Pen usb vuelve a crear carpetas y archivos

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2019
Ran by Jordi (administrator) on DESKTOP-9SFDRFJ (22-12-2019 09:38:17)
Running from C:\Users\Jordi\Desktop
Loaded Profiles: Jordi (Available Profiles: Jordi)
Platform: Windows 10 Pro Version 1803 17134.345 (X64) Language: Español (España, internacional)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Crystal Rich Ltd -> Crystal Rich Ltd) [File not signed] C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe
(Crystal Rich Ltd -> Crystal Rich Ltd) C:\Program Files (x86)\USB Safely Remove\USBSRService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(H.D.S. Hungary) [File not signed] C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
(M-Audio -> Avid Technology, Inc.) C:\Windows\SysWOW64\MAFWTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\PreSonusHardwareAccessService.exe
(PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\Universal Control.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [178504 2018-07-12] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM\...\Run: [USB Safely Remove] => C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe [6544992 2018-10-18] (Crystal Rich Ltd -> Crystal Rich Ltd) [File not signed]
HKLM-x32\...\Run: [M-Audio Taskbar Icon] => C:\WINDOWS\SysWOW64\MAFWTray.exe [252424 2009-07-29] (M-Audio -> Avid Technology, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Winlogon: [Userinit] G:\WINDOWS\SYSTEM32\userinit.exe,
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\Run: [] => [X]
HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\Run: [BandLab Assistant.app] => [X]
HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\Run: [Universal Control] => C:\Program Files\PreSonus\Universal Control\Universal Control.exe [17569792 2019-10-17] (PreSonus) [File not signed]
HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3284944 2019-11-14] (Valve -> Valve Corporation)
HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-12-18] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\MountPoints2: {9c6a3cdc-b600-11e8-a9d2-bc5ff4202a67} - "I:\Autorun.exe" 
HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\MountPoints2: {ca838e5b-b437-11e9-aab7-9d87e92199ff} - "D:\setup_vmc_lite.exe" /checkApplicationPresence
HKLM\Software\...\AppCompatFlags\Custom\TwoWorlds2.exe: [{147194b3-ab4a-44e0-82a5-0267539b0c23}.sdb] -> gogtw2
HKLM\Software\...\AppCompatFlags\Custom\TwoWorlds2_DX10.exe: [{147194b3-ab4a-44e0-82a5-0267539b0c23}.sdb] -> gogtw2
HKLM\Software\...\AppCompatFlags\InstalledSDB\{147194b3-ab4a-44e0-82a5-0267539b0c23}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{147194b3-ab4a-44e0-82a5-0267539b0c23}.sdb [2014-08-28]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-20] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CEFB5C5-AE31-4BA7-8844-46138C668733} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {1C5B55AF-A7E8-4815-97D3-664373C066BE} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1EBC1563-53EE-45ED-A3AC-9192FF86FB22} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [315056 2018-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {20D67449-0264-4F11-BB63-1504B99024AD} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {26157520-518D-4A0C-8B8F-2141B2316377} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [5967976 2015-08-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {26923E67-C1FD-4141-89F2-9450F692E894} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {27203AEF-B35E-471A-9238-8DE2F61452BD} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {273CCFF5-CA23-4A16-A1F5-493C23385B9B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2BFFFBDD-3406-42AE-AF7C-B580DC778D66} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {560F25C5-AA20-4239-9F33-A3E5DA435DB0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301928 2019-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5C569A9A-551F-4644-A702-0280439B293C} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-9SFDRFJ-Jordi => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {5D84070E-145E-4574-9B7B-A5E14B161FE5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [5967976 2015-08-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {5EFB72E1-A993-47A9-BFB7-DADB97975864} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Jordi\Downloads\esetonlinescanner_esn.exe [8162616 2019-12-20] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {73F3FD57-B7D7-4C80-BA64-0226B20DE9E3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-08] (Google Inc -> Google Inc.)
Task: {76061DF3-FBE1-4464-9F1B-DA1875B7281E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [315056 2018-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {7BCDBA1E-2679-472A-B959-F290FBF0D203} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-08] (Google Inc -> Google Inc.)
Task: {7EE0ACFA-7CF3-46DE-9216-1DDFC0DBD9D3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-12-18] (Piriform Software Ltd -> Piriform Ltd)
Task: {BE5F3E48-DCC0-40B4-A71F-2757D8014362} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C00D369E-F0E2-415D-9D93-29B6E19219F6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C4D0D44B-5C50-46E3-BB4F-6BC5DB81A184} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654456 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C8D513CE-DA0C-40D2-884F-D594632E651B} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Jordi => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [5445120 2018-07-17] (H.D.S. Hungary) [File not signed]
Task: {CDC26AD9-D417-4071-A973-45F90F5C0950} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-11] (Adobe Inc. -> Adobe Systems)
Task: {DB9B2E6F-7F08-4B34-8685-B07C2AFB07D1} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Jordi\Downloads\esetonlinescanner_esn.exe [8162616 2019-12-20] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {E4936874-F2BA-41AA-8ACA-B39E5BA41303} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EEAD72DD-F851-42B2-B0A4-E965A5EC7E24} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-12-18] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7d2d4f0c-af92-4b02-9459-4f6628fa3680}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-10-14] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-10-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-10-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-10-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-14] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 4pl4svt9.default
FF ProfilePath: C:\Users\Jordi\AppData\Roaming\Mozilla\Firefox\Profiles\4pl4svt9.default [2019-12-22]
FF Homepage: Mozilla\Firefox\Profiles\4pl4svt9.default -> hxxps://www.google.es/
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-10-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-10-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Jordi\AppData\Local\Google\Chrome\User Data\Default [2019-12-19]
CHR Extension: (Presentaciones) - C:\Users\Jordi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-08]
CHR Extension: (Documentos) - C:\Users\Jordi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-08]
CHR Extension: (Google Drive) - C:\Users\Jordi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-08]
CHR Extension: (YouTube) - C:\Users\Jordi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-08]
CHR Extension: (Hojas de cálculo) - C:\Users\Jordi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-08]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Jordi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-11]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Jordi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-02-08]
CHR Extension: (Gmail) - C:\Users\Jordi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-02-08]
CHR Extension: (Chrome Media Router) - C:\Users\Jordi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-08]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2776664 2015-08-15] (Microsoft Corporation -> Microsoft Corporation)
S4 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [40016 2018-12-25] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2330224 2018-07-12] (ESET, spol. s r.o. -> ESET)
S3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2330224 2018-07-12] (ESET, spol. s r.o. -> ESET)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-12-17] (Malwarebytes Inc -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PreSonus Hardware Access Service; C:\Program Files\PreSonus\Universal Control\PreSonusHardwareAccessService.exe [483328 2019-10-17] (PreSonus) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-08-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 USBSafelyRemoveService; C:\Program Files (x86)\USB Safely Remove\USBSRService.exe [1736800 2018-09-08] (Crystal Rich Ltd -> Crystal Rich Ltd)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u https://activation.paceap.com/InitiateActivation [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [303712 2018-11-01] (Bluestack Systems, Inc. -> Bluestack System Inc. )
R3 dc3d; C:\WINDOWS\System32\drivers\dc3d.sys [47616 2011-05-18] (Hardware Group Test Cert -> Microsoft Corporation)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-09-13] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-09-13] (Disc Soft Ltd -> Disc Soft Ltd)
S3 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [143624 2018-07-12] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-08-22] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [196112 2018-07-12] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [110376 2018-07-12] (ESET, spol. s r.o. -> ESET)
R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [73448 2018-10-08] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [53504 2018-10-08] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [22784 2018-10-08] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [341760 2018-10-08] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R3 MAFW; C:\WINDOWS\system32\DRIVERS\mafw.sys [231944 2009-07-29] (M-Audio -> Avid Technology, Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-12-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MDA_NTDRV; C:\WINDOWS\system32\MDA_NTDRV.sys [21208 2019-12-12] (北京铠信神州科技有限责任公司 -> )
R3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2018-04-12] (Microsoft Windows -> MediaTek Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_547eeefb57db4499\nvlddmkm.sys [21858904 2019-07-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 paeusbaudio; C:\WINDOWS\System32\drivers\paeusbaudio.sys [364896 2018-10-11] (PreSonus Audio Electronics, Inc -> )
R3 paeusbaudioks; C:\WINDOWS\system32\DRIVERS\paeusbaudioks.sys [62816 2018-10-11] (PreSonus Audio Electronics, Inc -> )
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 teVirtualMIDI64; C:\WINDOWS\system32\DRIVERS\teVirtualMIDI64.sys [41016 2016-08-31] (Tobias Erichsen -> Tobias Erichsen)
