0-E7DE-47C2-8FE5-54A8009F5850}) (Version: 7.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
ASIO Bridge and Hi-Fi Cable (HKLM-x32\...\VB:ASIOBridge {17359A74-1236-5467}) (Version: - VB-Audio Software)
Avira (HKLM-x32\...\{2F177249-7B33-4501-BBC8-3091F6079B35}) (Version: 1.2.139.5840 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{8489ad9e-2c28-4aaf-97f7-d97424e9e4dc}) (Version: 1.2.139.5840 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{d1005689-1fdc-458f-956d-498db20c18df}) (Version: 1.2.138.20753 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.1912.1683 - Avira Operations GmbH & Co. KG)
Backup and Sync from Google (HKLM\...\{93EBD8BA-7A14-4636-8F1F-E929ADF2C3A9}) (Version: 3.47.7654.0300 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 4.1.21.2018 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Camtasia Studio 8 (HKLM-x32\...\{5303CFB5-D635-44F0-A94B-9611E81F07C4}) (Version: 8.3.0.1471 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version: - dvd8n)
Centro de Mouse y Teclado de Microsoft (HKLM\...\{93FDA8B3-711F-45A7-B7E1-497452B34F5F}) (Version: 10.4.137.0 - Microsoft Corporation) Hidden
Centro de Mouse y Teclado de Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 10.4.137.0 - Microsoft Corporation)
Cisco Webex Meetings (HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\ActiveTouchMeetingClient) (Version: - Cisco Webex LLC)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.2.0 - Conexant)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Discord (HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.35 - NVIDIA Corporation) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 86.4.146 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
DTS Studio Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
Engineer Suite version 0.4.38 (HKLM-x32\...\{EBF3B63D-82C0-499E-A6F4-846D4BFF3F71}_is1) (Version: 0.4.38 - Ancient Tree)
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
GIMP 2.10.2 (HKLM\...\GIMP-2_is1) (Version: 2.10.2 - The GIMP Team)
Glary Utilities 5.132 (HKLM-x32\...\Glary Utilities 5) (Version: 5.132.0.158 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Earth Pro (HKLM-x32\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
GoTo Opener (HKLM-x32\...\{27288E10-7B6A-4EAD-BF7D-C40F86C3C751}) (Version: 1.0.527 - LogMeIn, Inc.)
GoToMeeting 10.5.0.16180 (HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\GoToMeeting) (Version: 10.5.0.16180 - LogMeIn, Inc.)
HP Deskjet 4620 series Software básico del dispositivo (HKLM\...\{FFEBABFA-70F1-4596-BC81-10D64B714FEA}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) 4.0 (HKLM-x32\...\{7BF2D071-1108-4DAC-8DF2-2CD86822039F}) (Version: 3.0.1335.05 - Intel Corporation)
Java 8 Update 231 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Jing (HKLM-x32\...\{8C784F8B-89D0-4A59-A000-7EEF129E1574}) (Version: 2.9.15255.1 - TechSmith Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.61 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Office 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.12228.20332 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft PowerBI Desktop (x64) (HKLM-x32\...\{ab1c2814-a2cf-44de-a788-4feeef539e6f}) (Version: 2.74.5619.862 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 71.0 (x64 en-US) (HKLM\...\Mozilla Firefox 71.0 (x64 en-US)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 71.0.0.7275 - Mozilla)
MusicBee 3.1 (HKLM-x32\...\MusicBee) (Version: 3.1 - Steven Mayall)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA Controlador de gráficos 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 417.35 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.1.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.1.57 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20332 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20332 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.12228.20332 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.55.33574 - Electronic Arts, Inc.)
Panel de control de NVIDIA 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 417.35 - NVIDIA Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller 2.0.6 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.6 - VS Revo Group, Ltd.)
Software Intel® PROSet/Wireless (HKLM-x32\...\{6535d76a-59fb-4935-b2c5-cd61917c4a4b}) (Version: 17.16.0 - Intel Corporation)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Spotify (HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\Spotify) (Version: 1.1.0.237.g378f6f25 - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Stellarium 0.19.1.1 (HKLM\...\Stellarium_is1) (Version: 0.19.1.1 - Stellarium team)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1262 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.1 - Synaptics Incorporated)
Syrinscape Fantasy Player 1.3.3-20160816 (HKLM-x32\...\Syrinscape Fantasy Player 1.0_is1) (Version: - Syrinscape Pty Ltd)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.0.8397 - TeamViewer)
THE WITCHER 3 WILD HUNT (HKLM-x32\...\{5B16803D-D598-4EDA-9E8E-A3D76F625EBF}) (Version: 3.0.10.6059 - CD PROJEKT RED)
TOSHIBA Application Installer (HKLM\...\{21A63CA3-75C0-4E56-B602-B7CD2EF6B621}) (Version: 9.0.2.4 - Toshiba Corporation)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.17.0 - Toshiba Corporation)
TOSHIBA Blu-ray Disc Player (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 1.0.5.214 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{F64E9295-E1B3-4EEA-86D3-AF44A0087B06}) (Version: 1.1.16.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0002.6401 - Toshiba Corporation)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.5.0003.64001 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{63E575B6-BEF3-4DE7-823E-508837914157}) (Version: 2.6.16.0 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation)
UiPath Studio (HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\UiPath) (Version: 19.10.0-beta0484 - UiPath)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)
VBCABLE-A, The Virtual Audio Cable (HKLM\...\VB:VBCABLEA {87459874-1236-4469}) (Version: - VB-Audio Software)
VBCABLE-B, The Virtual Audio Cable (HKLM\...\VB:VBCABLEB {87459874-1236-4469}) (Version: - VB-Audio Software)
VIVOTEK ST7501 (HKLM-x32\...\ST7501) (Version: 1.11.0.9 - VIVOTEK, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version: - VB-Audio Software)
WebClient (HKLM-x32\...\WebClient) (Version: - )
WhatsApp (HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\WhatsApp) (Version: 0.3.9308 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.0.4) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2017-09-05] (WildTangent Games)
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_3.1.2.8_neutral__343d40qqvtj1t [2017-09-05] (Amazon.com)
Evernote Touch -> C:\Program Files\WindowsApps\Evernote.Evernote_3.3.0.102_x86__q4d96b2w5wcc2 [2017-09-05] (Evernote)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.15133.0_x86__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation)
HP All-in-One Printer Remote -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_55.1.43.0_x86__v10z8vjag6ke6 [2017-09-05] (Hewlett-Packard Company)
Juegos -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation) [MS Ad]
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2017-09-05] (AMZN Mobile LLC)
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation) [MS Ad]
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation) [MS Ad]
MSN Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation) [MS Ad]
MSN Recetas -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation) [MS Ad]
MSN Salud -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation) [MS Ad]
MSN Viajes -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation) [MS Ad]
Música -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_2.22.0.39_x64__mcm4njqhnhss8 [2018-10-25] (Netflix, Inc.)
Norton Studio -> C:\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.5.0.41_x86__v68kp9n051hdp [2017-09-05] (Symantec Corporation)
Skitch Touch -> C:\Program Files\WindowsApps\Evernote.Skitch_2.4.2000.1918_neutral__q4d96b2w5wcc2 [2017-09-05] (Evernote)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2017-09-05] (Skype) [MS Ad]
Toshiba Central -> C:\Program Files\WindowsApps\ToshibaAmericaInformation.ToshibaCentral_1.3.0.4_neutral__r8x1fxsdcnpjw [2017-09-05] (Toshiba America Information Systems, Inc.)
TOSHIBA Media Player by sMedio TrueLink+ -> C:\Program Files\WindowsApps\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_3.1.1.33_x64__679ekb9hp1h62 [2017-09-05] (sMedio)
Vídeo -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation) [MS Ad]
Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation) [MS Ad]
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2017-09-05] (Zinio LLC)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2558096425-18442944-2156315313-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Salvador\AppData\Local\GoToMeeting\14316\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => G:\Programas\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-11-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => G:\Programas\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-08] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2013-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-12-11] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => G:\Programas\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-08] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-11-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Salvador\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
ShortcutWithArgument: C:\Users\Salvador\Desktop\Persona 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 4"
ShortcutWithArgument: C:\Users\Salvador\Desktop\webmaster - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\Users\Salvador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Salvador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Salvador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
==================== Loaded Modules (Whitelisted) =============
2015-10-26 03:26 - 2015-10-26 03:26 - 000363520 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\AccountFacade.dll
2015-10-26 03:25 - 2015-10-26 03:25 - 001094144 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\CameraConfig.dll
2015-10-26 03:30 - 2015-10-26 03:30 - 001323008 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ConfigurationCmdModule.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 005319168 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DataBroker.dll
2015-10-25 23:09 - 2015-10-25 23:09 - 000107520 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DBMSI_ODBC.dll
2015-10-25 23:09 - 2015-10-25 23:09 - 000214016 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DBMSI_PostgreSQL.dll
2015-10-25 23:09 - 2015-10-25 23:09 - 000113152 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DBMSI_SQLite.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 000081408 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DRMControl.dll
2015-10-26 03:31 - 2015-10-26 03:31 - 006480384 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\EventCmdModule.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 002469888 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ffmpeg.dll
2015-10-25 23:14 - 2015-10-25 23:14 - 001235968 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\Gaea.dll
2015-10-25 23:08 - 2015-10-25 23:08 - 000151552 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\libexpat.dll
2015-10-25 23:09 - 2015-10-25 23:09 - 000160256 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\LIBPQ.dll
2015-10-25 23:05 - 2015-10-25 23:05 - 000967680 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\libxml2.dll
2015-10-25 23:10 - 2015-10-25 23:10 - 000115712 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\Mario.dll
2015-10-26 03:25 - 2015-10-26 03:25 - 000081408 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\MessageParser.dll
2015-10-26 03:26 - 2015-10-26 03:26 - 000077824 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\MistRetriever.dll
2015-10-26 03:27 - 2015-10-26 03:27 - 000503296 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\mongoose.dll
2015-10-25 23:08 - 2015-10-25 23:08 - 000139776 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\NetScheduler.dll
2015-10-26 03:34 - 2015-10-26 03:34 - 000971776 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\QTSSModules\QTSSVivotekModule.dll
2015-10-26 03:29 - 2015-10-26 03:29 - 004537856 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\SDKModules\OnvifCameraSDK.dll
2015-10-26 03:28 - 2015-10-26 03:28 - 004495360 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\SDKModules\VIVOTEKCameraSDK.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 000371200 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerChannel.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 000087552 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerChannelWrapper.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 000073216 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerControllerLoader.DLL
2015-10-26 03:27 - 2015-10-26 03:27 - 001710592 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerModules.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 000071680 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerUtilityLoader.DLL
2015-10-26 03:27 - 2015-10-26 03:27 - 000077824 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\SocketRelayer.dll
2015-10-25 23:09 - 2015-10-25 23:09 - 000612664 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\sqlite3.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 000096768 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\SrvDepResource.dll
2015-10-26 03:34 - 2015-10-26 03:34 - 000314880 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VNDPTunnel.dll
2015-10-25 23:05 - 2015-10-25 23:05 - 000059904 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\zlib1.dll
2012-09-23 20:44 - 2012-09-23 20:44 - 000010240 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp
2015-10-25 23:05 - 2015-10-25 23:05 - 000888832 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\iconv.dll
2015-10-25 23:05 - 2015-10-25 23:05 - 000888832 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\libiconv2.dll
2015-10-25 23:09 - 2015-10-25 23:09 - 000968886 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\libiconv-2.dll
2015-10-25 23:09 - 2015-10-25 23:09 - 000083906 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\libintl-8.dll
2015-10-25 23:05 - 2015-10-25 23:05 - 000103424 _____ (GNU <www.gnu.org>) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\intl.dll