R3 tilfilter; C:\WINDOWS\System32\drivers\TIxHCIlfilter.sys [34424 2016-08-19] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
R3 tiufilter; C:\WINDOWS\System32\drivers\TIxHCIufilter.sys [39032 2016-08-19] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-04-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [344544 2019-04-30] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-04-30] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-22 09:38 - 2019-12-22 09:38 - 000025756 _____ C:\Users\Jordi\Desktop\FRST.txt
2019-12-22 09:37 - 2019-12-22 09:38 - 000000000 ____D C:\FRST
2019-12-22 09:36 - 2019-12-22 09:36 - 002264064 _____ (Farbar) C:\Users\Jordi\Desktop\FRST64.exe
2019-12-20 22:34 - 2019-12-22 00:45 - 000000000 ____D C:\KVRT_Data
2019-12-20 22:34 - 2019-12-20 22:34 - 179094968 _____ (AO Kaspersky Lab) C:\Users\Jordi\Downloads\KVRT.exe
2019-12-20 22:33 - 2019-12-20 22:33 - 000003812 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2019-12-20 22:33 - 2019-12-20 22:33 - 000003370 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2019-12-20 22:31 - 2019-12-20 22:31 - 000031910 _____ C:\Users\Jordi\Desktop\Eset Online Scanner report.txt
2019-12-20 08:31 - 2019-12-20 08:31 - 008162616 _____ (ESET spol. s r.o.) C:\Users\Jordi\Downloads\esetonlinescanner_esn.exe
2019-12-20 08:31 - 2019-12-20 08:31 - 000000769 _____ C:\Users\Jordi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2019-12-20 08:31 - 2019-12-20 08:31 - 000000670 _____ C:\Users\Jordi\Desktop\ESET Online Scanner.lnk
2019-12-19 09:42 - 2019-12-19 09:42 - 000001547 _____ C:\Users\Jordi\Desktop\Malware Report.txt
2019-12-19 09:31 - 2019-12-19 09:31 - 000014359 _____ C:\Users\Jordi\Desktop\UsbFix_Report.txt
2019-12-18 13:09 - 2019-12-19 09:31 - 000001956 _____ C:\Users\Jordi\Desktop\UsbFix Anti-Malware.lnk
2019-12-18 13:09 - 2019-12-18 14:32 - 000000000 ____D C:\Program Files (x86)\UsbFix
2019-12-18 13:06 - 2019-12-18 13:06 - 000143230 _____ C:\Users\Jordi\Documents\cc_20191218_130643.reg
2019-12-18 13:02 - 2019-12-21 15:05 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-12-18 13:02 - 2019-12-19 09:18 - 000000000 ____D C:\Program Files\CCleaner
2019-12-18 13:02 - 2019-12-18 13:02 - 000002888 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-12-18 13:02 - 2019-12-18 13:02 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-18 13:02 - 2019-12-18 13:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-12-18 12:55 - 2019-12-18 12:55 - 004806664 _____ (SOSVirus) C:\Users\Jordi\Downloads\UsbFix_2019.exe
2019-12-18 12:52 - 2019-12-18 12:52 - 025441808 _____ (Piriform Software Ltd) C:\Users\Jordi\Downloads\ccsetup562.exe
2019-12-18 02:43 - 2019-12-18 02:43 - 000161388 _____ C:\WINDOWS\notepad.rar
2019-12-18 01:42 - 2019-12-18 02:42 - 000001242 _____ C:\Users\Jordi\Desktop\USB Flash Drive Format Tool.lnk
2019-12-18 01:42 - 2019-12-18 01:42 - 000717180 _____ (Rogosoft Corporation ) C:\Users\Jordi\Downloads\USBFlashDriveFormatToolSetup.exe
2019-12-18 01:42 - 2019-12-18 01:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Flash Drive Format Tool 1.0
2019-12-18 01:42 - 2019-12-18 01:42 - 000000000 ____D C:\Program Files\USB Flash Drive Format Tool
2019-12-18 01:41 - 2019-12-18 01:41 - 001302512 _____ C:\Users\Jordi\Downloads\epm_trial_installer(1).exe
2019-12-18 01:40 - 2019-12-18 01:41 - 038703024 _____ (EaseUS ) C:\Users\Jordi\Downloads\epm_trial_easeus.exe
2019-12-18 01:40 - 2019-12-18 01:40 - 001302512 _____ C:\Users\Jordi\Downloads\epm_trial_installer.exe
2019-12-18 01:36 - 2019-12-18 01:36 - 000000000 _____ C:\Users\Jordi\unidad
2019-12-18 01:35 - 2019-12-18 01:35 - 000000000 _____ C:\Users\Jordi\attrib
2019-12-18 01:03 - 2019-12-18 01:05 - 002427504 _____ (Wiper Software, UAB) C:\Users\Jordi\Downloads\WiperSoft-installer.exe
2019-12-18 00:49 - 2019-12-18 00:56 - 000000000 ____D C:\ProgramData\RogueKiller
2019-12-18 00:49 - 2019-12-18 00:49 - 037028920 _____ C:\Users\Jordi\Downloads\RogueKiller_portable64.exe
2019-12-18 00:16 - 2019-12-18 00:17 - 002953520 _____ (AVAST Software) C:\Users\Jordi\Downloads\avast-browser-cleanup.exe
2019-12-17 23:57 - 2019-12-17 23:57 - 000000253 _____ C:\DelFix.txt
2019-12-17 23:57 - 2019-12-17 23:57 - 000000000 ____D C:\WINDOWS\ERUNT
2019-12-17 23:56 - 2019-12-17 23:56 - 000797760 _____ C:\Users\Jordi\Downloads\delfix.exe
2019-12-17 23:35 - 2019-12-17 23:35 - 001883976 _____ (Malwarebytes) C:\Users\Jordi\Downloads\MBSetup.exe
2019-12-17 23:35 - 2019-12-17 23:35 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-12-17 23:35 - 2019-12-17 23:35 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-12-17 23:35 - 2019-12-17 23:35 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-12-17 23:35 - 2019-12-17 23:35 - 000000000 ____D C:\Users\Jordi\AppData\Local\mbamtray
2019-12-17 23:35 - 2019-12-17 23:35 - 000000000 ____D C:\Users\Jordi\AppData\Local\mbam
2019-12-17 23:35 - 2019-12-17 23:35 - 000000000 ____D C:\Users\Jordi\AppData\Local\cache
2019-12-17 23:35 - 2019-12-17 23:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-12-17 23:35 - 2019-12-17 23:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-12-17 23:35 - 2019-12-17 23:35 - 000000000 ____D C:\Program Files\Malwarebytes
2019-12-17 22:34 - 2019-12-17 22:35 - 000000000 ____D C:\AdwCleaner
2019-12-17 22:34 - 2019-12-17 22:34 - 008218800 _____ (Malwarebytes) C:\Users\Jordi\Downloads\adwcleaner_8.0.0.exe
2019-12-17 19:35 - 2019-12-17 19:35 - 000000000 _____ C:\Users\Jordi\select
2019-12-17 18:35 - 2019-12-17 18:35 - 000035749 _____ C:\Users\Jordi\Downloads\Desinfecta_USB_LC.rar
2019-12-16 10:54 - 2019-12-16 10:54 - 000002807 _____ C:\Users\Public\Desktop\Kontakt Library Fix 2.lnk
2019-12-16 10:54 - 2019-12-16 10:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UbyXsoft
2019-12-16 10:50 - 2019-12-16 10:50 - 096549645 _____ C:\Users\Jordi\Downloads\kontakt-library-fix2.rar
2019-12-15 12:12 - 2019-12-16 10:54 - 000000000 ____D C:\Program Files (x86)\UbyXsoft
2019-12-12 12:33 - 2019-12-18 13:53 - 000000288 _____ C:\WINDOWS\dm.dmap
2019-12-12 12:32 - 2019-12-12 12:32 - 000021208 _____ C:\WINDOWS\system32\MDA_NTDRV.sys
2019-12-12 12:31 - 2019-12-12 12:31 - 011355848 _____ C:\Users\Jordi\Downloads\mn2f-portable.zip
2019-12-12 12:24 - 2019-12-12 12:24 - 003502987 _____ C:\Users\Jordi\Downloads\FdUsbW7_ketron(1).exe
2019-12-12 11:42 - 2019-12-12 11:42 - 003502987 _____ C:\Users\Jordi\Downloads\FdUsbW7_ketron.exe
2019-12-12 11:42 - 2019-12-12 11:42 - 000001221 _____ C:\Users\Jordi\Desktop\Virtual Floppy Explorer.lnk
2019-12-12 11:42 - 2019-12-12 11:42 - 000001196 _____ C:\Users\Jordi\Desktop\Virtual Floppy Format.lnk
2019-12-12 11:42 - 2019-12-12 11:42 - 000001196 _____ C:\Users\Jordi\Desktop\Floppy Imaging.lnk
2019-12-12 11:42 - 2019-12-12 11:42 - 000000000 ____D C:\Users\Jordi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual Floppy Software
2019-12-12 11:42 - 2019-12-12 11:42 - 000000000 ____D C:\Program Files (x86)\Virtual Floppy Software
2019-12-12 09:55 - 2019-12-12 09:55 - 002240003 _____ C:\Users\Jordi\Downloads\sd5.pdf
2019-12-11 12:02 - 2019-12-11 12:02 - 000089270 _____ C:\Users\Jordi\Documents\Permanencia 100€.htm
2019-12-11 12:02 - 2019-12-11 12:02 - 000000000 ____D C:\Users\Jordi\Documents\Permanencia 100€_files
2019-12-11 10:52 - 2019-12-11 10:52 - 000000000 ____D C:\Users\Jordi\AppData\Local\WhatsApp
2019-12-11 10:47 - 2019-12-11 11:51 - 000000000 ____D C:\Users\Jordi\AppData\Roaming\WhatsApp
2019-12-11 10:47 - 2019-12-11 10:52 - 000002197 _____ C:\Users\Jordi\Desktop\WhatsApp.lnk
2019-12-11 10:47 - 2019-12-11 10:52 - 000000000 ____D C:\Users\Jordi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2019-12-11 10:46 - 2019-12-11 10:52 - 000000000 ____D C:\Users\Jordi\AppData\Local\SquirrelTemp
2019-12-11 10:45 - 2019-12-11 10:46 - 126922160 _____ (WhatsApp) C:\Users\Jordi\Downloads\WhatsAppSetup.exe
2019-12-10 16:32 - 2019-12-11 10:15 - 000000404 _____ C:\Users\Jordi\Documents\Temas Marc Linares Diciembre.txt
2019-12-10 13:08 - 2019-12-10 13:08 - 000853635 _____ C:\Users\Jordi\Downloads\12051460846-275-3-L96HIJY.pdf
2019-12-10 12:20 - 2019-12-10 12:20 - 000000040 _____ C:\Users\Jordi\Documents\lectura luz.txt
2019-12-10 10:09 - 2019-12-10 10:09 - 000042590 _____ C:\Users\Jordi\Downloads\[email protected]
2019-12-10 09:49 - 2019-12-10 09:49 - 000002484 _____ C:\Users\Jordi\Downloads\AUD_RC1767.mid
2019-12-10 09:45 - 2019-12-10 09:46 - 003717712 _____ C:\Users\Jordi\Downloads\El Sitio de Zaragoza(1).rar
2019-12-10 09:43 - 2019-12-10 09:43 - 000208356 _____ C:\Users\Jordi\Downloads\El sitio de Zaragoza.pdf
2019-12-10 00:46 - 2019-12-10 00:46 - 005718872 _____ (Microsoft Corporation) C:\Users\Jordi\Downloads\vcredist_x64.exe
2019-12-10 00:43 - 2019-12-10 00:43 - 000001047 _____ C:\Users\Public\Desktop\Toontrack EZkeys (64Bit).lnk
2019-12-10 00:43 - 2019-12-10 00:43 - 000000978 _____ C:\Users\Public\Desktop\Toontrack EZkeys (32Bit).lnk
2019-12-09 17:07 - 2019-12-09 17:07 - 000000000 ____D C:\Users\Jordi\Documents\Addictive Keys
2019-12-09 16:50 - 2019-12-09 17:00 - 000000000 ____D C:\Users\Jordi\Documents\Addictive Keys Logs
2019-12-09 16:49 - 2019-12-09 16:59 - 000001067 _____ C:\Users\Jordi\Desktop\Addictive Keys.lnk
2019-12-04 18:41 - 2019-12-04 18:41 - 000029015 _____ C:\Users\Jordi\Downloads\MMC_2152823_0412-184136.zip
2019-12-04 18:01 - 2019-12-04 18:01 - 000020052 _____ C:\Users\Jordi\Downloads\0002787700.gm.mid
2019-12-04 17:43 - 2019-12-04 17:43 - 000011101 _____ C:\Users\Jordi\Downloads\ge27877.mid
2019-12-03 22:03 - 2019-12-05 09:34 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-12-03 11:36 - 2019-12-03 11:37 - 000000000 ____D C:\Users\Jordi\AppData\Roaming\Black Rooster Audio
2019-12-03 11:31 - 2019-12-03 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Rooster Audio
2019-12-03 11:31 - 2019-12-03 11:31 - 000000000 ____D C:\Program Files\Black Rooster Audio
2019-12-03 11:21 - 2019-12-03 11:21 - 000000000 ____D C:\ProgramData\sonimus_bip
2019-12-03 11:12 - 2019-12-03 11:15 - 000000000 ____D C:\Program Files\MeldaProduction
2019-12-03 11:12 - 2019-12-03 11:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MeldaProduction
2019-12-03 11:08 - 2019-12-03 11:22 - 000000000 ____D C:\Users\Jordi\AppData\Roaming\MeldaProduction
2019-12-03 11:08 - 2019-12-03 11:17 - 000000000 ____D C:\ProgramData\MeldaProduction
2019-11-29 09:28 - 2019-11-29 09:37 - 1647512368 _____ C:\Users\Jordi\Downloads\wetransfer-df1b14.zip
2019-11-28 17:59 - 2019-11-28 17:59 - 000159868 ____N C:\Users\Jordi\Documents\Centro de devoluciones.pdf
2019-11-28 10:58 - 2019-11-28 10:58 - 001970307 _____ C:\Users\Jordi\Downloads\SpitfireSymphonicWoodwinds_UserManual(1).pdf
2019-11-27 11:12 - 2019-11-27 11:12 - 056562808 _____ (BandLab) C:\Users\Jordi\Downloads\bandlab-assistant-windows-latest(3).exe
2019-11-27 11:06 - 2019-11-27 11:07 - 000000000 ____D C:\Program Files\Kontakt Portable 6.2