2018-06-19 16:25 - 2017-06-19 11:12 - 000087040 _____ (Iskysoft) [File not signed] C:\Program Files (x86)\Iskysoft\IAF\2.4.3.227\IsAppCollect.dll
2018-06-19 16:25 - 2017-06-19 11:12 - 000197632 _____ (Iskysoft) [File not signed] C:\Program Files (x86)\Iskysoft\IAF\2.4.3.227\IsAppCommon.dll
2018-06-19 16:25 - 2015-02-27 10:35 - 000489984 _____ (Newtonsoft) [File not signed] C:\Program Files (x86)\Iskysoft\IAF\2.4.3.227\Newtonsoft.Json.dll
2015-10-25 23:10 - 2015-10-25 23:10 - 002251264 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\python26.dll
2015-10-25 23:05 - 2015-10-25 23:05 - 000629016 _____ (The GLib developer community) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\libglib-2.0-0.dll
2015-10-25 23:09 - 2015-10-25 23:09 - 001280512 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\LIBEAY32.dll
2015-10-25 23:09 - 2015-10-25 23:09 - 000341504 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\SSLEAY32.dll
2019-11-15 13:45 - 2019-06-11 08:21 - 001277440 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Programas\Origin\LIBEAY32.dll
2019-11-15 13:45 - 2019-06-11 08:22 - 000279040 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Programas\Origin\ssleay32.dll
2019-11-15 13:45 - 2019-07-12 09:23 - 001611264 ____C (The Qt Company Ltd) [File not signed] D:\Programas\Origin\platforms\qwindows.dll
2019-11-15 13:45 - 2019-07-12 09:23 - 005487104 ____C (The Qt Company Ltd) [File not signed] D:\Programas\Origin\Qt5Core.dll
2019-11-15 13:45 - 2019-07-12 09:23 - 005841920 ____C (The Qt Company Ltd) [File not signed] D:\Programas\Origin\Qt5Gui.dll
2019-11-15 13:45 - 2019-07-12 09:23 - 001179136 ____C (The Qt Company Ltd) [File not signed] D:\Programas\Origin\Qt5Network.dll
2019-11-15 13:45 - 2019-07-12 09:23 - 005089792 ____C (The Qt Company Ltd) [File not signed] D:\Programas\Origin\Qt5Widgets.dll
2019-11-15 13:45 - 2019-07-12 09:23 - 000184832 ____C (The Qt Company Ltd) [File not signed] D:\Programas\Origin\Qt5Xml.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 002036736 _____ (VIVOTEK Inc.) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\AVSynchronizer.dll
2015-10-25 23:08 - 2015-10-25 23:08 - 000919040 _____ (VIVOTEK Inc.) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\OpenSSLWrapper.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 000087040 _____ (Vivotek Inc.) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\parsedatapacket.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 000122368 _____ (Vivotek Inc.) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerController.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 000160256 _____ (Vivotek Inc.) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerManager.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 000470016 _____ (Vivotek Inc.) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerUtl.dll
2015-10-25 23:09 - 2015-10-25 23:09 - 004149248 _____ (VIVOTEK) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\Onvif_Discovery.dll
2015-10-25 23:10 - 2015-10-25 23:10 - 000156160 _____ (VIVOTEK) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VndpLogUtl.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 08:25 - 2019-12-06 11:58 - 000000855 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;c:\program files (x86)\intel\icls client\;c:\program files\intel\icls client\;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\program files\intel\intel(r) management engine components\dal;c:\program files\intel\intel(r) management engine components\ipt;c:\program files (x86)\intel\intel(r) management engine components\dal;c:\program files (x86)\intel\intel(r) management engine components\ipt;c:\program files\intel\wifi\bin\;c:\program files\common files\intel\wirelesscommon\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Salvador\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\stark.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvTelemetryContainer => 2
MSCONFIG\Services: PAExec => 3
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "ST7501 Service Control"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "PTIM.exe"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\StartupApproved\StartupFolder: => "Enviar a OneNote.lnk"
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\StartupApproved\Run: => "GUDelayStartup"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{73737CF6-6594-478E-B8FD-9A7C8CC0B7C4}] => (Allow) D:\Programas\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [TCP Query User{85369071-0009-4F4B-9071-2D0EF2B701D1}C:\program files (x86)\fantasy grounds\fantasygrounds.exe] => (Allow) C:\program files (x86)\fantasy grounds\fantasygrounds.exe (SmiteWorks USA -> )
FirewallRules: [UDP Query User{6E181A18-1F4D-46FA-808C-BBE2C9211857}C:\program files (x86)\fantasy grounds\fantasygrounds.exe] => (Allow) C:\program files (x86)\fantasy grounds\fantasygrounds.exe (SmiteWorks USA -> )
FirewallRules: [TCP Query User{E9E4D31E-6ABC-41B2-ACD6-D42B91197A56}C:\program files (x86)\fantasy grounds\fantasygrounds.exe] => (Allow) C:\program files (x86)\fantasy grounds\fantasygrounds.exe (SmiteWorks USA -> )
FirewallRules: [UDP Query User{57045A1E-D38D-4A33-A37A-CE30B68F4187}C:\program files (x86)\fantasy grounds\fantasygrounds.exe] => (Allow) C:\program files (x86)\fantasy grounds\fantasygrounds.exe (SmiteWorks USA -> )
FirewallRules: [{0CDC900D-EAD4-4DB6-8ECE-9A561BD4635F}] => (Allow) D:\Programas\Steam\steamapps\common\The Divinity Engine 2\DivinityEngine2.exe () [File not signed]
FirewallRules: [{63897B79-8BD1-45B7-B19D-90AF08358428}] => (Allow) D:\Programas\Steam\steamapps\common\The Divinity Engine 2\DivinityEngine2.exe () [File not signed]
FirewallRules: [{0EA8DF21-D39F-4AE6-BCFC-85E8328FC7BB}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{C54F400A-DF39-48DF-93F4-151B62571333}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{5BC90877-CA57-490F-962E-E6D422DCDAAF}C:\users\salvador\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\salvador\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{BC6378E1-C5EA-48B9-921F-EA4992F27F70}C:\users\salvador\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\salvador\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{0B6EA8DF-DA90-4917-8980-FFC28B734020}C:\users\salvador\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\salvador\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{76725665-65B9-4712-887D-B30F001A5C77}C:\users\salvador\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\salvador\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5A42055A-99EB-4013-B35C-162D4CF0DA62}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe (BlueStack Systems, Inc.) [File not signed]
FirewallRules: [TCP Query User{29936B4B-761C-46FD-B516-8FE56904095A}D:\programas\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe] => (Allow) D:\programas\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{A6A71E4E-0426-4667-B58E-0EB6AA3D0FEE}D:\programas\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe] => (Allow) D:\programas\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [{80E17A00-4473-4CAD-9CE8-2FA8DDBCB685}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E6BB2017-711B-40D1-9B73-92E3E2D4263E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{C994A5FE-C9DB-4CE1-9F26-13D8A95E5160}D:\programas\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Block) D:\programas\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{769DE53B-9314-4883-A91B-EA6D581143EA}D:\programas\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Block) D:\programas\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [TCP Query User{D4E88451-4C10-48D9-BB5B-D22839C2DCE0}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{E9B1C14E-F7C8-4437-ACAE-69CF1C9E28A6}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{B5F30FD0-AD18-4D8F-B94E-66E25A5830FC}C:\users\salvador\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\salvador\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{8A277B5E-F52D-4567-BD42-3B2726E1B0E2}C:\users\salvador\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\salvador\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [TCP Query User{432D9017-1781-438E-AF43-A8AF3DA7A1D3}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{867A8E94-EDF7-49C4-9606-00BE01966C51}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{7A80B5BD-BD12-4E3C-A615-76D64EF75E6E}C:\users\salvador\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\salvador\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{F758B396-3DDE-4845-90AF-0E680A0C207E}C:\users\salvador\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\salvador\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [{D0B56C36-A1EB-4868-AFC0-F2AB5C1BBEEF}] => (Allow) D:\Programas\Steam\steamapps\common\ShadowOfWar\x64\ShadowOfWar.exe (WB Games Inc. -> WB Games, Inc.)
FirewallRules: [{3F9BE3A0-5BE1-4DE5-907F-5EA003EFA3DE}] => (Allow) D:\Programas\Steam\steamapps\common\ShadowOfWar\x64\ShadowOfWar.exe (WB Games Inc. -> WB Games, Inc.)
FirewallRules: [{B8AAF68C-FDC5-4D9A-952F-1E30A3AE19F9}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{80F7D633-7793-4233-A8CA-BB3E1EE9F46B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FF2AA024-2B4D-4F9C-B23F-3B26BAA7E1EB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B4B10D87-5764-4884-8918-D8E987045775}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{09B31B37-A621-4952-BABA-47A94B2A3DFD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ADEB7C7B-D3DD-47F2-8F97-0B68A58CD5F3}] => (Allow) D:\Programas\Steam\steamapps\common\ArcaneMapper\ArcaneMapper.exe () [File not signed]
FirewallRules: [{EEAB62D5-9E38-48FF-8CDE-FB0678F0773A}] => (Allow) D:\Programas\Steam\steamapps\common\ArcaneMapper\ArcaneMapper.exe () [File not signed]
FirewallRules: [{10E97B7B-3E12-4774-AFF8-EB6080C86290}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{26B4C8FC-A883-4A09-877D-C5EAA66970CE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{AE24B28F-B14D-4243-A1FA-59CDCEEA0573}] => (Allow) LPort=8317
FirewallRules: [{3D3CBEF8-6EC8-4E21-A045-CF2130119AE3}] => (Allow) D:\Programas\Steam\steamapps\common\Zombie Army Trilogy\Launcher\ZATLauncher.exe () [File not signed]
FirewallRules: [{1B50BFFB-F4AF-4DB2-9CCE-180522F9A2F1}] => (Allow) D:\Programas\Steam\steamapps\common\Zombie Army Trilogy\Launcher\ZATLauncher.exe () [File not signed]
FirewallRules: [{E20B2471-5ADE-48BF-AF36-59B54832502C}] => (Allow) D:\Programas\Steam\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe () [File not signed]
FirewallRules: [{E988F127-ECF4-4502-9D08-498E47FDA03C}] => (Allow) D:\Programas\Steam\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe () [File not signed]
FirewallRules: [{FBD703E0-8A6D-4EDF-AA5D-9F21ACEECE99}] => (Allow) D:\Programas\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe (WB Games, Inc.) [File not signed]
FirewallRules: [{5543B01D-EAA1-483A-B6E7-4130D8EDB771}] => (Allow) D:\Programas\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe (WB Games, Inc.) [File not signed]
FirewallRules: [{0B07AECC-62A3-4314-935A-464AF073E517}] => (Allow) C:\Program Files\HP\HP Deskjet 4620 series\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{ECDE4060-B645-49BD-95EA-A9F53090FFC8}] => (Allow) C:\Program Files\HP\HP Deskjet 4620 series\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{1CD7F209-EEB7-436D-98C3-D137ED1DE79C}] => (Allow) C:\Program Files\HP\HP Deskjet 4620 series\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{84213B99-6BE0-42A7-AF41-7444910BF51A}] => (Allow) C:\Program Files\HP\HP Deskjet 4620 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{3F1A65B8-9896-4A8B-B98A-F0710D5131E2}] => (Allow) C:\Program Files\HP\HP Deskjet 4620 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{287E90D8-609F-423D-9B7A-23606C4454C8}] => (Allow) C:\Program Files\HP\HP Deskjet 4620 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{46B6327F-4838-4A26-8035-2F1E1FEC329E}C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{A7C68C99-3C56-4D01-8525-F4470F194331}C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{420670E6-7BC8-4C77-A042-4DDCE1EE28E6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3F26FD51-D138-4D9E-AFE1-0926995743E5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2A9E2A70-A8DD-404F-B749-22544728DECF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C14E1F0A-8FC2-430B-84A4-7FE2B217B79E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E9B8B1FC-004E-4B6E-B801-41149A03FBEF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{39014580-D10F-4A88-9347-A754966C42F9}] => (Allow) C:\Program Files\Microsoft Power BI Desktop\bin\msmdsrv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2723F227-8AA5-4FCB-94C5-1D9402A2FD66}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{BAEC40BC-70F6-47A6-A958-E7C9330A4143}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4D4F7419-2066-41AA-965D-15C814DCBD90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{690D9919-E6B3-429C-A3FA-8835526852E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E6295352-A9D4-4750-9AC6-A5197C650697}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A45BF045-1998-4F4D-ADE6-2E5C87DC3F24}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FB28A67B-811D-4F64-A85C-ADF57ACF2A32}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4CDE476D-6662-498B-9E09-1D2852183826}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
==================== Restore Points =========================
16-11-2019 13:06:14 Windows Update
20-11-2019 11:58:55 Windows Update
27-11-2019 21:12:44 Windows Update
04-12-2019 11:26:47 AdwCleaner_BeforeCleaning_04/12/2019_11:26:46
08-12-2019 20:16:17 JRT Pre-Junkware Removal
09-12-2019 11:16:51 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices ============
Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
System errors:
=============
Error: (12/09/2019 11:18:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Protección de disco duro de TOSHIBA se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (12/09/2019 11:18:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.
Error: (12/09/2019 11:18:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.
Error: (12/09/2019 11:17:33 AM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.
Error: (12/09/2019 11:17:30 AM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.
Error: (12/09/2019 11:17:26 AM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.
Error: (12/09/2019 11:17:22 AM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.
Error: (12/09/2019 11:17:18 AM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.