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-22 09:35 - 2018-08-17 15:40 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-22 09:34 - 2018-08-21 01:46 - 000000000 ____D C:\Users\Jordi\AppData\LocalLow\Mozilla
2019-12-22 09:33 - 2018-10-18 17:51 - 000000000 ____D C:\Users\Jordi\AppData\Roaming\USBSafelyRemove
2019-12-22 09:33 - 2018-08-21 01:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-22 09:33 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-22 00:51 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-12-22 00:51 - 2018-04-11 22:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-12-22 00:41 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-22 00:33 - 2018-08-21 01:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-20 22:40 - 2019-10-04 08:09 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-20 08:33 - 2018-04-12 17:19 - 000786502 _____ C:\WINDOWS\system32\perfh00A.dat
2019-12-20 08:33 - 2018-04-12 17:19 - 000155134 _____ C:\WINDOWS\system32\perfc00A.dat
2019-12-20 08:33 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-12-20 08:33 - 2016-04-27 07:09 - 001768672 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-20 08:31 - 2019-02-08 08:35 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-20 08:31 - 2019-02-08 08:35 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-20 08:31 - 2018-08-22 04:06 - 000000000 ____D C:\Users\Jordi\AppData\Local\ESET
2019-12-19 09:22 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-18 13:05 - 2018-08-20 21:50 - 000000000 ____D C:\Temp
2019-12-18 13:03 - 2018-12-15 10:23 - 000000000 ____D C:\Program Files (x86)\Steam
2019-12-18 13:03 - 2018-12-07 11:20 - 000000000 ____D C:\Users\Jordi\AppData\Roaming\MPC-HC
2019-12-18 13:03 - 2018-08-20 22:50 - 000000000 ____D C:\Users\Jordi\AppData\Local\CrashDumps
2019-12-18 13:03 - 2018-08-20 16:14 - 000000000 ___DC C:\WINDOWS\Panther
2019-12-18 13:03 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-12-18 01:36 - 2018-08-21 01:34 - 000000000 ____D C:\Users\Jordi
2019-12-18 00:33 - 2018-08-21 02:15 - 000000000 ____D C:\Program Files (x86)\WinRAR
2019-12-17 23:35 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-12-17 23:11 - 2018-08-21 11:53 - 000000000 ____D C:\Cakewalk Projects
2019-12-15 10:17 - 2019-02-08 08:35 - 000003622 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-15 10:17 - 2019-02-08 08:35 - 000003498 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-14 00:40 - 2018-08-21 12:31 - 000000000 ____D C:\Users\Jordi\AppData\Roaming\bandlab-assistant
2019-12-13 19:43 - 2018-08-21 12:41 - 000001917 _____ C:\Users\Public\Desktop\Cakewalk by BandLab.lnk
2019-12-12 13:47 - 2018-10-18 19:49 - 000000000 ____D C:\Program Files (x86)\Hard Disk Sentinel
2019-12-10 00:47 - 2018-09-21 13:17 - 000000000 ____D C:\Users\Jordi\Documents\Toontrack
2019-12-10 00:47 - 2018-09-21 13:17 - 000000000 ____D C:\ProgramData\Toontrack
2019-12-10 00:43 - 2018-09-26 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toontrack
2019-12-10 00:35 - 2019-09-03 15:52 - 000000000 ____D C:\Program Files (x86)\Toontrack
2019-12-10 00:35 - 2018-09-26 16:04 - 000000000 ____D C:\Program Files\Toontrack
2019-12-09 17:09 - 2018-11-22 22:19 - 000010240 _____ C:\Users\Jordi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-12-09 16:59 - 2018-10-23 16:20 - 000000000 ____D C:\ProgramData\XLN Audio
2019-12-09 16:49 - 2018-10-23 16:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XLN Audio
2019-12-09 16:48 - 2018-10-23 16:20 - 000000000 ____D C:\Program Files\XLN Audio
2019-12-05 09:34 - 2018-08-21 01:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-12-04 11:59 - 2018-08-21 01:46 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-12-04 10:13 - 2018-08-21 12:16 - 000000000 ____D C:\Users\Jordi\AppData\Roaming\Celemony Software GmbH
2019-12-04 09:58 - 2019-03-22 10:48 - 000000048 _____ C:\Users\Jordi\AppData\Roaming\msregsvv.dll
2019-12-04 09:58 - 2019-03-22 10:48 - 000000048 _____ C:\ProgramData\autobk.inc
2019-12-03 11:12 - 2019-03-22 10:09 - 000000000 ____D C:\Program Files\VstPlugIns
2019-12-03 11:12 - 2018-10-10 12:43 - 000000000 ____D C:\Program Files (x86)\VstPlugins
2019-12-03 11:12 - 2018-08-21 11:53 - 000000000 ____D C:\Program Files\Common Files\VST3
2019-12-03 11:12 - 2018-08-17 15:40 - 000000000 ____D C:\ProgramData\Package Cache
2019-11-28 17:59 - 2018-08-22 14:50 - 000000099 _____ C:\WINDOWS\wpd99.drv
2019-11-28 17:59 - 2018-08-22 14:50 - 000000000 ____D C:\ProgramData\pdf995
2019-11-28 14:44 - 2018-09-19 11:16 - 000000000 ____D C:\Users\Jordi\AppData\Local\Slowhand
2019-11-28 11:49 - 2019-05-28 15:01 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-28 11:49 - 2019-05-28 15:01 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-28 11:49 - 2019-05-28 15:01 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-28 11:49 - 2019-05-28 15:01 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-28 11:49 - 2018-08-21 01:36 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-28 11:49 - 2018-08-21 01:36 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-28 11:49 - 2018-08-21 01:36 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-28 11:49 - 2018-08-21 01:36 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-28 11:49 - 2018-08-21 01:36 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-28 11:49 - 2018-08-21 01:36 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-28 11:49 - 2018-08-17 15:42 - 000001443 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2019-11-28 11:49 - 2018-08-17 15:40 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-11-28 11:49 - 2018-08-17 15:39 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-11-28 11:49 - 2018-08-17 15:35 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-11-27 13:08 - 2018-09-25 10:56 - 000000000 ____D C:\Users\Jordi\AppData\Roaming\IrcamLab TS
2019-11-27 11:13 - 2018-08-21 12:31 - 000002437 _____ C:\Users\Jordi\Desktop\BandLab Assistant.lnk
2019-11-27 11:03 - 2018-08-22 14:29 - 000000000 ____D C:\Program Files\Common Files\Native Instruments
2019-11-25 22:09 - 2018-08-21 02:28 - 000000000 ____D C:\Users\Jordi\AppData\Roaming\GHISLER
2019-11-25 09:17 - 2018-08-21 01:36 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2386650303-937493529-1628659523-1001
2019-11-25 09:17 - 2018-08-21 01:34 - 000002397 _____ C:\Users\Jordi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-25 09:17 - 2018-08-17 15:24 - 000000000 ___RD C:\Users\Jordi\OneDrive