CodeIntegrity:
===================================
Date: 2019-12-06 12:05:00.819
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Insyde Corp. 1.50 04/18/2014
Motherboard: Type2 - Board Vendor Name1 Type2 - Board Product Name1
Processor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Percentage of memory in use: 20%
Total physical RAM: 16308.09 MB
Available physical RAM: 12981.37 MB
Total Virtual: 32692.09 MB
Available Virtual: 29001.01 MB
==================== Drives ================================
Drive c: (TI1068510PA) (Fixed) (Total:228.36 GB) (Free:33.9 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:698.63 GB) (Free:327.49 GB) NTFS
Drive f: () (Fixed) (Total:272.61 GB) (Free:33.21 GB) NTFS
Drive g: (Nuevo vol) (Fixed) (Total:305.57 GB) (Free:290.96 GB) NTFS
\\?\Volume{9f8efac0-1832-11e9-82ed-806e6f6e6963}\ () (Fixed) (Total:0.82 GB) (Free:0.35 GB) NTFS
\\?\Volume{e0a84ae8-50ae-11e3-b82b-e9274f1274ab}\ (System) (Fixed) (Total:1 GB) (Free:0.61 GB) NTFS
\\?\Volume{f1ed449d-2375-11e4-af39-c45444b7032f}\ (Recovery) (Fixed) (Total:8.89 GB) (Free:0.79 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: D6FA2AD7)
Partition 1: (Active) - (Size=272.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=842 MB) - (Type=27)
Partition 3: (Not Active) - (Size=305.6 GB) - (Type=0F Extended)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: C9F0761E)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Hola @Salvador_Tillit y Bienvenido al Foro.!!!
Empezaremos haciendo limpieza de lo que hemos visto en esos informes que has puesto, pero puede que NO sea suficiente para solucionar tu problema.
Bien… y ahora sigue estos pasos, MUY Importante Realiza una copia de seguridad del registro :
-
Para hacerlo descarga DelFix.exe(en tu escritorio).
-
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
-
Atención, ahora marca/selecciona únicamente la casilla Create registry backup, las demás casillas NO.
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.
- Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\Run: [GUDelayStartup] => G:\Programas\Glary Utilities 5\StartupManager.exe [44016 2019-11-24] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\Run: [] => [X]
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\MountPoints2: {1cc35108-87cd-11e8-82b2-a0a8cdc99748} - "F:\autorun.exe"
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\MountPoints2: {1cc35159-87cd-11e8-82b2-a0a8cdc99748} - "H:\autorun.exe"
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\MountPoints2: {1cc35376-87cd-11e8-82b2-a0a8cdc99748} - "F:\autorun.exe"
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\MountPoints2: {21d9d339-ce2a-11e8-82d0-a0a8cdc99748} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\MountPoints2: {7c2a8f47-902d-11e8-82b4-a0a8cdc99748} - "H:\autorun.exe"
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\MountPoints2: {b725b3b1-68bd-11e6-831d-a0a8cdc99748} - "H:\autorun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-20] (Google LLC -> Google LLC)
BootExecute: autocheck autochk *
Task: {1617D83E-CF84-487D-87A7-8CB0C7DA0491} - System32\Tasks\EOSv3 Scheduler onLogOn => F:\Downloads\Desinfeccion\esetonlinescanner_esn.exe [8162616 2019-12-08] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {1AE007D6-61E4-468D-8C78-A4CC545D4F58} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.9.0.14\SymErr.exe
Task: {58F85E52-2A42-42BD-9D7D-55D8A6CA6CBB} - System32\Tasks\EOSv3 Scheduler onTime => F:\Downloads\Desinfeccion\esetonlinescanner_esn.exe [8162616 2019-12-08] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {7C134D3D-BC15-412E-9D44-92B932DFB13C} - \Microsoft_Hardware_Launch_rundll32_exe -> No File <==== ATTENTION
Task: {971668D0-7633-4036-B496-BA4D42DA0502} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9E9F509C-CD4A-4144-B5CA-5974E15E4266} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.9.0.14\SymErr.exe
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin-x32: @EDVR/WebClient -> C:\windows\system32\WebClient\npwebclient.dll [No File]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKU\S-1-5-21-2558096425-18442944-2156315313-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
S2 Mobizen plugin; C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe [X]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8 o 8.1 ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.
-
Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
-
Presionar el botón FIX y aguardar a que termine.
-
La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).
Pegar el contenido de este fichero en tu próxima respuesta.
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Saludos.
Listo seguí todos los pasos. Cuando ejecuté el FRST me salió un mensaje que no pudo actualizarse pero sí logró ejecutarse. *Por el momento parece todo ir bien. Adjunto el Fixlog:
Fix result of Farbar Recovery Scan Tool (x64) Version: 07-12-2019
Ran by Salvador (10-12-2019 11:43:40) Run:1
Running from C:\Users\Salvador\Desktop
Loaded Profiles: Salvador (Available Profiles: Salvador & Salvador_2 & Administrador)
Boot Mode: Safe Mode (with Networking)
==============================================
fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\Run: [GUDelayStartup] => G:\Programas\Glary Utilities 5\StartupManager.exe [44016 2019-11-24] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\Run: [] => [X]
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\MountPoints2: {1cc35108-87cd-11e8-82b2-a0a8cdc99748} - "F:\autorun.exe"
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\MountPoints2: {1cc35159-87cd-11e8-82b2-a0a8cdc99748} - "H:\autorun.exe"
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\MountPoints2: {1cc35376-87cd-11e8-82b2-a0a8cdc99748} - "F:\autorun.exe"
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\MountPoints2: {21d9d339-ce2a-11e8-82d0-a0a8cdc99748} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\MountPoints2: {7c2a8f47-902d-11e8-82b4-a0a8cdc99748} - "H:\autorun.exe"
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\MountPoints2: {b725b3b1-68bd-11e6-831d-a0a8cdc99748} - "H:\autorun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-20] (Google LLC -> Google LLC)
BootExecute: autocheck autochk *
Task: {1617D83E-CF84-487D-87A7-8CB0C7DA0491} - System32\Tasks\EOSv3 Scheduler onLogOn => F:\Downloads\Desinfeccion\esetonlinescanner_esn.exe [8162616 2019-12-08] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {1AE007D6-61E4-468D-8C78-A4CC545D4F58} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.9.0.14\SymErr.exe
Task: {58F85E52-2A42-42BD-9D7D-55D8A6CA6CBB} - System32\Tasks\EOSv3 Scheduler onTime => F:\Downloads\Desinfeccion\esetonlinescanner_esn.exe [8162616 2019-12-08] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {7C134D3D-BC15-412E-9D44-92B932DFB13C} - \Microsoft_Hardware_Launch_rundll32_exe -> No File <==== ATTENTION
Task: {971668D0-7633-4036-B496-BA4D42DA0502} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9E9F509C-CD4A-4144-B5CA-5974E15E4266} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.9.0.14\SymErr.exe
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin-x32: @EDVR/WebClient -> C:\windows\system32\WebClient\npwebclient.dll [No File]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKU\S-1-5-21-2558096425-18442944-2156315313-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
S2 Mobizen plugin; C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe [X]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MSSE => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-2558096425-18442944-2156315313-1002\Software\Microsoft\Windows\CurrentVersion\Run\\GUDelayStartup" => removed successfully
"HKU\S-1-5-21-2558096425-18442944-2156315313-1002\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1cc35108-87cd-11e8-82b2-a0a8cdc99748} => removed successfully
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1cc35159-87cd-11e8-82b2-a0a8cdc99748} => removed successfully
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1cc35376-87cd-11e8-82b2-a0a8cdc99748} => removed successfully
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21d9d339-ce2a-11e8-82d0-a0a8cdc99748} => removed successfully
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7c2a8f47-902d-11e8-82b4-a0a8cdc99748} => removed successfully
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b725b3b1-68bd-11e6-831d-a0a8cdc99748} => removed successfully
HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => removed successfully
HKLM\System\CurrentControlSet\Control\Session Manager\\"BootExecute"="autocheck autochk *" => value restored successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1617D83E-CF84-487D-87A7-8CB0C7DA0491}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1617D83E-CF84-487D-87A7-8CB0C7DA0491}" => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1AE007D6-61E4-468D-8C78-A4CC545D4F58}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AE007D6-61E4-468D-8C78-A4CC545D4F58}" => removed successfully
C:\WINDOWS\System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Anti-Theft\Norton Error Analyzer" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58F85E52-2A42-42BD-9D7D-55D8A6CA6CBB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58F85E52-2A42-42BD-9D7D-55D8A6CA6CBB}" => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7C134D3D-BC15-412E-9D44-92B932DFB13C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C134D3D-BC15-412E-9D44-92B932DFB13C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft_Hardware_Launch_rundll32_exe" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{971668D0-7633-4036-B496-BA4D42DA0502}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{971668D0-7633-4036-B496-BA4D42DA0502}" => removed successfully
C:\WINDOWS\System32\Tasks\CCleaner Update => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Update" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E9F509C-CD4A-4144-B5CA-5974E15E4266}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E9F509C-CD4A-4144-B5CA-5974E15E4266}" => removed successfully
C:\WINDOWS\System32\Tasks\Norton Anti-Theft\Norton Error Processor => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Anti-Theft\Norton Error Processor" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@EDVR/WebClient => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => removed successfully
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\2017-11-01 => not found
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx => moved successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => removed successfully
HKLM\System\CurrentControlSet\Services\HuaweiHiSuiteService64.exe => removed successfully
HuaweiHiSuiteService64.exe => service removed successfully
HKLM\System\CurrentControlSet\Services\Mobizen plugin => removed successfully
Mobizen plugin => service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2558096425-18442944-2156315313-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2558096425-18442944-2156315313-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= End of CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
No se puede realizar ninguna operaci¢n en Conexi¢n de rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
========= End of CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
Unable to connect to BITS - 0x8007042c
========= End of CMD: =========
========= netsh advfirewall reset =========
Aceptar
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= End of CMD: =========
========= netsh int ipv4 reset =========
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
========= netsh int ipv6 reset =========
Interfaz se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13798718 B
Java, Flash, Steam htmlcache => 105864227 B
Windows/system/drivers => 2483994 B
Edge => 0 B
Chrome => 5805675 B
Firefox => 811962815 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 688 B
LocalService => 80754 B
NetworkService => 80754 B
Salvador => 302644843 B
Salvador_2 => 302644843 B
UpdatusUser => 302644843 B
Administrator => 305066742 B
RecycleBin => 161994 B
EmptyTemp: => 2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 11:43:55 ====
Hola.
Perfecto, usa el equipo durante otras 24h mas y lo pruebas para verificar que NO sigas con el problema del “congelamiento”.
Y de momento , Por Favor, mientras estemos desinfectando/arreglando tu máquina :
Nos comentas resultados pasado ese tiempo.
Saludos.
Hola Javier, estuve sin problemas por unas horas. Pero hace unos instantes se volvió a congelar por algunos segundos y en internet (Chrome) me salió un mensaje de “Las páginas no responden”. Seguiré probando.
Bien… pues ahora realiza estos pasos :
Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.
Descargar en TU ESCRITORIO(y NO en otro lugar )
- Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. Como saber si Mi Windows es de 32 o 64 Bits ?.
Farbar Recovery Scan Tool.-
-
Ejecuta FRST.exe.
-
En el mensaje de la ventana del Disclaimer, pulsamos Yes
-
En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
-
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.
Poner los dos informes en tu próxima respuesta.
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).
Saludos.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2019
Ran by Salvador (administrator) on SALVASLAP (TOSHIBA Qosmio X75-A) (11-12-2019 13:37:53)
Running from C:\Users\Salvador\Desktop
Loaded Profiles: Salvador (Available Profiles: Salvador & Salvador_2 & Administrador)
Platform: Windows 8.1 Single Language (Update) (X64) Language: Español (España, internacional)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Windows\SysWOW64\SMITSC.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ipmgui.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\86.4.146\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\86.4.146\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\86.4.146\QtWebEngineProcess.exe
(DTS, Inc. -> ) C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Electronic Arts, Inc. -> Electronic Arts) D:\Programas\Origin\OriginWebHelperService.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 4620 series\Bin\HPNetworkCommunicator.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 4620 series\Bin\ScanToPCActivationApp.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(philandro Software GmbH -> ) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(philandro Software GmbH -> ) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(Shenzhen Yi Xing Investment Co., Ltd. -> Iskysoft) C:\Program Files (x86)\iSkysoft\IAF\2.4.3.227\IsAppService.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) G:\Programas\SA\SASCore64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe
(TOSHIBA CORPORATION -> Toshiba Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) D:\Programas\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Programas\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Programas\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Programas\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Programas\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Programas\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Programas\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Programas\Steam\Steam.exe
(Vincent Burel -> VB-AUDIO Software) C:\Program Files (x86)\VB\Voicemeeter\voicemeeterpro.exe
(VIVOTEK INC. -> ) C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSBackupServer.exe
(VIVOTEK INC. -> ) C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSConfigurationServer.exe
(VIVOTEK INC. -> ) C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSEventServer.exe
(VIVOTEK INC. -> ) C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSQueryServer.exe
(VIVOTEK INC. -> ) C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSRecordingServer.exe
(VIVOTEK INC. -> ) C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSStreamingServer.exe
(VIVOTEK INC. -> ) C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSUranusWatchDog.exe
(VIVOTEK INC. -> VIVOTEK) C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSWebServer.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [ThpSrv] => C:\Windows\system32\thpsrv /logon
HKLM\...\Run: [MouseDriver] => c:\windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18723976 2018-08-07] (Logitech Inc -> Logitech Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6260544 2019-12-04] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [229080 2019-11-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA CORPORATION -> TOSHIBA)
HKLM-x32\...\Run: [ST7501 Service Control] => C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSServiceControl.exe [2626048 2015-10-26] () [File not signed]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [PTIM.exe] => C:\Program Files (x86)\Webex\Webex\Applications\PTIM.exe [990264 2018-10-20] (Cisco WebEx LLC -> Cisco WebEx LLC)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare software CO., LIMITED -> Wondershare)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\Run: [Steam] => D:\Programas\Steam\steam.exe [3289040 2019-12-05] (Valve -> Valve Corporation)
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\Run: [HP Deskjet 4620 series (NET)] => C:\Program Files\HP\HP Deskjet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [47774856 2019-10-24] (Google LLC -> )
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [182040 2018-12-17] (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [159664 2018-12-17] (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2018-08-18]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
Startup: C:\Users\Salvador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Voicemeeter (VB-Audio).LNK [2018-07-22]
ShortcutTarget: Voicemeeter (VB-Audio).LNK -> C:\Program Files (x86)\VB\Voicemeeter\voicemeeterpro.exe (Vincent Burel -> VB-AUDIO Software)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {06802236-EAC4-43F1-B89A-7AE7F7702028} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {074CCA20-ED6D-431C-BCB2-DFC7DB25862C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2108216 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {09F7CF57-72D8-4F25-BA52-AE71E60DE7EF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0A652CE1-74CF-4B6A-8B42-FA41F2FBB887} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [1992936 2018-07-19] (Microsoft Corporation -> Microsoft)
Task: {0ABAEB6C-2D6F-4B21-BA06-6588A5E0F8D8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2108216 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F087C0D-4F7D-42B3-BBFA-8F0085656A80} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671304 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {0FFC9EAC-8342-448D-B36E-99D5ED661111} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_pepper.exe [1453056 2019-03-31] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {165BD4F5-B7CB-45EF-962F-8655098FE41C} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {195499E8-223D-4ABE-8D7F-D33A850D21A9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2089864 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {29F0F445-8558-4741-8611-0E16C7D44AF9} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2DB8D0E8-1A2F-4536-A5EA-F9F80317B194} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-03] (Google Inc -> Google Inc.)
Task: {3C083DA5-FE7D-410C-BD90-9CAEFEDAB837} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {3C3DBB56-E22F-4DEE-8E3C-5351FE436C3A} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2757672 2019-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {4757B743-AE65-45A5-8155-5FFD776A4801} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [700040 2014-04-03] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Task: {4E784D9A-07DC-4E93-86C5-D787D7333255} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155472 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {4EDC6CF1-5825-466C-9D2D-EA3989B90008} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-29] (Adobe Inc. -> Adobe)
Task: {5064A3E1-C5C0-4EEB-BBD2-FAEDD7B84E37} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1919760 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {59D579DB-8CAC-406E-9A97-A781935B4B8A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {6B6F947E-85DE-493D-8F44-1267FEAF344B} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2013-08-22] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {6CAB7F35-0CB0-41FC-B480-73C264D24D6C} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [88064 2013-11-07] (TOSHIBA Corporation) [File not signed]
Task: {6CE67A49-B8F8-47BB-B808-3F3A232F1694} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654456 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D14E524-DD95-408F-B24C-05A273659167} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6FA8C194-86D9-43B1-BE82-B764BD30E0E9} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39664 2018-07-19] (Microsoft Corporation -> Microsoft)
Task: {770B7A08-E6FB-4456-A995-C7DD432B0F7E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {7FE7E276-65CC-47FA-8453-4FD4AC9F9F46} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301928 2019-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {80C1644A-AF8E-4554-A41C-19C69BB2F5F1} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {8F5B1D86-06B8-4116-970A-BB4E3840B607} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2558224 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {952AB8ED-2C36-4E4E-BCE6-999F8B73BD6F} - System32\Tasks\G2MUploadTask-S-1-5-21-2558096425-18442944-2156315313-1002 => C:\Users\Salvador\AppData\Local\GoToMeeting\16180\g2mupload.exe [32256 2019-12-07] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {AA9F31F4-8D6C-427E-96A3-30EB087A9E94} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671304 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {B24AD9AC-D3A8-4B07-A4AB-0D79C961E860} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {BA58C57F-16A0-4729-9DC4-5402B15E68E6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D0266C43-2724-43CF-930E-7927E5C37939} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155472 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {DBF25573-B3E9-4D7B-BD59-2439E461A95D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {DD0CDE77-EF1A-4A24-87A9-6D30A89948A4} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DEE5285D-3217-46BD-B5AC-B61ACE949E57} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E4AE1B68-F570-41B7-8842-C48F83C77B29} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2558224 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {E93B7522-07D4-49DA-85A4-B37226DB247B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1919760 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB07C27A-13DE-434A-A4B3-CFB142F71824} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-03] (Google Inc -> Google Inc.)
Task: {FD7E07DE-9CA8-4AAB-B847-1A1F538F7E87} - System32\Tasks\G2MUpdateTask-S-1-5-21-2558096425-18442944-2156315313-1002 => C:\Users\Salvador\AppData\Local\GoToMeeting\16180\g2mupdate.exe [32256 2019-12-07] (LogMeIn, Inc. -> LogMeIn, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2558096425-18442944-2156315313-1002.job => C:\Users\Salvador\AppData\Local\GoToMeeting\16180\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2558096425-18442944-2156315313-1002.job => C:\Users\Salvador\AppData\Local\GoToMeeting\16180\g2mupload.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 200.48.225.130 200.48.225.146
Tcpip\..\Interfaces\{01274C1A-5083-4CEF-89CF-3A470CB7523B}: [DhcpNameServer] 200.48.225.130 200.48.225.146
Tcpip\..\Interfaces\{911066BE-D75E-4F43-8AC7-C782B937993F}: [DhcpNameServer] 200.48.225.130 200.48.225.146
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TNJB
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com/?pc=TNJB
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TNJB
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {D9EA9B21-302C-4DA8-98C9-CD7FB57C5039} URL =
SearchScopes: HKU\S-1-5-21-2558096425-18442944-2156315313-1002 -> DefaultScope {D9EA9B21-302C-4DA8-98C9-CD7FB57C5039} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-11-11] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-11-11] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: WebEx Productivity Tools -> {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} -> C:\Program Files (x86)\Webex\Webex\Applications\ptonecli.dll [2018-10-20] (Cisco WebEx LLC -> Cisco WebEx LLC)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\Webex\Webex\Applications\ptonecli.dll [2018-10-20] (Cisco WebEx LLC -> Cisco WebEx LLC)
DPF: HKLM-x32 {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} hxxp://www.autonat.com/d3/WebClient.exe
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: s6y1m8id.default-1534262826176
FF ProfilePath: C:\Users\Salvador\AppData\Roaming\Mozilla\Firefox\Profiles\s6y1m8id.default-1534262826176 [2019-12-11]
FF Notifications: Mozilla\Firefox\Profiles\s6y1m8id.default-1534262826176 -> hxxps://bluejeans.com; hxxps://meet.google.com; hxxps://forospyware.com
FF Extension: (Cisco Webex Extension) - C:\Users\Salvador\AppData\Roaming\Mozilla\Firefox\Profiles\s6y1m8id.default-1534262826176\Extensions\[email protected] [2019-07-12]
FF Extension: (Cisco WebEx Extension) - C:\Program Files\Mozilla Firefox\distribution\extensions\[email protected] [2018-10-20]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_270.dll [2019-10-29] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-11-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-11-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-29] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-04] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-04] (Google Inc -> Google LLC)
FF Plugin-x32: @webex.com/npatgpc -> C:\Program Files (x86)\Webex\npatgpc.dll [2018-10-20] (Cisco WebEx LLC -> Cisco WebEx LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-16] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Users\Salvador\AppData\Roaming\mozilla\plugins\npatgpc.dll [2018-11-15]
Chrome:
=======
CHR DefaultProfile: Default
CHR Notifications: Default -> hxxps://www.wix.com
CHR Profile: C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Default [2019-12-10]
CHR Extension: (Presentaciones) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-03]
CHR Extension: (Documentos) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-03]
CHR Extension: (Google Drive) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-03]
CHR Extension: (Lighthouse) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Default\Extensions\blipmdconlkpinefehnmjammfjpmpbjk [2019-11-21]
CHR Extension: (YouTube) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-03]
CHR Extension: (Hojas de cálculo) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-03]
CHR Extension: (Escritorio Remoto de Chrome) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-24]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (Vysor) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2019-05-21]
CHR Extension: (Análisis SEO y evaluación de sitios web de WooRank) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlngmmdolgbdnnimbmblfhhndibdipaf [2019-09-15]
CHR Extension: (Volume Master) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghecgabfgfdldnmbfkhmffcabddioke [2018-10-27]
CHR Extension: (Gmail Show Time) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgjaapljoafhkohbnfigoekjgdfddnnn [2019-11-20]
CHR Extension: (Email tracking para Gmail - Mailtrack) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2019-12-10]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-28]
CHR Extension: (Gmail) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-12]
CHR Profile: C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-12-10]
CHR Profile: C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-12-10]
CHR Extension: (Presentaciones) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-18]
CHR Extension: (Documentos) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-18]
CHR Extension: (Google Drive) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-18]
CHR Extension: (YouTube) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-07-18]
CHR Extension: (Hojas de cálculo) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-18]
CHR Extension: (Avira Navegación segura) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-07-18]
CHR Extension: (Escritorio Remoto de Chrome) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-07-18]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-07-18]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-07-18]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-18]
CHR Extension: (Gmail) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-18]
CHR Extension: (Chrome Media Router) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-18]
CHR Profile: C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 2 [2019-12-10]
CHR Extension: (Presentaciones) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-18]
CHR Extension: (Documentos) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-18]
CHR Extension: (Google Drive) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-18]
CHR Extension: (YouTube) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-07-18]
CHR Extension: (Hojas de cálculo) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-18]