==================== Files in the root of some directories ========

2018-10-10 12:57 - 2018-10-10 12:57 - 002722286 _____ () C:\Program Files (x86)\Auto-Tune 8 Manual.pdf
2018-10-10 12:57 - 2018-10-10 12:57 - 000056051 _____ () C:\Program Files (x86)\VST PC Read Me.pdf
2019-04-08 09:23 - 2019-04-08 09:23 - 000000033 _____ () C:\Users\Jordi\AppData\Roaming\.pgbiasfx
2019-03-22 10:48 - 2019-12-04 09:58 - 000000048 _____ () C:\Users\Jordi\AppData\Roaming\msregsvv.dll
2019-05-09 15:43 - 2019-05-09 15:43 - 000000038 ___SH () C:\Users\Jordi\AppData\Local\3cf976315767f8122bb7d7.09207887
2018-11-22 22:19 - 2019-12-09 17:09 - 000010240 _____ () C:\Users\Jordi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-05-09 11:22 - 2019-05-09 11:22 - 000000017 _____ () C:\Users\Jordi\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt =======================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by Jordi (22-12-2019 09:39:09)
Running from C:\Users\Jordi\Desktop
Windows 10 Pro Version 1803 17134.345 (X64) (2018-08-21 00:36:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2386650303-937493529-1628659523-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2386650303-937493529-1628659523-503 - Limited - Disabled)
Invitado (S-1-5-21-2386650303-937493529-1628659523-501 - Limited - Disabled)
Jordi (S-1-5-21-2386650303-937493529-1628659523-1001 - Administrator - Enabled) => C:\Users\Jordi
WDAGUtilityAccount (S-1-5-21-2386650303-937493529-1628659523-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Disabled - Out of date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Disabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2C-Audio Aether (HKLM-x32\...\Aether) (Version:  - 2C-Audio)
2C-Audio B2 (HKLM-x32\...\B2) (Version:  - 2C-Audio)
2C-Audio Breeze (HKLM-x32\...\Breeze) (Version:  - 2C-Audio)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
A.O.M. A.O.M. Total Bundle (HKLM\...\A.O.M. Total Bundle_is1) (Version: 1.9.4 - A.O.M.)
Abbeyroadplugins EMI Brilliance Pack VST RTAS v1.0.6 (HKLM-x32\...\Abbeyroadplugins EMI Brilliance Pack VST RTAS_is1) (Version:  - )
Abbeyroadplugins EMI RS 124 Compressor VST RTAS v1.0.1 (HKLM-x32\...\Abbeyroadplugins EMI RS 124 Compressor_is1) (Version:  - )
Abbeyroadplugins EMI TG 12413 Limiter VST RTAS v2.0.1 (HKLM-x32\...\Abbeyroadplugins EMI TG 12413 Limiter VST RTAS_is1) (Version:  - )
Abbeyroadplugins EMI TG Mastering Pack VST RTAS v1.0.2 (HKLM-x32\...\Abbeyroadplugins EMI TG Mastering Pack VST RTAS_is1) (Version:  - )
Acon Digital DeVerberate (32 bit) 1.6.0 (HKLM-x32\...\{A0168B60-0FA2-45A7-8871-DD25B65E8B38}_is1) (Version: 1.6.0 - Acon AS)
Acon Digital DeVerberate (64 bit) 1.6.0 (HKLM\...\{458357DE-C14B-4FDE-B614-7862427596C4}_is1) (Version: 1.6.0 - Acon AS)
Acon Digital Equalize (32 bit) 2.0.3 (HKLM-x32\...\{1BA713B3-33E5-4837-943B-DD5039A0525C}_is1) (Version: 2.0.3 - Acon AS)
Acon Digital Equalize (64 bit) 2.0.3 (HKLM\...\{D53CF917-35F6-4781-894B-1B1C11A56789}_is1) (Version: 2.0.3 - Acon AS)
Actualización de NVIDIA 38.0.2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.2.0 - NVIDIA Corporation) Hidden
Acustica Audio D361A (HKLM-x32\...\D361A Win x64) (Version: 1.3.609.0 - Acustica Audio)
Acustica Audio D361A (HKLM-x32\...\D361A Win x86) (Version: 1.3.609.0 - Acustica Audio)
Acustica Audio EQP1 (HKLM-x32\...\EQP1 Win x64) (Version: 1.3.606.0 - Acustica Audio)
Acustica Audio EQP1 (HKLM-x32\...\EQP1 Win x86) (Version: 1.3.609.0 - Acustica Audio)
Acustica Audio NEO (HKLM-x32\...\NEO Win x64) (Version: 1.3.606.0 - Acustica Audio)
Acustica Audio NEO (HKLM-x32\...\NEO Win x86) (Version: 1.3.606.0 - Acustica Audio)
Acustica Audio SILKEQ (HKLM-x32\...\SILKEQ Win x64) (Version: 1.3.693.0 - Acustica Audio)
Acustica Audio SILKEQ (HKLM-x32\...\SILKEQ Win x86) (Version: 1.3.693.0 - Acustica Audio)
Acustica Audio STRADIPAD (HKLM-x32\...\STRADIPAD Win x64) (Version: 1.3.609.0 - Acustica Audio)
Acustica Audio STRADIPAD (HKLM-x32\...\STRADIPAD Win x86) (Version: 1.3.609.0 - Acustica Audio)
Acustica Audio TRINITYEQ (HKLM-x32\...\TRINITYEQ Win x64) (Version: 1.3.687.0 - Acustica Audio)
Acustica Audio TRINITYEQ (HKLM-x32\...\TRINITYEQ Win x86) (Version: 1.3.687.0 - Acustica Audio)
AcusticaAudio Nebula3 (HKLM-x32\...\Nebula3) (Version:  - )
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
AIR Music Technology Strike (HKLM-x32\...\AIR Music Technology Strike) (Version: 2.0.7 - AIR Music Technology)
AIR Music Technology Structure (HKLM-x32\...\AIR Music Technology Structure) (Version: 2.0.7 - AIR Music Technology)
Altiverb 7 Uninstaller (HKLM\...\{367662CA-394A-4095-9549-973FC3807B9B}_is1) (Version: 7.2 - Audio Ease BV)
Ample Bass Acoustic II version 2.4.0 (HKLM-x32\...\{50ECCCA1-A49C-40CA-85A3-37A13EC3FBA6}_is1) (Version: 2.4.0 - Ample Sound Technology Co., Ltd.)
Ample Bass J II Extension 1 (Pick) version 2.0.2 (HKLM-x32\...\{5527CC5B-2A8D-4042-9AEB-824E8EF8EFE2}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.)
Ample Bass J II version 2.4.0 (HKLM-x32\...\{04C42F03-37A2-481A-8D1B-9F03164B23CA}_is1) (Version: 2.4.0 - Ample Sound Technology Co., Ltd.)
Ample Bass P II version 2.6.5 (HKLM-x32\...\{1C181D3B-41B6-4714-AB59-91E18C5EE708}_is1) (Version: 2.6.5 - Ample Sound Technology Co., Ltd.)
Ample Bass Upright II version 2.6.5 (HKLM-x32\...\{A966F883-EEA9-407F-B2DA-B84722E28700}_is1) (Version: 2.6.5 - Ample Sound Technology Co., Ltd.)
Ample Ethno Ukulele version 1.5.5 (HKLM-x32\...\{F6D9F862-94D7-4DDD-AC3B-5F560312B508}_is1) (Version: 1.5.5 - Ample Sound Technology Co., Ltd.)
Ample Guitar F II version 2.4.0 (HKLM-x32\...\{26ABCDDF-80B4-409D-B169-400C54E6E1C0}_is1) (Version: 2.4.0 - Ample Sound Technology Co., Ltd.)
Ample Guitar G II Extension 1 (Both Pickup) version 2.0.2 (HKLM-x32\...\{CEFDB1D7-F4AE-42CD-A060-B923453056B0}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.)
Ample Guitar G II version 2.5.5 (HKLM-x32\...\{C5C4DE66-ACC5-4431-892B-A581516DF4DD}_is1) (Version: 2.5.5 - Ample Sound Technology Co., Ltd.)
Ample Guitar L II version 2.4.0 (HKLM-x32\...\{9563CAC5-81EB-43CF-8717-927ED1EB272A}_is1) (Version: 2.4.0 - Ample Sound Technology Co., Ltd.)
Ample Guitar M II Extension 1 (Pick) version 2.1.0 (HKLM-x32\...\Ample Guitar M II Extension 1 (Pick)_is1) (Version: 2.1.0 - Ample Sound Technology Co., Ltd.)
Ample Guitar M II version 2.5.5 (HKLM-x32\...\{DBBA77E4-611C-4633-AC13-96A6598AF746}_is1) (Version: 2.5.5 - Ample Sound Technology Co., Ltd.)
Ample Guitar M version 3.1.0 (HKLM-x32\...\{8DFC907C-D57F-490A-8392-E729A463CD97}_is1) (Version: 3.1.0 - Ample Sound Technology Co., Ltd.)
Ample Guitar P II Extension (Neck Pickup) version 2.0.2 (HKLM-x32\...\{3758B201-9310-4492-A8FA-003C2FD6BFA9}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.)
Ample Guitar P II version 2.4.0 (HKLM-x32\...\{5F4EB709-CBDD-4B9D-A733-5CD7FA3FF6E2}_is1) (Version: 2.4.0 - Ample Sound Technology Co., Ltd.)
Ample Guitar T II Extension 1 (Finger) version 2.1.0 (HKLM-x32\...\Ample Guitar T II Extension 1 (Finger)_is1) (Version: 2.1.0 - Ample Sound Technology Co., Ltd.)
Ample Guitar T II version 2.4.0 (HKLM-x32\...\{548F88E8-79D2-441F-B87B-E71754257651}_is1) (Version: 2.4.0 - Ample Sound Technology Co., Ltd.)
Ample Metal E II version 2.5.5 (HKLM-x32\...\{EB25BD61-6A67-41F1-BC7E-1AD08E3A539A}_is1) (Version: 2.5.5 - Ample Sound Technology Co., Ltd.)
Ample Metal Ray5 II version 2.6.0 (HKLM-x32\...\{3272F255-346F-4D4A-8E6D-9AD5D927D79A}_is1) (Version: 2.6.0 - Ample Sound Technology Co., Ltd.)
AmpliTube 3.11.2 (HKLM-x32\...\AMP3112_is1) (Version:  - IK Multimedia)
AmpliTube 4 version 4.8.2 (HKLM\...\{21B0C8E0-7EB7-4832-B764-20A7DAE86E02}_is1) (Version: 4.8.2 - IK Multimedia)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARIA Engine v1.9.3.3 (HKLM\...\ARIA Engine_is1) (Version: v1.9.3.3 - Plogue Art et Technologie, Inc)
Arturia Pigments (HKLM\...\Pigments_is1) (Version: 1.1.2 - Arturia)
Ashampoo Burning Studio 15 v.15.0.2 (HKLM-x32\...\{91B33C97-5B38-0A92-D04A-A0F26F3F87D4}_is1) (Version: 15.0.2 - Ashampoo GmbH & Co. KG)
Audiority Effects Plugin Bundle (HKLM\...\Audiority Effects Plugin Bundle_is1) (Version: v10.1 - ProgSound & Team V.R)
Band-in-a-Box DAW Plugin 1.14.2 (HKLM-x32\...\BIAB_Plugin_is1) (Version:  - PG Music Inc.)
Band-in-a-Box File Associations (HKLM-x32\...\BBAssociations_is1) (Version:  - PG Music Inc.)
Band-in-a-Box Server (HKLM-x32\...\BBServer_is1) (Version:  - PG Music Inc.)
BandLab Assistant 5.0.6 (HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\9b08bea4-021c-5f9d-a74e-ac0ceb51fb28) (Version: 5.0.6 - BandLab)
BandLab Assistant 5.1.1 (HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\{9b08bea4-021c-5f9d-a74e-ac0ceb51fb28}) (Version: 5.1.1 - BandLab)
BIAS Amp 2 (HKLM\...\BIAS AMP 2 Pack (64bit)_is1) (Version: 2.2.3.1303 - Positive Grid & Team V.R)