CHR Extension: (Avira Navegación segura) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-02-02]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-20]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-07-18]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-18]
CHR Extension: (Gmail) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-18]
CHR Extension: (Chrome Media Router) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-28]
CHR Profile: C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 3 [2019-12-10]
CHR Extension: (Presentaciones) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-24]
CHR Extension: (Documentos) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-24]
CHR Extension: (Google Drive) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-24]
CHR Extension: (YouTube) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-24]
CHR Extension: (Adobe Acrobat) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-11-24]
CHR Extension: (Hojas de cálculo) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-24]
CHR Extension: (Avira Navegación segura) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-01-17]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-11-24]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-24]
CHR Extension: (Gmail) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-11-24]
CHR Extension: (Chrome Media Router) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-17]
CHR Profile: C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 4 [2019-12-10]
CHR Extension: (Presentaciones) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-09]
CHR Extension: (Documentos) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-09]
CHR Extension: (Google Drive) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-09]
CHR Extension: (YouTube) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-09]
CHR Extension: (Adobe Acrobat) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-02-09]
CHR Extension: (Hojas de cálculo) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-09]
CHR Extension: (Avira Navegación segura) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-02-09]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-09]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-02-09]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-02-09]
CHR Extension: (Gmail) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-02-09]
CHR Extension: (Chrome Media Router) - C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-28]
CHR Profile: C:\Users\Salvador\AppData\Local\Google\Chrome\User Data\System Profile [2019-12-10]
CHR HKU\S-1-5-21-2558096425-18442944-2156315313-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx <not found>
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; G:\Programas\SA\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1210168 2019-12-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [535352 2019-11-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484768 2019-11-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484768 2019-11-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [567872 2019-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3025872 2019-11-29] (philandro Software GmbH -> )
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [591264 2019-11-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-03] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-03] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-12-04] (Dropbox, Inc -> Dropbox, Inc.)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] (DTS, Inc. -> )
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-06] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 IsAppService; C:\Program Files (x86)\Iskysoft\IAF\2.4.3.227\IsAppService.exe [492296 2017-06-19] (Shenzhen Yi Xing Investment Co., Ltd. -> Iskysoft)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-03-06] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-08-07] (Logitech Inc -> Logitech Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-12-08] (Malwarebytes Inc -> Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-03-19] (Intel Corporation-Wireless Connectivity Solutions -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; D:\Programas\Origin\OriginClientService.exe [2425136 2019-11-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; D:\Programas\Origin\OriginWebHelperService.exe [3303736 2019-11-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 SMITS; C:\Windows\SysWOW64\SMITSC.exe [13312 2015-01-08] () [File not signed]
R2 ST7501 Uranus Watch Dog; C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSUranusWatchDog.exe [250952 2015-10-26] (VIVOTEK INC. -> )
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12097024 2019-11-06] (TeamViewer GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WebexService; C:\Program Files (x86)\Webex\Webex\Applications\WebExService.exe [43576 2018-10-20] (Cisco WebEx LLC -> Cisco WebEx LLC)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176632 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [120016 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2015-03-19] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-02-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [207784 2019-12-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [197176 2019-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 bcmfn2; C:\WINDOWS\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-06-21] (Bluestack Systems, Inc. -> Bluestack System Inc. )
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131904 2018-12-12] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [28936 2019-02-26] (Glarysoft LTD -> Glarysoft Ltd)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [117192 2013-08-29] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-08-07] (Logitech Inc -> Logitech Inc.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2014-03-06] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\NETwbw02.sys [3497240 2015-03-23] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S3 NETwNe64; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 QIOMem; C:\WINDOWS\System32\drivers\QIOMem.sys [14000 2013-08-06] (WDKTestCert 1,130202426583431586 -> TOSHIBA)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [290008 2013-07-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R1 SASDIFSV; G:\Programas\SA\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; G:\Programas\SA\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-22] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167232 2018-12-12] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [31392 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [31392 2017-07-20] (Valve Corp. -> )
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [33168 2013-11-01] (TOSHIBA CORPORATION -> Windows (R) Win 7 DDK provider)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 VBAudioHFVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_hfvaio64_win7.sys [33512 2018-04-04] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVACAMME; C:\WINDOWS\system32\DRIVERS\vbaudio_cablea64_win7.sys [41144 2015-10-19] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVACBMME; C:\WINDOWS\system32\DRIVERS\vbaudio_cableb64_win7.sys [41144 2015-10-19] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVACMME; C:\WINDOWS\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMAUXVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmauxvaio64_win7.sys [41192 2018-04-04] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2018-04-04] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-11 13:37 - 2019-12-11 13:38 - 000060054 _____ C:\Users\Salvador\Desktop\FRST.txt
2019-12-10 11:43 - 2019-12-10 11:43 - 000014692 _____ C:\Users\Salvador\Desktop\Fixlog.txt
2019-12-10 11:42 - 2019-12-10 11:43 - 000462218 _____ C:\WINDOWS\ntbtlog.txt
2019-12-10 11:38 - 2019-12-10 11:38 - 000000036 _____ C:\Users\Salvador\Desktop\Apagar Windows 8-Iniciar a prueba de fallos.bat
2019-12-10 11:36 - 2019-12-10 11:36 - 000000256 _____ C:\Users\Salvador\Desktop\DelFix.txt
2019-12-10 11:36 - 2019-12-10 11:36 - 000000256 _____ C:\DelFix.txt
2019-12-10 11:36 - 2019-12-10 11:36 - 000000000 ____D C:\WINDOWS\ERUNT
2019-12-09 20:41 - 2019-12-10 11:34 - 000797760 _____ C:\Users\Salvador\Desktop\delfix.exe
2019-12-09 11:20 - 2019-12-11 13:38 - 000000000 ____D C:\FRST
2019-12-09 00:03 - 2019-12-09 00:03 - 024578944 _____ (Piriform Software Ltd) C:\Users\Salvador\Desktop\ccsetup563.exe
2019-12-08 23:06 - 2019-12-11 13:36 - 002263552 _____ (Farbar) C:\Users\Salvador\Desktop\FRST64.exe
2019-12-08 23:04 - 2019-12-08 23:04 - 008218800 _____ (Malwarebytes) C:\Users\Salvador\Desktop\adwcleaner_8.0.0.exe
2019-12-08 23:03 - 2019-12-08 23:03 - 001883976 _____ (Malwarebytes) C:\Users\Salvador\Desktop\MBSetup.exe
2019-12-08 23:00 - 2019-12-08 23:00 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Salvador\Desktop\mbar-1.10.3.1001.exe
2019-12-08 22:59 - 2019-12-08 22:59 - 001790024 _____ (Malwarebytes) C:\Users\Salvador\Desktop\JRT.exe
2019-12-08 21:39 - 2019-12-08 21:41 - 000000777 _____ C:\Users\Salvador\Desktop\ESET Online Scanner.lnk
2019-12-08 20:53 - 2019-12-08 20:53 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-12-08 20:53 - 2019-12-08 20:53 - 000001935 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-12-08 20:53 - 2019-12-08 20:53 - 000001935 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-12-08 20:53 - 2019-12-08 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-12-06 14:23 - 2019-12-06 14:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-12-06 11:52 - 2019-12-06 11:52 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-SALVASLAP-Windows-8.1-Single-Language-(64-bit).dat
2019-12-06 11:52 - 2019-12-06 11:52 - 000000000 ____D C:\RegBackup
2019-12-06 10:34 - 2019-12-06 11:44 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-12-04 20:23 - 2019-12-04 20:23 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-12-04 20:23 - 2019-12-04 20:23 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-12-04 20:23 - 2019-12-04 20:23 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-12-03 14:39 - 2019-12-03 14:39 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\3251367E.sys
2019-11-28 12:12 - 2019-11-28 12:12 - 000002208 _____ C:\Users\Salvador\Desktop\LifeAfter.lnk
2019-11-28 09:51 - 2019-11-28 09:51 - 000002256 _____ C:\Users\Salvador\Desktop\Clash Royale.lnk
2019-11-28 09:50 - 2019-11-28 09:50 - 000002336 _____ C:\Users\Salvador\Desktop\Last Day On Earth Survival.lnk
2019-11-26 10:19 - 2019-11-26 10:19 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\8557C776.sys
2019-11-25 18:34 - 2019-11-25 18:34 - 001207336 _____ (Adobe Inc) C:\Users\Salvador\Downloads\flashplayer32au_ha_install.exe
2019-11-20 12:27 - 2019-11-20 12:27 - 000000954 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2019-11-20 12:27 - 2019-11-20 12:27 - 000000942 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2019-11-20 12:27 - 2019-11-20 12:27 - 000000942 _____ C:\ProgramData\Desktop\TeamViewer.lnk
2019-11-20 12:17 - 2019-11-20 12:17 - 000003704 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-20 12:17 - 2019-11-20 12:17 - 000003704 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-20 12:17 - 2019-11-20 12:17 - 000003704 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-20 12:17 - 2019-11-20 12:17 - 000003704 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-20 12:15 - 2019-04-17 02:42 - 000069840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2019-11-20 12:11 - 2019-11-20 12:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2019-11-14 07:19 - 2019-12-04 20:23 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-11 13:37 - 2016-11-18 19:34 - 000000000 ____D C:\Users\Salvador\AppData\LocalLow\Mozilla
2019-12-11 13:32 - 2018-01-05 18:33 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-11 13:31 - 2014-11-13 15:38 - 000000000 __RDO C:\Users\Salvador\SkyDrive
2019-12-11 13:30 - 2018-01-03 16:27 - 000000970 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2019-12-11 12:02 - 2018-04-04 20:38 - 000034053 _____ C:\Users\Salvador\AppData\Roaming\VoiceMeeterDefault.xml
2019-12-11 11:57 - 2018-01-03 16:27 - 000000974 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2019-12-11 11:54 - 2013-11-05 04:53 - 001613712 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-11 11:54 - 2013-08-28 19:06 - 000704954 _____ C:\WINDOWS\system32\perfh00A.dat
2019-12-11 11:54 - 2013-08-28 19:06 - 000141322 _____ C:\WINDOWS\system32\perfc00A.dat
2019-12-11 11:54 - 2013-08-22 08:36 - 000000000 ____D C:\WINDOWS\Inf
2019-12-11 11:51 - 2018-01-03 13:32 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-12-10 23:14 - 2019-09-19 15:08 - 000000672 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2558096425-18442944-2156315313-1002.job
2019-12-10 23:14 - 2018-01-03 13:00 - 000000000 ____D C:\Users\Salvador
2019-12-10 23:13 - 2019-01-03 15:21 - 000000000 ____D C:\Users\Salvador\AppData\Local\LogMeIn Hamachi
2019-12-10 23:12 - 2013-08-22 09:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-10 19:16 - 2019-09-19 15:08 - 000000576 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2558096425-18442944-2156315313-1002.job
2019-12-10 19:00 - 2018-01-03 15:36 - 000000000 ____D C:\Users\Salvador\AppData\Roaming\WhatsApp
2019-12-10 18:07 - 2019-10-09 18:21 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-12-10 18:07 - 2019-10-09 18:21 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-12-10 17:40 - 2018-11-16 18:26 - 000001456 _____ C:\Users\Salvador\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2019-12-10 16:58 - 2018-01-03 13:01 - 000000000 ____D C:\Users\Salvador\AppData\Roaming\Adobe
2019-12-10 13:10 - 2013-08-22 10:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-10 11:44 - 2013-08-22 08:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2019-12-10 11:43 - 2018-01-03 13:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Anti-Theft
2019-12-10 11:43 - 2016-06-02 21:47 - 000000000 ____D C:\Users\Salvador\AppData\LocalLow\Temp
2019-12-10 00:53 - 2018-01-03 13:26 - 000000000 ____D C:\Users\Salvador\AppData\Roaming\discord
2019-12-09 19:01 - 2018-08-31 19:32 - 000000000 ____D C:\Users\Salvador\AppData\Local\LarianLauncher
2019-12-09 18:57 - 2018-12-28 15:03 - 000000000 ____D C:\Users\Salvador\AppData\Roaming\obs-studio
2019-12-09 18:10 - 2018-01-03 13:07 - 000003596 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2558096425-18442944-2156315313-1002
2019-12-09 13:04 - 2018-01-03 13:38 - 000000000 ____D C:\Users\Salvador\AppData\Local\CrashDumps
2019-12-09 11:11 - 2013-11-05 05:31 - 000000000 ____D C:\Program Files (x86)\Toshiba
2019-12-09 11:11 - 2013-11-05 05:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2019-12-09 11:11 - 2013-11-05 05:29 - 000000000 ____D C:\Program Files\Toshiba
2019-12-09 10:49 - 2018-01-03 14:51 - 000000000 ____D C:\Program Files\CCleaner
2019-12-09 10:48 - 2014-12-13 12:42 - 000000805 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-09 10:48 - 2014-12-13 12:42 - 000000805 _____ C:\ProgramData\Desktop\CCleaner.lnk
2019-12-08 21:59 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-08 20:53 - 2019-09-06 15:23 - 000000000 ____D C:\Users\Salvador\AppData\Local\cache
2019-12-08 20:53 - 2018-01-03 14:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-12-08 20:33 - 2018-03-04 22:10 - 000000000 ____D C:\WINDOWS\Minidump
2019-12-07 21:47 - 2019-09-19 15:08 - 000003680 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-2558096425-18442944-2156315313-1002
2019-12-07 21:47 - 2019-09-19 15:08 - 000003584 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-2558096425-18442944-2156315313-1002
2019-12-07 21:47 - 2019-09-19 15:08 - 000000000 ____D C:\Users\Salvador\AppData\Local\GoToMeeting
2019-12-06 14:23 - 2018-01-03 16:27 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-12-06 13:25 - 2013-08-22 10:36 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-06 12:06 - 2014-11-13 15:36 - 000000000 ____D C:\Users\Salvador\AppData\Local\Packages
2019-12-06 12:04 - 2013-08-22 09:44 - 005098112 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-06 11:58 - 2017-07-06 17:30 - 000000000 ____D C:\Users\Salvador\Documents\Snagit
2019-12-06 11:58 - 2017-04-18 23:58 - 000000000 ____D C:\Users\Salvador\Documents\Starcraft
2019-12-06 11:58 - 2015-02-21 11:04 - 000000000 ____D C:\Users\Salvador\Documents\Camtasia Studio
2019-12-06 11:58 - 2013-08-22 08:25 - 000000128 _____ C:\WINDOWS\win.ini
2019-12-06 11:44 - 2018-01-03 13:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-12-06 11:39 - 2018-01-03 13:18 - 000000959 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-12-05 19:16 - 2013-08-22 10:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-05 19:16 - 2013-08-22 10:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-12-05 19:15 - 2018-10-03 11:13 - 000000000 ____D C:\Program Files\Microsoft Office
2019-12-05 14:36 - 2018-01-04 12:18 - 000207784 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2019-12-04 12:00 - 2013-11-05 05:31 - 000000000 ____D C:\ProgramData\Toshiba
2019-12-03 15:06 - 2018-01-03 14:44 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2019-12-03 15:06 - 2017-09-30 13:06 - 000000000 ____D C:\Users\Salvador\Desktop\mbar
2019-12-03 12:49 - 2015-08-12 12:04 - 000000000 ___RD C:\Users\Salvador\Google Drive
2019-12-02 22:26 - 2017-11-29 12:50 - 000000000 ____D C:\Users\Salvador\Downloads\BetterCam1
2019-12-02 22:17 - 2018-01-03 17:36 - 000000000 ____D C:\Program Files\KMSpico
2019-12-02 22:16 - 2018-01-05 18:33 - 000000000 ____D C:\Users\UpdatusUser
2019-12-02 22:16 - 2018-01-03 13:00 - 000000000 ____D C:\Users\Salvador_2
2019-12-02 22:16 - 2013-11-05 04:47 - 000000000 ____D C:\Users\Administrator
2019-11-29 14:20 - 2018-08-18 15:30 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2019-11-28 09:14 - 2018-01-04 16:08 - 000000000 ____D C:\Users\Salvador\AppData\Roaming\GlarySoft
2019-11-28 09:01 - 2019-02-26 15:44 - 000000734 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2019-11-28 09:01 - 2019-02-26 15:44 - 000000734 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2019-11-28 09:01 - 2019-02-26 15:44 - 000000734 _____ C:\ProgramData\Desktop\Glary Utilities 5.lnk
2019-11-27 21:16 - 2018-01-04 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-11-27 21:15 - 2014-08-13 23:22 - 000000000 ____D C:\ProgramData\Package Cache
2019-11-25 17:50 - 2019-01-21 17:47 - 000000000 ____D C:\Users\Salvador\Google Drive Personal
2019-11-25 15:28 - 2018-01-03 15:36 - 000000000 ____D C:\Users\Salvador\AppData\Local\WhatsApp
2019-11-25 11:13 - 2018-12-27 16:13 - 000003584 _____ C:\Users\Salvador\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-11-25 11:00 - 2018-01-05 10:33 - 000003182 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2558096425-18442944-2156315313-1002
2019-11-25 11:00 - 2018-01-04 22:26 - 000002352 _____ C:\Users\Salvador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive para la Empresa.lnk
2019-11-20 12:52 - 2018-01-03 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2019-11-20 12:52 - 2013-11-05 05:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-11-20 12:44 - 2018-02-06 13:05 - 000000000 ____D C:\Program Files\Defraggler
2019-11-20 12:18 - 2018-01-05 18:20 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-11-20 12:17 - 2018-07-23 16:22 - 000004146 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-20 12:17 - 2018-07-23 16:22 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-20 12:17 - 2018-07-23 16:22 - 000003798 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-20 12:17 - 2018-07-23 16:22 - 000003790 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-20 12:17 - 2018-07-23 16:22 - 000001357 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2019-11-20 12:17 - 2018-07-23 16:22 - 000001357 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2019-11-20 12:16 - 2018-01-05 18:00 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-11-20 12:16 - 2018-01-05 18:00 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-11-20 12:15 - 2018-01-05 19:12 - 000000000 ____D C:\Users\Salvador\AppData\Local\NVIDIA Corporation
2019-11-20 12:15 - 2018-01-05 15:49 - 000003738 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-20 12:15 - 2018-01-05 15:49 - 000003494 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-20 12:11 - 2018-02-06 13:05 - 000001707 _____ C:\Users\Public\Desktop\Defraggler.lnk
2019-11-20 12:11 - 2018-02-06 13:05 - 000001707 _____ C:\ProgramData\Desktop\Defraggler.lnk
2019-11-20 12:11 - 2018-01-03 13:37 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-20 00:17 - 2018-06-01 21:03 - 000000000 ____D C:\ProgramData\Origin
2019-11-20 00:16 - 2015-08-01 19:20 - 000000000 ____D C:\Users\Salvador\Documents\The Witcher 3
2019-11-19 12:29 - 2018-09-03 20:43 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-11-19 12:29 - 2018-06-01 21:05 - 000000000 ____D C:\Users\Salvador\AppData\Roaming\Origin
2019-11-17 12:46 - 2015-10-26 21:16 - 000000000 ____D C:\Users\Salvador\Documents\My Games
2019-11-14 14:59 - 2018-05-07 12:28 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-11-13 20:37 - 2018-01-03 16:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-11-13 20:32 - 2018-01-03 16:13 - 128443096 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-11-12 21:38 - 2018-01-03 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-11-12 16:03 - 2018-01-04 12:16 - 000748816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-11-12 15:35 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-11-11 11:26 - 2018-03-12 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-11-11 11:26 - 2018-03-12 19:38 - 000000000 ____D C:\Program Files\Java
2019-11-11 11:25 - 2018-03-12 19:38 - 000129080 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
==================== Files in the root of some directories ========
2018-03-12 11:40 - 2018-03-12 11:44 - 000000132 _____ () C:\Users\Salvador\AppData\Roaming\Adobe BMP Format CS6 Prefs
2018-03-12 11:43 - 2019-01-03 17:48 - 000000132 _____ () C:\Users\Salvador\AppData\Roaming\Adobe PNG Format CS6 Prefs
2018-11-16 18:29 - 2018-11-16 18:29 - 000000132 _____ () C:\Users\Salvador\AppData\Roaming\Prefs. de filtro IllExport de Adobe CS6
2018-05-08 18:03 - 2018-11-20 17:18 - 000000132 _____ () C:\Users\Salvador\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2018-04-04 20:38 - 2019-12-11 12:02 - 000034053 _____ () C:\Users\Salvador\AppData\Roaming\VoiceMeeterDefault.xml
2018-11-16 18:26 - 2019-12-10 17:40 - 000001456 _____ () C:\Users\Salvador\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2018-11-27 11:07 - 2018-12-11 12:14 - 000001456 _____ () C:\Users\Salvador\AppData\Local\Adobe Save for Web 13.0 Prefs
2018-12-27 16:13 - 2019-11-25 11:13 - 000003584 _____ () C:\Users\Salvador\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-28 10:13 - 2018-09-28 10:13 - 000000000 _____ () C:\Users\Salvador\AppData\Local\oobelibMkey.log
2019-09-06 16:48 - 2019-09-06 16:48 - 000001003 _____ () C:\Users\Salvador\AppData\Local\recently-used.xbel
2018-05-29 01:27 - 2018-05-29 01:27 - 000007609 _____ () C:\Users\Salvador\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2018-07-15 17:36
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2019
Ran by Salvador (11-12-2019 13:38:47)
Running from C:\Users\Salvador\Desktop
Windows 8.1 Single Language (Update) (X64) (2018-01-03 18:00:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-2558096425-18442944-2156315313-500 - Administrator - Disabled) => C:\Users\Administrator
ASPNET (S-1-5-21-2558096425-18442944-2156315313-1006 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2558096425-18442944-2156315313-1004 - Limited - Enabled)
Invitado (S-1-5-21-2558096425-18442944-2156315313-501 - Limited - Disabled)
Salvador (S-1-5-21-2558096425-18442944-2156315313-1002 - Administrator - Enabled) => C:\Users\Salvador
Salvador_2 (S-1-5-21-2558096425-18442944-2156315313-1005 - Administrator - Enabled) => C:\Users\Salvador_2
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Disabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Actualización de NVIDIA 38.0.2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.2.0 - NVIDIA Corporation) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20056 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.23 - Adobe Systems)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.270 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\Akamai) (Version: - Akamai Technologies, Inc)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 5.4.0 - philandro Software GmbH)
Aplicación de escritorio Cisco Webex Meetings (HKLM-x32\...\{1EFB7178-5F7C-4591-8C66-DA7557BBAD27}) (Version: 33.6.2.16 - Cisco Webex LLC)
Apple Application Support (32 bits) (HKLM-x32\...\{80B42CAA-28C0-4FBD-A46E-D61F45E2F9FC}) (Version: 7.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{466D00D0-E7DE-47C2-8FE5-54A8009F5850}) (Version: 7.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
ASIO Bridge and Hi-Fi Cable (HKLM-x32\...\VB:ASIOBridge {17359A74-1236-5467}) (Version: - VB-Audio Software)
Avira (HKLM-x32\...\{2F177249-7B33-4501-BBC8-3091F6079B35}) (Version: 1.2.139.5840 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{8489ad9e-2c28-4aaf-97f7-d97424e9e4dc}) (Version: 1.2.139.5840 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{d1005689-1fdc-458f-956d-498db20c18df}) (Version: 1.2.138.20753 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.1912.1683 - Avira Operations GmbH & Co. KG)
Backup and Sync from Google (HKLM\...\{93EBD8BA-7A14-4636-8F1F-E929ADF2C3A9}) (Version: 3.47.7654.0300 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 4.1.21.2018 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Camtasia Studio 8 (HKLM-x32\...\{5303CFB5-D635-44F0-A94B-9611E81F07C4}) (Version: 8.3.0.1471 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version: - dvd8n)
Centro de Mouse y Teclado de Microsoft (HKLM\...\{93FDA8B3-711F-45A7-B7E1-497452B34F5F}) (Version: 10.4.137.0 - Microsoft Corporation) Hidden
Centro de Mouse y Teclado de Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 10.4.137.0 - Microsoft Corporation)
Cisco Webex Meetings (HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\ActiveTouchMeetingClient) (Version: - Cisco Webex LLC)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.2.0 - Conexant)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Discord (HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.35 - NVIDIA Corporation) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 86.4.146 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
DTS Studio Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
Engineer Suite version 0.4.38 (HKLM-x32\...\{EBF3B63D-82C0-499E-A6F4-846D4BFF3F71}_is1) (Version: 0.4.38 - Ancient Tree)
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
GIMP 2.10.2 (HKLM\...\GIMP-2_is1) (Version: 2.10.2 - The GIMP Team)
Glary Utilities 5.132 (HKLM-x32\...\Glary Utilities 5) (Version: 5.132.0.158 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Earth Pro (HKLM-x32\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
GoTo Opener (HKLM-x32\...\{27288E10-7B6A-4EAD-BF7D-C40F86C3C751}) (Version: 1.0.527 - LogMeIn, Inc.)
GoToMeeting 10.5.0.16180 (HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\GoToMeeting) (Version: 10.5.0.16180 - LogMeIn, Inc.)
HP Deskjet 4620 series Software básico del dispositivo (HKLM\...\{FFEBABFA-70F1-4596-BC81-10D64B714FEA}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) 4.0 (HKLM-x32\...\{7BF2D071-1108-4DAC-8DF2-2CD86822039F}) (Version: 3.0.1335.05 - Intel Corporation)
Java 8 Update 231 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Jing (HKLM-x32\...\{8C784F8B-89D0-4A59-A000-7EEF129E1574}) (Version: 2.9.15255.1 - TechSmith Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.61 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Office 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.12228.20332 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft PowerBI Desktop (x64) (HKLM-x32\...\{ab1c2814-a2cf-44de-a788-4feeef539e6f}) (Version: 2.74.5619.862 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 71.0 (x64 en-US) (HKLM\...\Mozilla Firefox 71.0 (x64 en-US)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 71.0.0.7275 - Mozilla)
MusicBee 3.1 (HKLM-x32\...\MusicBee) (Version: 3.1 - Steven Mayall)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA Controlador de gráficos 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 417.35 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.1.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.1.57 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20332 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20332 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.12228.20332 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.55.33574 - Electronic Arts, Inc.)
Panel de control de NVIDIA 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 417.35 - NVIDIA Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller 2.0.6 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.6 - VS Revo Group, Ltd.)
Software Intel® PROSet/Wireless (HKLM-x32\...\{6535d76a-59fb-4935-b2c5-cd61917c4a4b}) (Version: 17.16.0 - Intel Corporation)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Spotify (HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\Spotify) (Version: 1.1.0.237.g378f6f25 - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Stellarium 0.19.1.1 (HKLM\...\Stellarium_is1) (Version: 0.19.1.1 - Stellarium team)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1262 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.1 - Synaptics Incorporated)
Syrinscape Fantasy Player 1.3.3-20160816 (HKLM-x32\...\Syrinscape Fantasy Player 1.0_is1) (Version: - Syrinscape Pty Ltd)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.0.8397 - TeamViewer)
THE WITCHER 3 WILD HUNT (HKLM-x32\...\{5B16803D-D598-4EDA-9E8E-A3D76F625EBF}) (Version: 3.0.10.6059 - CD PROJEKT RED)
TOSHIBA Application Installer (HKLM\...\{21A63CA3-75C0-4E56-B602-B7CD2EF6B621}) (Version: 9.0.2.4 - Toshiba Corporation)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.17.0 - Toshiba Corporation)
TOSHIBA Blu-ray Disc Player (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 1.0.5.214 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{F64E9295-E1B3-4EEA-86D3-AF44A0087B06}) (Version: 1.1.16.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0002.6401 - Toshiba Corporation)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.5.0003.64001 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{63E575B6-BEF3-4DE7-823E-508837914157}) (Version: 2.6.16.0 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation)
UiPath Studio (HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\UiPath) (Version: 19.10.0-beta0484 - UiPath)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)
VBCABLE-A, The Virtual Audio Cable (HKLM\...\VB:VBCABLEA {87459874-1236-4469}) (Version: - VB-Audio Software)
VBCABLE-B, The Virtual Audio Cable (HKLM\...\VB:VBCABLEB {87459874-1236-4469}) (Version: - VB-Audio Software)
VIVOTEK ST7501 (HKLM-x32\...\ST7501) (Version: 1.11.0.9 - VIVOTEK, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version: - VB-Audio Software)
WebClient (HKLM-x32\...\WebClient) (Version: - )
WhatsApp (HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\WhatsApp) (Version: 0.3.9308 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.0.4) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2017-09-05] (WildTangent Games)
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_3.1.2.8_neutral__343d40qqvtj1t [2017-09-05] (Amazon.com)
Evernote Touch -> C:\Program Files\WindowsApps\Evernote.Evernote_3.3.0.102_x86__q4d96b2w5wcc2 [2017-09-05] (Evernote)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.15133.0_x86__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation)
HP All-in-One Printer Remote -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_55.1.43.0_x86__v10z8vjag6ke6 [2017-09-05] (Hewlett-Packard Company)
Juegos -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation) [MS Ad]
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2017-09-05] (AMZN Mobile LLC)
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation) [MS Ad]
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation) [MS Ad]
MSN Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation) [MS Ad]
MSN Recetas -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation) [MS Ad]
MSN Salud -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation) [MS Ad]
MSN Viajes -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation) [MS Ad]
Música -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_2.22.0.39_x64__mcm4njqhnhss8 [2018-10-25] (Netflix, Inc.)