BIAS FX Plugins Pack (64bit) (HKLM\...\BIAS FX Plugins Pack (64bit)_is1) (Version: 1.6.4.3553 - Positive Grid & Team V.R)
Black Rooster Audio The ALL Bundle (HKLM\...\Black Rooster Audio The ALL Bundle_is1) (Version: 2.4.1 - Black Rooster Audio)
Blue Cat's All Plug-Ins Pack (HKLM\...\Blue Cat's All Plug-Ins Pack_is1) (Version: 2018.10 - Blue Cat Audio & Team V.R)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.32.75.1002 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cakewalk Boutique FX Suite (HKLM\...\SONAR Boutique FX Suite_is1) (Version: 1.0 - Cakewalk, Inc.)
Cakewalk by BandLab (HKLM\...\Cakewalk Core_is1) (Version: 25.09.0.70 - BandLab Singapore Pte Ltd.)
Cakewalk CA-2A Leveling Amplifier (HKLM\...\CA-2A Leveling Amplifier_is1) (Version: 2.0.1.112 - Cakewalk)
Cakewalk Drum Replacer (HKLM\...\Cakewalk Drum Replacer_is1) (Version: 1.2.0.14 - BandLab Singapore Pte Ltd.)
Cakewalk Engineering FX Suite (HKLM\...\SONAR Engineering FX Suite_is1) (Version: 1.0 - Cakewalk, Inc.)
Cakewalk LP EQ (HKLM\...\Cakewalk LP EQ_is1) (Version: 1.0 - Cakewalk, Inc.)
Cakewalk L-Phase Multiband Compressor (HKLM\...\L-Phase Multiband Compressor_is1) (Version: 1.0.3.84 - Cakewalk)
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
Celemony Melodyne 4 (HKLM\...\Melodyne 4_is1) (Version: 4.2.3.001 - Celemony)
Celemony Melodyne Studio 4 (HKLM\...\Melodyne Studio 4_is1) (Version: 4.1.1.011 - Celemony)
ComBear version 1.0.1 (HKLM\...\ComBear_is1) (Version: 1.0.1 - )
Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
CoyoteWT 1.3 (HKLM-x32\...\CoyoteWT_is1) (Version:  - Coyote Electronics Inc.)
CPUID CPU-Z 1.90 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.90 - CPUID, Inc.)
Custom Shop version 1.8.0 (HKLM-x32\...\{21BAD046-50EC-49E2-BE7B-F9729704F2C3}_is1) (Version: 1.8.0 - IK Multimedia)
Cytomic The Glue (HKLM\...\The Glue_is1) (Version: 1.3.19 - Cytomic)
Darbuka 1.0.0 (HKLM-x32\...\Darbuka_is1) (Version:  - Wizoo Sound Design GmbH)
dBpoweramp (HKLM-x32\...\dBpoweramp) (Version: Release 16.4 - Illustrate)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 418.91 - NVIDIA Corporation) Hidden
DMG Audio bundle (HKLM\...\DMGAudio Bundle_is1) (Version: 2018 - DMGAudio)
EaseUS Todo Backup Free 11.5 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 11.5 - CHENGDU YIWO Tech Development Co., Ltd)
Elevayta Extra Boy v4.91d VST (HKLM-x32\...\Elevayta Extra Boy v4.91d VST) (Version:  - )
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.11.3.1242 - Steinberg Media Technologies GmbH)
ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 11.2.49.0 - ESET, spol. s r.o.)
Eventide Anthology XI (HKLM\...\Anthology XI_is1) (Version: 1.0.1 - Eventide)
EZdrummer (HKLM-x32\...\{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}) (Version: 1.3.2 - Toontrack)
EZdrummer 2 64-bit (HKLM\...\{B9217824-0EBE-49C7-98A0-A76CC46BBB7D}) (Version: 2.0.0 - Toontrack)
EZDrummer 64-bit (HKLM\...\{80E801DB-5288-4447-AAC2-27F329B61C6E}) (Version: 1.3.2 - Toontrack)
EZkeys Complete Bundle 1.2.4 (HKLM\...\Toontrack EZkeys Complete-r4e_is1) (Version: 1.2.4 - Toontrack Music AB)
EZXAmericana (HKLM-x32\...\{7DB4839F-DFA6-49D2-907F-740CE65B2D10}) (Version: 1.0.0 - Toontrack)
EZXClaustrophobic (HKLM-x32\...\{8094F7AE-CA21-4AF2-A256-BC918CE0E796}) (Version: 1.0 - Toontrack)
EZXCocktail (HKLM-x32\...\{147567F0-8575-4BE0-B5B3-62706C67FA5A}) (Version: 1.0 - Toontrack)
EZXDfh (HKLM-x32\...\{DB1299AF-9EE0-422B-959E-F4171B2AE0F7}) (Version: 1.0 - Toontrack)
EZXElectronic (HKLM-x32\...\{238539DC-253F-401B-90F4-A928A98BC866}) (Version: 1.0.0 - Toontrack)
EZXFunkmasters (HKLM-x32\...\{BB5A44CB-3045-43E2-BEB0-B64E477D4633}) (Version: 1.0.0 - Toontrack)
EZXJazz (HKLM-x32\...\{EED8D44F-CEBB-4298-8D0E-E01AF6AC0663}) (Version: 1.0.0 - Toontrack)
EZXMetalHeads (HKLM-x32\...\{F4F365AB-BD66-4775-A36A-E3D8055873FD}) (Version: 1.0.0 - Toontrack)
EZXMetalMachine (HKLM-x32\...\{88A1D1DA-4327-4CAF-BA74-00D85D9353E8}) (Version: 1.0.0 - Toontrack)
EZXNashville (HKLM-x32\...\{82DF9225-13EC-41BD-BE31-AAB121B38166}) (Version: 1.0 - Toontrack)
EZXPercussion (HKLM-x32\...\{2CC4BC82-41CF-43D3-B533-7283AA8BB86F}) (Version: 1.0 - Toontrack)
EZXPop (HKLM-x32\...\{BAB8A154-19A1-4673-9E9D-CB5E08BFD28C}) (Version: 1.0.0 - Toontrack)
EZXTheClassic part1 (HKLM-x32\...\{C350D087-2ED2-40AB-BE41-75108D89D66C}) (Version: 1.0.0 - Toontrack)
EZXTheClassic part2 (HKLM-x32\...\{6F642D8C-FFC7-48D8-B4E5-77249FE56C7B}) (Version: 1.0.0 - Toontrack)
FabFilter Pro-L (HKLM\...\Pro-L_is1) (Version: 1.2.4 - FabFilter)
FabFilter Total Bundle (HKLM\...\Total Bundle_is1) (Version: 2018.02.22 - FabFilter)
Finale (HKLM\...\{6D47FD1D-8E36-4DD1-8D5F-4DB0A6049ED3}) (Version: 26.1.0.397 - MakeMusic)
Finale (HKLM\...\{A3136718-4D78-4CB1-AA03-B4BB03ED2FE1}) (Version: 26.0.1.655 - MakeMusic)
Finale (HKLM\...\{D260E3AD-F03E-41C4-BD6B-F4FCC634EFD7}) (Version: 25.4.0.144 - MakeMusic)
Flux Full Pack 2.2 (HKLM\...\Full Pack 2.2_is1) (Version: 3.5.29.46238 - Flux)
Flux IRCAM Tools 1.1 (HKLM\...\IRCAM Tools 1.1_is1) (Version: 3.5.29.46238 - Flux)
FXpansion BFD3 (HKLM-x32\...\FXpansion BFD3) (Version: 3.2.3 - FXpansion Audio UK Ltd)
Garritan ARIA Player v1.872 (HKLM\...\__ARIA_1012___is1) (Version: v1.872 - Garritan)
Garritan Instruments for Finale (HKLM\...\__ARIA_1013___is1) (Version: v2.0.0.4 - Garritan)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 5.30 - Janos Mathe)
Hetman Partition Recovery 2.8 (HKLM-x32\...\Hetman Partition Recovery) (Version:  - )
IK Multimedia Authorization Manager version 1.0.22 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.22 - IK Multimedia)
IrcamLab TS-1.0.11 (HKLM\...\{CCFC564A-FCC0-4E5D-9789-E254F0DB6502}_is1) (Version: 1.0.11 - IRCAM)
iZotope RX 3 (HKLM-x32\...\iZotope RX 3_is1) (Version: 3.02 - iZotope, Inc.)
iZotope Vocal Doubler (HKLM-x32\...\Vocal Doubler) (Version: 1.00 - iZotope, Inc.)
JW Bus Glue version 1.0.0 (HKLM\...\JW Bus Glue_is1) (Version: 1.0.0 - )
Kontakt Library Fix 2 (HKLM-x32\...\{8E55338D-4503-474F-A732-00BCBBFC5173}) (Version: 2.00.0000 - UbyXsofT)
LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Latigo 1.0.0 (HKLM-x32\...\Latigo_is1) (Version:  - Wizoo Sound Design GmbH)
LEVELS version 1.0 (HKLM\...\{07939B10-B999-4B4D-AC62-FA8891F93151}_is1) (Version: 1.0 - 29 Palms Ltd)
Lexicon MPX Native Reverb (HKLM\...\MPX Native Reverb_is1) (Version: 1.0.6 - Lexicon)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Massey VST Demos (Remove only) (HKLM-x32\...\Massey VST Demos) (Version:  - )
M-Audio FireWire Driver 6.0.1 (x64) (HKLM\...\{3C33BA1B-D447-41CF-A228-84DD499F6F61}) (Version: 6.0.1 - M-Audio)
MeldaProduction Audio Plugins 13 (HKLM-x32\...\MeldaProduction Audio Plugins 13) (Version:  - MeldaProduction)
Microsoft Office Professional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.4266.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Prerequisites (x64) (HKLM\...\{04BEC103-A388-41EE-BB49-1235FAAF883D}) (Version: 11.0.61030 - Blue Cat Audio)
Microsoft Visual C++ 2012 Prerequisites (x86) (HKLM-x32\...\{2F65108E-8DF7-47B9-8ECC-49BD3BC47AAB}) (Version: 11.0.61030 - Blue Cat Audio)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27027 (HKLM-x32\...\{fd9b6070-d13e-45dc-819b-41806bf45b6b}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27027 (HKLM-x32\...\{39e28474-b67b-4209-af1b-e9ad0a83d8ca}) (Version: 14.16.27027.1 - Microsoft Corporation)
MJUC version 1.2.0 (HKLM\...\MJUC_is1) (Version: 1.2.0 - )
MMFonts (HKLM-x32\...\{7564F180-CD44-4721-88FB-F88E7782D604}) (Version: 1.1.1.1 - MakeMusic, Inc.)
Mozilla Firefox 71.0 (x64 es-ES) (HKLM\...\Mozilla Firefox 71.0 (x64 es-ES)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.2 - Mozilla)
MusicLab RealStrat 5 (HKLM\...\RealStrat 5_is1) (Version: 5.0.0.7420 - MusicLab)
Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.1.0.20 - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.7.3.37 - Native Instruments)
Native Instruments Noire (HKLM-x32\...\Native Instruments Noire) (Version: 1.0.0.8 - Native Instruments)
Native Instruments Session Guitarist - Picked Acoustic (HKLM-x32\...\Native Instruments Session Guitarist - Picked Acoustic) (Version: 1.1.0.8 - Native Instruments)
Native Instruments Session Horns Pro (HKLM-x32\...\Native Instruments Session Horns Pro) (Version: 1.4.0.2 - Native Instruments)
Native Instruments Symphony Series String Ensemble (HKLM-x32\...\Native Instruments Symphony Series String Ensemble) (Version: 1.4.0.1 - Native Instruments)
Neuratron PhotoScore && NotateMe Ultimate Demo (HKLM-x32\...\Neuratron PhotoScore && NotateMe Ultimate Demo) (Version: 8.8.6 - Neuratron Ltd)
NF VST 32-bit Installer (HKLM-x32\...\NF VST 32-bit Installer1.0.3) (Version: 1.0.3 - Nomad Factory)