Norton Studio -> C:\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.5.0.41_x86__v68kp9n051hdp [2017-09-05] (Symantec Corporation)
Skitch Touch -> C:\Program Files\WindowsApps\Evernote.Skitch_2.4.2000.1918_neutral__q4d96b2w5wcc2 [2017-09-05] (Evernote)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2017-09-05] (Skype) [MS Ad]
Toshiba Central -> C:\Program Files\WindowsApps\ToshibaAmericaInformation.ToshibaCentral_1.3.0.4_neutral__r8x1fxsdcnpjw [2017-09-05] (Toshiba America Information Systems, Inc.)
TOSHIBA Media Player by sMedio TrueLink+ -> C:\Program Files\WindowsApps\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_3.1.1.33_x64__679ekb9hp1h62 [2017-09-05] (sMedio)
Vídeo -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation) [MS Ad]
Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2017-09-05] (Microsoft Corporation) [MS Ad]
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2017-09-05] (Zinio LLC)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2558096425-18442944-2156315313-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Salvador\AppData\Local\GoToMeeting\14316\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => G:\Programas\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-11-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => G:\Programas\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-08] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2013-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-12-11] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => G:\Programas\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-08] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-11-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Salvador\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
ShortcutWithArgument: C:\Users\Salvador\Desktop\Persona 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 4"
ShortcutWithArgument: C:\Users\Salvador\Desktop\webmaster - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\Users\Salvador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Salvador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Salvador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
==================== Loaded Modules (Whitelisted) =============
2018-04-04 19:18 - 2018-04-04 19:18 - 000454656 _____ () [File not signed] C:\Program Files (x86)\VB\Voicemeeter\mp3lame\lame_enc.dll
2015-10-26 03:26 - 2015-10-26 03:26 - 000363520 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\AccountFacade.dll
2015-10-26 03:25 - 2015-10-26 03:25 - 001094144 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\CameraConfig.dll
2015-10-26 03:30 - 2015-10-26 03:30 - 001323008 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ConfigurationCmdModule.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 005319168 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DataBroker.dll
2015-10-25 23:09 - 2015-10-25 23:09 - 000107520 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DBMSI_ODBC.dll
2015-10-25 23:09 - 2015-10-25 23:09 - 000214016 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DBMSI_PostgreSQL.dll
2015-10-25 23:09 - 2015-10-25 23:09 - 000113152 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DBMSI_SQLite.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 000081408 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DRMControl.dll
2015-10-26 03:31 - 2015-10-26 03:31 - 006480384 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\EventCmdModule.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 002469888 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ffmpeg.dll
2015-10-25 23:14 - 2015-10-25 23:14 - 001235968 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\Gaea.dll
2015-10-25 23:08 - 2015-10-25 23:08 - 000151552 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\libexpat.dll
2015-10-25 23:09 - 2015-10-25 23:09 - 000160256 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\LIBPQ.dll
2015-10-25 23:05 - 2015-10-25 23:05 - 000967680 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\libxml2.dll
2015-10-25 23:10 - 2015-10-25 23:10 - 000115712 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\Mario.dll
2015-10-26 03:25 - 2015-10-26 03:25 - 000081408 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\MessageParser.dll
2015-10-26 03:26 - 2015-10-26 03:26 - 000077824 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\MistRetriever.dll
2015-10-26 03:27 - 2015-10-26 03:27 - 000503296 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\mongoose.dll
2015-10-25 23:08 - 2015-10-25 23:08 - 000139776 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\NetScheduler.dll
2015-10-26 03:34 - 2015-10-26 03:34 - 000971776 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\QTSSModules\QTSSVivotekModule.dll
2015-10-26 03:29 - 2015-10-26 03:29 - 004537856 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\SDKModules\OnvifCameraSDK.dll
2015-10-26 03:28 - 2015-10-26 03:28 - 004495360 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\SDKModules\VIVOTEKCameraSDK.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 000371200 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerChannel.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 000087552 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerChannelWrapper.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 000073216 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerControllerLoader.DLL
2015-10-26 03:27 - 2015-10-26 03:27 - 001710592 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerModules.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 000071680 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerUtilityLoader.DLL
2015-10-26 03:27 - 2015-10-26 03:27 - 000077824 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\SocketRelayer.dll
2015-10-25 23:09 - 2015-10-25 23:09 - 000612664 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\sqlite3.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 000096768 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\SrvDepResource.dll
2015-10-26 03:34 - 2015-10-26 03:34 - 000314880 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VNDPTunnel.dll
2015-10-25 23:05 - 2015-10-25 23:05 - 000059904 _____ () [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\zlib1.dll
2019-12-11 13:31 - 2019-12-11 13:31 - 000114176 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\_ctypes.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000173056 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\_elementtree.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 001808896 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\_hashlib.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000032256 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\_multiprocessing.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000046080 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\_psutil_windows.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000047616 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\_socket.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 002241024 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\_ssl.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000026112 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\_yappi.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000080896 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\bz2.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000016384 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\common.time34.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000007680 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\hashobjs_ext.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000301568 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\PIL._imaging.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000169472 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\pyexpat.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 001084416 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\pysqlite2._sqlite.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000548864 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\pythoncom27.dll
2019-12-11 13:31 - 2019-12-11 13:31 - 000137728 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\pywintypes27.dll
2019-12-11 13:31 - 2019-12-11 13:31 - 000010752 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\select.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000020992 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\thumbnails_ext.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000689664 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\unicodedata.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000119808 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\usb_ext.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000128512 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\win32api.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000438784 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\win32com.shell.shell.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000011776 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\win32crypt.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000023040 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\win32event.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000149504 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\win32file.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000223232 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\win32gui.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000048128 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\win32inet.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000029696 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\win32pdh.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000027648 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\win32pipe.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000044032 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\win32process.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000020480 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\win32profile.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000136192 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\win32security.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000026624 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\win32ts.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000034816 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\windows.conditional.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000038400 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\windows.connectivity.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000071680 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\windows.device_monitor.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000109056 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\windows.volumes.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000020480 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\windows.winwrap.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 001325056 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\wx._controls_.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 001489408 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\wx._core_.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 001007104 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\wx._gdi_.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000103424 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\wx._html2.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 000916992 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\wx._misc_.pyd
2019-12-11 13:31 - 2019-12-11 13:31 - 001039872 _____ () [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\wx._windows_.pyd
2012-09-23 20:44 - 2012-09-23 20:44 - 000010240 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp
2015-10-25 23:05 - 2015-10-25 23:05 - 000888832 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\iconv.dll
2015-10-25 23:05 - 2015-10-25 23:05 - 000888832 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\libiconv2.dll
2015-10-25 23:09 - 2015-10-25 23:09 - 000968886 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\libiconv-2.dll
2015-10-25 23:09 - 2015-10-25 23:09 - 000083906 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\libintl-8.dll
2015-10-25 23:05 - 2015-10-25 23:05 - 000103424 _____ (GNU <www.gnu.org>) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\intl.dll
2018-06-19 16:25 - 2017-06-19 11:12 - 000087040 _____ (Iskysoft) [File not signed] C:\Program Files (x86)\Iskysoft\IAF\2.4.3.227\IsAppCollect.dll
2018-06-19 16:25 - 2017-06-19 11:12 - 000197632 _____ (Iskysoft) [File not signed] C:\Program Files (x86)\Iskysoft\IAF\2.4.3.227\IsAppCommon.dll
2018-06-19 16:25 - 2015-02-27 10:35 - 000489984 _____ (Newtonsoft) [File not signed] C:\Program Files (x86)\Iskysoft\IAF\2.4.3.227\Newtonsoft.Json.dll
2015-10-25 23:10 - 2015-10-25 23:10 - 002251264 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\python26.dll
2019-12-11 13:31 - 2019-12-11 13:31 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\python27.dll
2015-10-25 23:05 - 2015-10-25 23:05 - 000629016 _____ (The GLib developer community) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\libglib-2.0-0.dll
2015-10-25 23:09 - 2015-10-25 23:09 - 001280512 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\LIBEAY32.dll
2015-10-25 23:09 - 2015-10-25 23:09 - 000341504 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\SSLEAY32.dll
2018-04-06 13:29 - 2018-04-06 13:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
2018-04-06 13:29 - 2018-04-06 13:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\ssleay32.dll
2019-11-15 13:45 - 2019-06-11 08:21 - 001277440 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Programas\Origin\LIBEAY32.dll
2019-11-15 13:45 - 2019-06-11 08:22 - 000279040 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Programas\Origin\ssleay32.dll
2019-11-15 13:45 - 2019-07-12 09:23 - 001611264 ____C (The Qt Company Ltd) [File not signed] D:\Programas\Origin\platforms\qwindows.dll
2019-11-15 13:45 - 2019-07-12 09:23 - 005487104 ____C (The Qt Company Ltd) [File not signed] D:\Programas\Origin\Qt5Core.dll
2019-11-15 13:45 - 2019-07-12 09:23 - 005841920 ____C (The Qt Company Ltd) [File not signed] D:\Programas\Origin\Qt5Gui.dll
2019-11-15 13:45 - 2019-07-12 09:23 - 001179136 ____C (The Qt Company Ltd) [File not signed] D:\Programas\Origin\Qt5Network.dll
2019-11-15 13:45 - 2019-07-12 09:23 - 005089792 ____C (The Qt Company Ltd) [File not signed] D:\Programas\Origin\Qt5Widgets.dll
2019-11-15 13:45 - 2019-07-12 09:23 - 000184832 ____C (The Qt Company Ltd) [File not signed] D:\Programas\Origin\Qt5Xml.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 002036736 _____ (VIVOTEK Inc.) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\AVSynchronizer.dll
2015-10-25 23:08 - 2015-10-25 23:08 - 000919040 _____ (VIVOTEK Inc.) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\OpenSSLWrapper.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 000087040 _____ (Vivotek Inc.) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\parsedatapacket.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 000122368 _____ (Vivotek Inc.) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerController.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 000160256 _____ (Vivotek Inc.) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerManager.dll
2015-10-25 23:11 - 2015-10-25 23:11 - 000470016 _____ (Vivotek Inc.) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerUtl.dll
2015-10-25 23:09 - 2015-10-25 23:09 - 004149248 _____ (VIVOTEK) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\Onvif_Discovery.dll
2015-10-25 23:10 - 2015-10-25 23:10 - 000156160 _____ (VIVOTEK) [File not signed] C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VndpLogUtl.dll