NF VST 64-bit Installer (HKLM-x32\...\NF VST 64-bit Installer1.0.3) (Version: 1.0.3 - Nomad Factory)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA Controlador de audio HD 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 431.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 431.60 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.1.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.1.57 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Overloud Mark Studio 2 (HKLM\...\Mark Studio 2_is1) (Version: 2.0.14 - Overloud)
Overture 5 (HKLM\...\{9F52D96D-E0CD-4466-A4BF-D054F5719758}) (Version: 5.5.4.2 - Sonic Scores)
Ozone Imager (HKLM-x32\...\Ozone Imager) (Version: 1.00 - iZotope, Inc.)
PACE License Support Win64 (HKLM\...\{531FDE0F-E243-4053-A424-CAA59DE84676}) (Version: 5.0.0.2401 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{531FDE0F-E243-4053-A424-CAA59DE84676}) (Version: 5.0.0.2401 - PACE Anti-Piracy, Inc.)
Panel de control de NVIDIA 431.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 431.60 - NVIDIA Corporation) Hidden
Pdf995 (HKLM-x32\...\Pdf995) (Version:  - )
PG Music DirectX Plugins (64-bit) 2.0.0.0 (HKLM\...\PG_DX_Plugins_64_is1) (Version:  - PG Music Inc.)
PG Music DirectX Plugins 2.0.0.0 (HKLM-x32\...\PG_DX_Plugins_is1) (Version:  - PG Music Inc.)
Plogue sforzando v1.933 (HKLM\...\__ARIA_1014___is1) (Version: v1.933 - Plogue)
Project CARS 2 Deluxe Edition MULTi12 - ElAmigos versión 6.0.0.0 (HKLM-x32\...\{F173EF88-7CE1-4B8E-AA28-3219DE599195}_is1) (Version: 6.0.0.0 - Bandai Namco Entertainment)
PSP Xenon (HKLM-x32\...\PSP Xenon) (Version: 1.5.1 - PSPaudioware.com)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
Registration Bonus Styles (HKLM-x32\...\BB_is1) (Version:  - PG Music Inc.)
SampleTank 3 version 3.7.2 (HKLM\...\{4A5CE684-33A5-4EE6-AB22-4B92D92D37D8}_is1) (Version: 3.7.2 - IK Multimedia)
Sibelius (HKLM\...\{9A99A7EA-856E-42FE-AECC-8C6A335D5E2E}) (Version: 19.5.0.1469 - Avid Technology)
Sibelius OpenType Fonts (HKLM-x32\...\{603AEE7A-6967-4CDB-8528-0CAC729A004B}) (Version: 18.6.0 - Avid)
Slowhand (HKLM-x32\...\{76FCAEE9-805A-4AC1-B4FB-37551274A0AA}) (Version: 1.3.03 - mmdesign)
SONAR Demo Projects (HKLM\...\SONAR Demo Projects_is1) (Version: 1.0 - Cakewalk, Inc.)
SONAR Help & Documentation (HKLM\...\SONAR Help & Documentation_is1) (Version: 1.0 - Cakewalk, Inc.)
SONAR Platinum (HKLM\...\SONAR Platinum_is1) (Version: 23.10 - Cakewalk, Inc.)
Sonic Reality Infinite Player (HKLM\...\{90b1bf8c-c01b-4e77-9b79-68bd9e9336c9}) (Version: 1.0.0.001 - Sonic Reality) Hidden
Sonic Reality Infinite Player (HKLM-x32\...\Sonic Reality Infinite Player) (Version:  - Sonic Reality)
SOUND FORGE Pro 12.1 (x64) (HKLM\...\{60C7CECF-93D3-11E8-9B8E-408D5CC672F4}) (Version: 12.1.170 - MAGIX)
SSD Sampler (HKLM-x32\...\SSD4) (Version: 1.1 - Yellow Matter Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg Content Updater (HKLM-x32\...\{23BAFE62-0AF0-4D71-98C2-47286139DC45}) (Version: 4.0.0 - Steinberg Media Technologies GmbH)
Steinberg Download Assistant (HKLM-x32\...\Steinberg Download Assistant) (Version: 1.14.7 - Steinberg Media Technologies GmbH)
Steinberg eLicenser Antitrial (HKLM\...\eLicenser Antitrial_is1) (Version: 1.16.1.3 - Steinberg & Team V.R)
Steinberg Generic Lower Latency ASIO Driver 64bit (HKLM\...\{16D5A798-10BE-4FF3-BB71-54C012CD0D7D}) (Version: 1.0.11 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent 5 (HKLM\...\{3A97C8A6-8CC0-4AF2-B32B-DD0334338580}) (Version: 5.0.10 - Steinberg Media Technologies GmbH)
Steinberg HALion 6 (HKLM\...\{B4A47381-CC40-4EAD-BE05-143396A70B34}) (Version: 6.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALion 6 Content (HKLM-x32\...\{E6049779-021E-40FD-8C4C-C2A21F9417B5}) (Version: 1.0.0 - Steinberg Media Technologies GmbH) Hidden
Steinberg HALion Content (HKLM-x32\...\{7FAD0A52-EAA8-4197-BC9D-30E08EC879A5}) (Version: 4.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Content Registration (HKLM-x32\...\{D3BC09D3-55D7-424D-9B7B-5CAF1C6113FD}) (Version: 1.0.0 - Steinberg Media Technologies GmbH) Hidden
Steinberg HALion Sonic 2 Content (HKLM-x32\...\{C50D4628-6064-443C-B154-5A5B780874C2}) (Version: 2.0.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic 3 (HKLM\...\{7AA3E2A4-8568-41B0-BAB6-13CDB5047DE6}) (Version: 3.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic Content (HKLM-x32\...\{1AA20A3E-B833-4309-9155-8A15D479D46F}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg Library Manager (HKLM\...\{AA78592A-F13C-4C8E-B849-7A398001FA7F}) (Version: 3.0.17 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg The Grand VSTi DXi v2.1.0 (HKLM-x32\...\Steinberg The Grand VSTi DXi_is1) (Version:  - )
Steinberg Virtual Guitarist (HKLM-x32\...\Virtual Guitarist) (Version:  - )
Steinberg Virtual Guitarist Electric Edition (HKLM-x32\...\Virtual Guitarist Electric Edition) (Version:  - )
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Superior Drummer 3 64-bit (HKLM\...\{534C9464-965B-4C8B-BE69-45AE8E10560E}) (Version: 3.0.3 - Toontrack)
SWAM Cello (HKLM\...\{B14D58DE-C4EF-4ECD-9C10-BE60BB30D920}_is1) (Version: 2.0.1 - Audio Modeling & Team V.R)
SWAM Clarinets (HKLM\...\{785AA5E4-EC05-4343-93BD-823858B06084}_is1) (Version: 2.8.1 - Audio Modeling & Team V.R)
SWAM DoubleBass (HKLM\...\{EDEFFBE4-13DE-4F43-8D7A-359CE12D271D}_is1) (Version: 2.0.1 - Audio Modeling & Team V.R)
SWAM DoubleReeds (HKLM\...\{375422E9-F52E-444A-90A6-0099FC9A38B7}_is1) (Version: 2.8.1 - Audio Modeling & Team V.R)
SWAM Flutes (HKLM\...\SWAM Flutes_is1) (Version: 2.8.1 - Audio Modeling & Team V.R)
SWAM Soprano Sax (HKLM\...\{CC1FF87D-C278-44F8-AAEB-951825BEBBC0}_is1) (Version: 2.7.0 - Audio Modeling & Team V.R)
SWAM The Saxophones version 1.1.1 64bit (HKLM\...\{6A85AE8B-8674-4014-A976-6C7727B585E4}_is1) (Version: 1.1.1 64bit - Samplemodeling)
SWAM Viola (HKLM\...\{4E364A28-92BE-4790-A0ED-7CEFCF47B9FA}_is1) (Version: 2.0.1 - Audio Modeling & Team V.R)
teVirtualMIDI64 (HKLM\...\{300D1BB9-FA9E-40EA-ADD8-934D5066F6D5}) (Version: 1.2.11.41 - Tobias Erichsen)
TGTools Pro 3.00rc3 (HKLM\...\TGTools Pro V3_is1) (Version: 3.00.13 - Super Flexible Software)
The Witcher 3 Wild Hunt MULTi13 - ElAmigos versión 1.31 (HKLM-x32\...\{BF679CAD-FE6D-4CBE-9E99-D7193809207A}_is1) (Version: 1.31 - CD PROJEKT RED)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
Two Worlds II Castle Defense (HKLM-x32\...\1207661843_is1) (Version: 2.1.0.9 - GOG.com)
Two Worlds II Velvet Edition (HKLM-x32\...\1207661833_is1) (Version: 2.1.0.24 - GOG.com)
UltraISO Premium V9.52 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Universal Control (HKLM\...\Universal Control) (Version: 3.1.1.54569 - PreSonus Audio Electronics, Inc)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{A6F2ADC4-12C4-41E8-B90B-3BE018F5787C}) (Version: 2.48.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
USB Flash Drive Format Tool 1.0 (HKLM\...\USB Flash Drive Format Tool_is1) (Version:  - Rogosoft Corporation)
USB Safely Remove 6.1 (HKLM-x32\...\USB Safely Remove_is1) (Version:  - SafelyRemove.com)
UsbFix Anti-Malware Premium (HKLM-x32\...\Usbfix) (Version: 11.0.2.3 - SOSVirus (SOSVirus.Net))
Valhalla DSP Valhalla Plate (HKLM\...\Valhalla Plate_is1) (Version: 1.5.0.25 - Valhalla DSP)
Valhalla DSP Valhalla Room (HKLM\...\Valhalla Room_is1) (Version: 1.5.1 - Valhalla DSP)
Valhalla DSP Valhalla Shimmer (HKLM\...\Valhalla Shimmer_is1) (Version: 1.0.4 - Valhalla DSP)
Valhalla DSP Valhalla VintageVerb (HKLM\...\Valhalla VintageVerb_is1) (Version: 1.7.1 - Valhalla DSP)
Virtual Floppy Software (remove only) (HKLM-x32\...\Virtual Floppy Software) (Version:  - )
Voxengo bundle 2019.5 (HKLM\...\Voxengo bundle_is1) (Version: 2019.5 - Voxengo)
Voxengo GlissEQ (HKLM\...\Voxengo GlissEQ_is1) (Version: 3.10 - Voxengo)
Voxengo Sound Delay (HKLM\...\Voxengo Sound Delay_is1) (Version: 1.7 - Voxengo)
W735EQ (HKLM-x32\...\W735EQ) (Version:  - AITB)
Wave Arts Tube Saturator (HKLM-x32\...\TubeSaturator) (Version:  - )
Wave Arts Tube Saturator Vintage (HKLM-x32\...\Wave Arts Tube Saturator Vintage) (Version: 1.05 - Wave Arts)
WaveLab 6 (HKLM-x32\...\WaveLabPro) (Version: 6.1.1.353 - Steinberg)
Waves Complete (HKLM\...\Complete_is1) (Version: 2018.07.23 - Waves)
WhatsApp (HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\WhatsApp) (Version: 0.3.9308 - WhatsApp)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
X Codec Pack (HKLM\...\X Codec Pack) (Version: 2.7.2 - X Codec Pack team)
Xfer Serum 1.07b4 (HKLM\...\Xfer Serum_is1) (Version:  - )
XLN Audio Addictive Drums 2 (HKLM\...\Addictive Drums 2_is1) (Version: 2.1.7 - XLN Audio)
XLN Audio Addictive Keys (HKLM\...\Addictive Keys_is1) (Version: 1.1.8 - XLN Audio)
Youlean Loudness Meter 2 (HKLM\...\Loudness Meter 2_is1) (Version: 2.0.2 - Youlean)

Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.154.400.0_x86__kgqvnymyfvs32 [2019-12-10] (king.com)
Complemento de teléfono de Microsoft -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-08-20] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-17] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Teléfono Microsoft -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-10] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-12] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-12-25] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-12] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-12-25] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-12-25] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-07-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-12] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [1679360 2013-04-05] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Jordi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.2\Useful links\Download Codecs & Tools.lnk -> hxxp://www.codecs.com
Shortcut: C:\Users\Jordi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.2\Useful links\Talk about Codecs.lnk -> hxxp://codecs.com/foru
Shortcut: C:\Users\Jordi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.2\Useful links\X Codec Pack homepage.lnk -> hxxp://www.xpcodecpack.com

==================== Loaded Modules (Whitelisted) =============

2019-10-17 17:11 - 2019-10-17 17:11 - 004904448 _____ () [File not signed] C:\Program Files\PreSonus\Universal Control\ipp.dll
2019-08-02 14:12 - 2019-08-02 14:12 - 018891264 _____ () [File not signed] C:\Program Files\PreSonus\Universal Control\SmaartFactory_x64.dll
2019-08-02 14:03 - 2019-08-02 14:03 - 001834496 _____ () [File not signed] C:\Program Files\PreSonus\Universal Control\vectorlib.dll
2018-08-22 14:50 - 2012-04-26 13:51 - 000040448 _____ () [File not signed] C:\WINDOWS\System32\pdf995mon64.dll
2019-06-03 14:46 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-10-17 17:23 - 2019-10-17 17:23 - 000059904 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\avdecc.dll
2019-10-17 17:14 - 2019-10-17 17:14 - 005623808 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\cclgui.dll
2019-10-17 17:17 - 2019-10-17 17:17 - 000696832 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\cclnet.dll
2019-10-17 17:15 - 2019-10-17 17:15 - 001127424 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\cclsecurity.dll
2019-10-17 17:13 - 2019-10-17 17:13 - 001281024 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\cclsystem.dll
2019-10-17 17:13 - 2019-10-17 17:13 - 000485376 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\ccltext.dll
2019-10-17 17:12 - 2019-10-17 17:12 - 000013824 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\cclwinrt.dll
2019-10-17 17:23 - 2019-10-17 17:23 - 000352768 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\atomdevice.dll
2019-10-17 17:21 - 2019-10-17 17:21 - 000484352 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\audioboxdevice.dll
2019-10-17 17:22 - 2019-10-17 17:22 - 000113664 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\faderportdevice.dll
2019-10-17 17:23 - 2019-10-17 17:23 - 000769024 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\firewiredevice.dll
2019-10-17 17:21 - 2019-10-17 17:21 - 002878464 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\quantumdevice.dll
2019-10-17 17:15 - 2019-10-17 17:15 - 000661504 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\Plugins\asioservice.dll
2019-10-17 17:25 - 2019-10-17 17:25 - 023194112 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\Plugins\studiolivepanel.dll
2019-10-17 17:23 - 2019-10-17 17:23 - 000637440 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\Plugins\ucnetmonitor.dll
2019-10-17 17:17 - 2019-10-17 17:17 - 000596480 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\Plugins\windowsmidi.dll
2019-10-17 17:17 - 2019-10-17 17:17 - 000228352 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\ucnet.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Config32:D_Time [5]
AlternateDataStreams: C:\ProgramData\Config32:reg [47]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2019-12-03 11:13 - 000001011 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.r2rdownload.com
127.0.0.1 www.elephantafiles.com
127.0.0.1 www.r2rdownload.net
127.0.0.1 www.swamengine.com
127.0.0.1 www.overloud.com
0.0.0.0 www.meldaproduction.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2386650303-937493529-1628659523-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2E44233E-209D-45D9-B864-2C4670C7CF37}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7BFBA720-1D95-4525-B156-B8B3688E0258}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{14B72FE8-BD0B-468D-A504-9382BC214F0C}] => (Allow) C:\bb\BBHelper\BandinaBoxServer.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [{977D3449-66F7-4567-9E29-62B0FDBC7928}] => (Allow) C:\bb\BBHelper\BandinaBoxServer.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [{15E049BF-05D7-4781-8FB2-BCFAE6584F8F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{26393EFD-12C8-4695-BBDA-42B6BBF2BF4D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{708D9E67-DC6E-4070-8666-2996F3764F43}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1ECB22BE-97F1-4A04-B6D0-65A951F3E41F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DF709DB0-CA8A-4B1D-8F27-9F78B84ED58C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1898CAEE-5CC5-4318-B62D-066CF0034900}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7C45B844-9B4C-45A5-BD3C-9442F936E2EE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C70A6D82-2CF1-45C4-9AEA-37D851F9433B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8853D3D5-91DE-4B0F-9C23-333D6DAFF569}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9DE0C2D1-F5D2-47CA-954F-EECE56A76A13}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AF23C4CA-EFC0-4495-A406-CB86B5DFAD6A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{5E019860-A2F7-4A9F-A761-4B604FB65855}C:\program files\sound forge\sound forge pro 12.0\sfvstserver.exe] => (Allow) C:\program files\sound forge\sound forge pro 12.0\sfvstserver.exe (MAGIX Software GmbH -> MAGIX Software GmbH)
FirewallRules: [UDP Query User{AA5B14DC-5733-4BE6-9DBA-B5AD9F198AAD}C:\program files\sound forge\sound forge pro 12.0\sfvstserver.exe] => (Allow) C:\program files\sound forge\sound forge pro 12.0\sfvstserver.exe (MAGIX Software GmbH -> MAGIX Software GmbH)
FirewallRules: [{D0D2987F-D921-475D-8057-CCCAB3EBDE1D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A1FFCFB9-941F-41C7-8508-9CEE481E4FE8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D5DFDDB0-86D8-4FAD-84A5-E42127E15330}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{B48BFF59-EA6A-405F-9F00-A2BA7D63F36A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{68D0458A-ABD5-4E85-B81D-27B48D28ECF5}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{F7A1FD76-BA87-47CF-987F-DCC221A9D087}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8D6CE2C5-749B-42CD-866B-D6D5B36E5178}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{AB9758A6-B094-4229-8BF6-B7FECDDE8882}C:\program files\cakewalk\cakewalk core\cakewalk.exe] => (Allow) C:\program files\cakewalk\cakewalk core\cakewalk.exe (BandLab Singapore Pte Ltd. -> BandLab Singapore Pte Ltd.)
FirewallRules: [UDP Query User{FEEF83B1-1C7D-43D2-A9AB-B609373DD058}C:\program files\cakewalk\cakewalk core\cakewalk.exe] => (Allow) C:\program files\cakewalk\cakewalk core\cakewalk.exe (BandLab Singapore Pte Ltd. -> BandLab Singapore Pte Ltd.)
FirewallRules: [{EBEA068F-E80B-46E5-B5BA-0BACDC7A8EE5}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{19EC4903-20DD-4D00-A97E-59CAC11E9226}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{A593A5B0-9C1E-4223-8EE3-2E628E6DAB5D}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{865A2FA1-34C0-44E3-A450-D74BA538C69D}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{7CB0539F-4697-4FF6-B6E9-6D96E2FA4E24}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{F1868719-589E-4F7A-B4A9-7B4EB93B16CB}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{03542AEE-A324-4BDD-95FA-E7832271B32D}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [TCP Query User{2264DF64-1ECB-4445-BDF9-FF93390B151B}C:\program files\cakewalk\shared utilities\vstscan.exe] => (Block) C:\program files\cakewalk\shared utilities\vstscan.exe (BandLab Singapore Pte Ltd. -> BandLab Singapore Pte Ltd.)
FirewallRules: [UDP Query User{EF9F39FE-8373-40E8-8EBB-BE84DAE726EF}C:\program files\cakewalk\shared utilities\vstscan.exe] => (Block) C:\program files\cakewalk\shared utilities\vstscan.exe (BandLab Singapore Pte Ltd. -> BandLab Singapore Pte Ltd.)
FirewallRules: [{5542B4F7-7D97-43EB-86A0-86814618ECA1}] => (Allow) C:\bb\Data\Installers\BBHelper\BandinaBoxServer.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [{15BA5611-0E47-46D1-8947-47EC18D36188}] => (Allow) C:\bb\Data\Installers\BBHelper\BandinaBoxServer.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [{3AEDC767-E52E-4C54-A4BB-003659A80465}] => (Allow) C:\Program Files\PreSonus\Universal Control\Universal Control.exe (PreSonus) [File not signed]
FirewallRules: [{FCDCDA43-DD92-4EE5-BAB5-50CD95083DB5}] => (Allow) C No File
FirewallRules: [TCP Query User{757F83F8-C892-4508-ACAA-B5A88EC86305}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{195FB5B9-9975-4C45-8919-95A8AFD6C24C}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{8D0371B9-471F-46B4-8D0C-01A92EBAF29B}C:\users\jordi\appdata\local\programs\bandlab-assistant\bandlab assistant.exe] => (Allow) C:\users\jordi\appdata\local\programs\bandlab-assistant\bandlab assistant.exe (BandLab Singapore Pte Ltd. -> BandLab)
FirewallRules: [UDP Query User{2471692E-B69F-4247-98A2-D4DA7F5352C5}C:\users\jordi\appdata\local\programs\bandlab-assistant\bandlab assistant.exe] => (Allow) C:\users\jordi\appdata\local\programs\bandlab-assistant\bandlab assistant.exe (BandLab Singapore Pte Ltd. -> BandLab)
FirewallRules: [{71755DE3-E0D0-4BB1-AA8A-59875298A8FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C7D758CC-6B00-4609-84BB-9ABC79BFCA1D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0D5307F1-0CB4-48B0-96DC-23DBC00829E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E8E5D804-0093-47C5-A691-B70F5E283D01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AD86511C-D950-406B-AE34-42E771063538}] => (Allow) C:\Program Files\Cakewalk\Shared Utilities\StartPage\CakewalkStartScreen.exe (BandLab Singapore Pte Ltd. -> BandLab Singapore Pte Ltd.)
FirewallRules: [{1119E4BD-024D-4D8A-A176-17DAB4C56573}] => (Allow) C:\Program Files\Cakewalk\Shared Utilities\StartPage\CakewalkStartScreen.exe (BandLab Singapore Pte Ltd. -> BandLab Singapore Pte Ltd.)
FirewallRules: [{D224346E-D1A9-48CF-9D03-5626574AB2EB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