2019-12-11 13:31 - 2019-12-11 13:31 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\wxbase30u_net_vc90_x64.dll
2019-12-11 13:31 - 2019-12-11 13:31 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\wxbase30u_vc90_x64.dll
2019-12-11 13:31 - 2019-12-11 13:31 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\wxmsw30u_adv_vc90_x64.dll
2019-12-11 13:31 - 2019-12-11 13:31 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\wxmsw30u_core_vc90_x64.dll
2019-12-11 13:31 - 2019-12-11 13:31 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\wxmsw30u_html_vc90_x64.dll
2019-12-11 13:31 - 2019-12-11 13:31 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Salvador\AppData\Local\Temp\_MEI120442\wxmsw30u_webview_vc90_x64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 08:25 - 2019-12-10 11:43 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;c:\program files (x86)\intel\icls client\;c:\program files\intel\icls client\;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\program files\intel\intel(r) management engine components\dal;c:\program files\intel\intel(r) management engine components\ipt;c:\program files (x86)\intel\intel(r) management engine components\dal;c:\program files (x86)\intel\intel(r) management engine components\ipt;c:\program files\intel\wifi\bin\;c:\program files\common files\intel\wirelesscommon\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Salvador\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\stark.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvTelemetryContainer => 2
MSCONFIG\Services: PAExec => 3
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "ST7501 Service Control"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "PTIM.exe"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\StartupApproved\StartupFolder: => "Enviar a OneNote.lnk"
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\...\StartupApproved\Run: => "GUDelayStartup"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{9277DA0A-AAF2-435C-B086-89BEB61E3A42}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{12D7AEE9-DA27-4BC9-B85F-55462A6D2AEE}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{0AED8812-40D2-4AF1-840E-B43BB9AE13BA}C:\program files\hp\hp deskjet 4620 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp deskjet 4620 series\bin\hpnetworkcommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [UDP Query User{AB7AA71F-D049-4602-AE0E-9ED5096CE422}C:\program files\hp\hp deskjet 4620 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp deskjet 4620 series\bin\hpnetworkcommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{FCA70AD9-0253-4E3D-A423-67B13D9F185B}C:\program files (x86)\dropbox\client\dropbox.exe] => (Block) C:\program files (x86)\dropbox\client\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [UDP Query User{970471B2-4517-47C1-B973-A4FFBEC28CAF}C:\program files (x86)\dropbox\client\dropbox.exe] => (Block) C:\program files (x86)\dropbox\client\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [TCP Query User{E9C9C0D7-38DB-4CC0-96C6-D8228EE706BE}D:\programas\steam\steam.exe] => (Allow) D:\programas\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{BD2C5021-17BC-4E92-B6E1-4CECE2AA0BA3}D:\programas\steam\steam.exe] => (Allow) D:\programas\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B391980B-75E9-4D52-B8AB-E4ABAF5CD99E}] => (Allow) D:\Programas\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6EA1C65F-7E8A-4528-B906-BF13DCD23B37}] => (Allow) D:\Programas\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{83499179-9FFD-4D85-9DF1-494665EE07F8}C:\program files (x86)\bluestacks\hd-player.exe] => (Block) C:\program files (x86)\bluestacks\hd-player.exe (BlueStack Systems, Inc.) [File not signed]
FirewallRules: [UDP Query User{157A43BB-B448-4D71-8EDE-68322075AF78}C:\program files (x86)\bluestacks\hd-player.exe] => (Block) C:\program files (x86)\bluestacks\hd-player.exe (BlueStack Systems, Inc.) [File not signed]
FirewallRules: [{D10DFB37-DD59-4825-91FC-0B828218DE0A}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{7D0A1BB2-8108-47D5-9340-FF07F21DEF7A}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{5962A1B1-9A76-48B8-9A98-5E2BC3BFC06A}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{E12E7BC4-7A28-4EED-8129-015150C46E60}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{0A9DDA98-ED33-4E5B-8714-60A44C66C5B1}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{0D90F76E-CB63-4DC7-8951-0CE0C88E862E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [TCP Query User{83B38BC4-5BD9-41C1-A263-74B6822ECFC0}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{F71D2B36-7A9B-4D0A-9D5E-49402AE8A9B4}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{C6D26F07-6CAE-4712-BCCB-5627D65FF827}C:\program files\hp\hp deskjet 4620 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp deskjet 4620 series\bin\hpnetworkcommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [UDP Query User{97C3468C-4730-4901-9F1D-6FA4090C013F}C:\program files\hp\hp deskjet 4620 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp deskjet 4620 series\bin\hpnetworkcommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{E3822A10-BCE6-454C-9243-B4C678B248DD}C:\program files (x86)\dropbox\client\dropbox.exe] => (Block) C:\program files (x86)\dropbox\client\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [UDP Query User{C06C35C9-5BA8-4EE3-9596-6E12F1209158}C:\program files (x86)\dropbox\client\dropbox.exe] => (Block) C:\program files (x86)\dropbox\client\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Restore Points =========================
27-11-2019 21:12:44 Windows Update
04-12-2019 11:26:47 AdwCleaner_BeforeCleaning_04/12/2019_11:26:46
08-12-2019 20:16:17 JRT Pre-Junkware Removal
09-12-2019 11:16:51 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices ============
Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (12/11/2019 01:28:15 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Un problema impidió que los datos del Programa para la mejora de la experiencia del usuario se enviaran a Microsoft, (error 80070005).
Error: (12/11/2019 11:52:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 17 1.0.0.127.in-addr.arpa. PTR SalvasLap.local.
Error: (12/11/2019 11:52:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 127.0.0.1:5353 19 1.0.0.127.in-addr.arpa. PTR SalvasLap-2.local.
Error: (12/10/2019 11:13:32 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: No se puede leer el valor de "First Counter" en la clave usbperf\Performance. Los códigos de estado se devolvieron en los datos.
Error: (12/10/2019 11:13:31 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description: No se pueden leer los datos de rendimiento para el servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado, los próximos cuatro bytes contienen IOSB.Status y los siguientes cuatro bytes contienen IOSB.Information.
Error: (12/10/2019 11:13:30 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: No se pudo obtener la información del Registro del contador de rendimiento de WSearchIdxPi para la instancia debido al siguiente error: La operación se completó correctamente. 0x0.
Error: (12/10/2019 11:13:30 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: No se puede inicializar la supervisión de rendimiento para el objeto Recopilador; no se cargaron los contadores o no se pudo abrir el objeto de memoria compartida. Esto sólo afecta a la disponibilidad de contadores del rendimiento. Reinicie el equipo.
Contexto: aplicación , catálogo SystemIndex
Error: (12/10/2019 11:13:30 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: No se puede inicializar la supervisión del rendimiento para el servicio Recopilador; no se cargaron los contadores o no se puede abrir el objeto de memoria compartida. Esto sólo afecta a la disponibilidad de contadores del rendimiento. Reinicie el equipo.
System errors:
=============
Error: (12/11/2019 01:39:21 PM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.
Error: (12/11/2019 01:39:18 PM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.
Error: (12/11/2019 01:39:14 PM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.
Error: (12/11/2019 01:39:10 PM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.
Error: (12/11/2019 01:38:16 PM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.
Error: (12/11/2019 01:38:13 PM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.
Error: (12/11/2019 01:38:09 PM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.
Error: (12/11/2019 01:38:05 PM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.
Windows Defender:
===================================
Date: 2019-12-02 22:17:25.487
Description:
Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nombre: HackTool:MSIL/AutoKMS
Id.: 2147711767
Gravedad: Media
Categoría: Herramienta
Ruta de acceso: file:_C:\Program Files\KMSpico\Service_KMS.exe;process:_pid:3752,ProcessStart:132194605827238177
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\KMSpico\Service_KMS.exe
Versión de firma: AV: 1.259.1155.0, AS: 1.259.1155.0, NIS: 118.2.0.0
Versión de motor: AM: 1.1.16500.1, NIS: 2.1.14202.0
Date: 2019-12-02 22:16:15.790
Description:
Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nombre: HackTool:MSIL/AutoKMS
Id.: 2147711767
Gravedad: Media
Categoría: Herramienta
Ruta de acceso: file:_C:\Program Files\KMSpico\Service_KMS.exe;process:_pid:3752,ProcessStart:132194605827238177;service:_Service KMSELDI
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\KMSpico\Service_KMS.exe
Versión de firma: AV: 1.259.1155.0, AS: 1.259.1155.0, NIS: 118.2.0.0
Versión de motor: AM: 1.1.14405.2, NIS: 2.1.14202.0
Date: 2018-01-04 12:16:55.822
Description:
Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767
Nombre: HackTool:MSIL/AutoKMS
Id.: 2147711767
Gravedad: Media
Categoría: Herramienta
Ruta de acceso: file:_C:\Program Files\KMSpico\Service_KMS.exe;process:_pid:1420,ProcessStart:131595515880773031;service:_Service KMSELDI
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\KMSpico\Service_KMS.exe
Versión de firma: AV: 1.259.1155.0, AS: 1.259.1155.0, NIS: 118.2.0.0
Versión de motor: AM: 1.1.14405.2, NIS: 2.1.14202.0
CodeIntegrity:
===================================
Date: 2019-12-10 23:13:29.931
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-12-10 11:44:59.718
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-12-10 11:43:11.547
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-12-09 12:29:35.995
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-12-09 12:01:30.174
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-12-09 11:12:49.692
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-12-08 20:31:57.472
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-12-06 12:05:00.819
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Insyde Corp. 1.50 04/18/2014
Motherboard: Type2 - Board Vendor Name1 Type2 - Board Product Name1
Processor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Percentage of memory in use: 22%
Total physical RAM: 16308.09 MB
Available physical RAM: 12634.86 MB
Total Virtual: 32692.09 MB
Available Virtual: 28435.34 MB
==================== Drives ================================
Drive c: (TI1068510PA) (Fixed) (Total:228.36 GB) (Free:18.17 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:698.63 GB) (Free:327.43 GB) NTFS
Drive f: () (Fixed) (Total:272.61 GB) (Free:33.21 GB) NTFS
Drive g: (Nuevo vol) (Fixed) (Total:305.57 GB) (Free:288.66 GB) NTFS
\\?\Volume{9f8efac0-1832-11e9-82ed-806e6f6e6963}\ () (Fixed) (Total:0.82 GB) (Free:0.35 GB) NTFS
\\?\Volume{e0a84ae8-50ae-11e3-b82b-e9274f1274ab}\ (System) (Fixed) (Total:1 GB) (Free:0.61 GB) NTFS
\\?\Volume{f1ed449d-2375-11e4-af39-c45444b7032f}\ (Recovery) (Fixed) (Total:8.89 GB) (Free:0.79 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: D6FA2AD7)
Partition 1: (Active) - (Size=272.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=842 MB) - (Type=27)
Partition 3: (Not Active) - (Size=305.6 GB) - (Type=0F Extended)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: C9F0761E)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Bien… y ahora sigue estos pasos, MUY Importante Realiza una copia de seguridad del registro :
-
Para hacerlo descarga DelFix.exe(en tu escritorio).
-
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
-
Atención, ahora marca/selecciona únicamente la casilla Create registry backup, las demás casillas NO.
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.
- Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
DPF: HKLM-x32 {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} hxxp://www.autonat.com/d3/WebClient.exe
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-04] (Google Inc -> Google LLC)
CHR HKU\S-1-5-21-2558096425-18442944-2156315313-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx <not found>
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8 y 8.1 ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.
-
Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
-
Presionar el botón FIX y aguardar a que termine.
-
La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).
Pegar el contenido de este fichero en tu próxima respuesta.
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Saludos.
Listo, realicé lo indicado. Hasta ahora todo bien, corre como una seda. Espero que no se empiece a colgar. Acá va el reporte solicitado:
Fix result of Farbar Recovery Scan Tool (x64) Version: 07-12-2019
Ran by Salvador (11-12-2019 19:18:21) Run:2
Running from C:\Users\Salvador\Desktop
Loaded Profiles: Salvador (Available Profiles: Salvador & Salvador_2 & Administrador)
Boot Mode: Safe Mode (with Networking)
==============================================
fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
DPF: HKLM-x32 {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} hxxp://www.autonat.com/d3/WebClient.exe
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-04] (Google Inc -> Google LLC)
CHR HKU\S-1-5-21-2558096425-18442944-2156315313-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx <not found>
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-04] (Google Inc" => not found
C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll => moved successfully
HKU\S-1-5-21-2558096425-18442944-2156315313-1002\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2558096425-18442944-2156315313-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2558096425-18442944-2156315313-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= End of CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
No se puede realizar ninguna operaci¢n en Conexi¢n de rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
========= End of CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
Unable to connect to BITS - 0x8007042c
========= End of CMD: =========
========= netsh advfirewall reset =========
Aceptar
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= End of CMD: =========
========= netsh int ipv4 reset =========
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
========= netsh int ipv6 reset =========
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17047616 B
Java, Flash, Steam htmlcache => 10821201 B
Windows/system/drivers => 1399743 B
Edge => 0 B
Chrome => 107103943 B
Firefox => 444295460 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 81862 B
NetworkService => 81862 B
Salvador => 15236289256 B
Salvador_2 => 15236289256 B
UpdatusUser => 15236289256 B
Administrator => 15236289256 B
RecycleBin => 7121873 B
EmptyTemp: => 57.3 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:18:33 ====
Bien… pues ahora mantenlo en observación durante al menos 24h mas y usándolo de forma habitual.
Saludos.
P.D// > Y de momento , Por Favor, mientras estemos desinfectando/arreglando tu máquina :
Hola Javier, se ha empezado a congelar nuevamente Quería pasarle el GlaryUtilities para liberar un poco de espacio en el disco C: para ver si ayuda a mejorar pero como en las instrucciones sale que no ejecute ningún otro programa relacionado entonces no lo he hecho. Quedo atento a tus instrucciones. Gracias