12-12-2019 13:57:25 Punto de control programado
15-12-2019 12:11:38 Installed Kontakt Library Fix.

==================== Faulty Device Manager Devices ============

Name: PHL 273V5 (NVIDIA High Definition Audio)
Description: Extremo de audio
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================


Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-22 09:38:43.493
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-22 09:37:07.214
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-22 09:37:07.213
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-22 09:36:42.983
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-22 09:36:42.982
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-22 09:36:40.784
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-22 09:36:40.783
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. P1.40 06/25/2012
Motherboard: ASRock X79 Extreme6
Processor: Intel(R) Core(TM) i7-3820 CPU @ 3.60GHz
Percentage of memory in use: 11%
Total physical RAM: 32720.16 MB
Available physical RAM: 28800.09 MB
Total Virtual: 37584.16 MB
Available Virtual: 33271.5 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.84 GB) (Free:113.47 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (LIBRERIA) (Fixed) (Total:1371.73 GB) (Free:198.25 GB) NTFS
Drive f: (SAMPLERS) (Fixed) (Total:1422.79 GB) (Free:86.28 GB) NTFS
Drive g: (LIBRERIA2) (Fixed) (Total:1863.01 GB) (Free:49.61 GB) NTFS
Drive h: (HD H) (Fixed) (Total:1863.01 GB) (Free:78.14 GB) NTFS
Drive i: (HD I) (Fixed) (Total:1863.01 GB) (Free:101.04 GB) NTFS
Drive j: (HD J) (Fixed) (Total:1863.01 GB) (Free:102 GB) NTFS
Drive k: (BACKUP2014) (Fixed) (Total:1863.01 GB) (Free:34.65 GB) NTFS
Drive m: (HD M) (Fixed) (Total:931.51 GB) (Free:17.98 GB) NTFS
Drive n: () (Removable) (Total:57.64 GB) (Free:55.17 GB) FAT32

\\?\Volume{796f39ee-0000-0000-0000-203674000000}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS
\\?\Volume{796f39ee-0000-0000-0000-805474000000}\ () (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 149D2D86)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: C67C2563)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Size: 2794.5 GB) (Disk ID: 98543DF5)

Partition: GPT.

==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 796F39EE)
Partition 1: (Active) - (Size=464.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=485 MB) - (Type=27)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 73484ACD)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 5 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 3A5DDB01)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 6 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: DB4E6622)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 7 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 22A0E9E7)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 8 (Size: 57.7 GB) (Disk ID: 69737369)
No partition Table on disk 8.

==================== End of Addition.txt =======================
Application errors:
==================
Error: (12/22/2019 09:37:18 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Waves\SoundGrid Studio\SoundGrid Studio.exe". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Waves\SoundGrid Studio\Modules\Modules.MANIFEST" en la línea 8.
La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
La referencia es Modules,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
La definición es Modules,processorArchitecture="x86",type="win32",version="1.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (12/22/2019 09:35:48 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Waves\SoundGrid Studio\SoundGrid Studio.exe". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Waves\SoundGrid Studio\Modules\Modules.MANIFEST" en la línea 8.
La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
La referencia es Modules,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
La definición es Modules,processorArchitecture="x86",type="win32",version="1.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (12/22/2019 09:35:46 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" en la línea 1.
La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
La referencia es UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
La definición es UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (12/22/2019 09:33:43 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Waves\SoundGrid Studio\SoundGrid Studio.exe". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Waves\SoundGrid Studio\Modules\Modules.MANIFEST" en la línea 8.
La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
La referencia es Modules,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
La definición es Modules,processorArchitecture="x86",type="win32",version="1.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (12/20/2019 09:51:23 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Waves\SoundGrid Studio\SoundGrid Studio.exe". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Waves\SoundGrid Studio\Modules\Modules.MANIFEST" en la línea 8.
La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
La referencia es Modules,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
La definición es Modules,processorArchitecture="x86",type="win32",version="1.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (12/20/2019 08:27:35 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Waves\SoundGrid Studio\SoundGrid Studio.exe". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Waves\SoundGrid Studio\Modules\Modules.MANIFEST" en la línea 8.
La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
La referencia es Modules,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
La definición es Modules,processorArchitecture="x86",type="win32",version="1.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (12/19/2019 09:24:06 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows no puede cargar el archivo DLL del contador extensible rdyboost. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error de Windows.

Error: (12/19/2019 09:24:06 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Waves\SoundGrid Studio\SoundGrid Studio.exe". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Waves\SoundGrid Studio\Modules\Modules.MANIFEST" en la línea 8.
La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
La referencia es Modules,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
La definición es Modules,processorArchitecture="x86",type="win32",version="1.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.


System errors:
=============
Error: (12/22/2019 09:34:11 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio RasMan depende del servicio SstpSvc, el cual no pudo iniciarse debido al siguiente error: 
La operación se completó correctamente.

Error: (12/20/2019 08:35:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (12/20/2019 08:35:37 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Jordi\AppData\Local\Temp\ehdrv.sys

Error: (12/20/2019 08:35:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (12/20/2019 08:35:36 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Jordi\AppData\Local\Temp\ehdrv.sys

Error: (12/20/2019 08:35:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (12/20/2019 08:35:36 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Jordi\AppData\Local\Temp\ehdrv.sys

Error: (12/20/2019 08:35:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador


Windows Defender:
===================================
Date: 2019-05-09 11:57:05.172
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: NT Authority\System
Nombre de proceso: System
Versión de firma: AV: 1.293.1102.0, AS: 1.293.1102.0, NIS: 1.293.1102.0
Versión de motor: AM: 1.1.15900.4, NIS: 1.1.15900.4

Date: 2019-05-09 11:57:05.104
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: NT Authority\System
Nombre de proceso: System
Versión de firma: AV: 1.293.1102.0, AS: 1.293.1102.0, NIS: 1.293.1102.0
Versión de motor: AM: 1.1.15900.4, NIS: 1.1.15900.4

Date: 2019-05-09 11:47:44.455
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.293.1102.0, AS: 1.293.1102.0, NIS: 1.293.1102.0
Versión de motor: AM: 1.1.15900.4, NIS: 1.1.15900.4

Date: 2019-05-09 11:47:40.892
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.293.1102.0, AS: 1.293.1102.0, NIS: 1.293.1102.0
Versión de motor: AM: 1.1.15900.4, NIS: 1.1.15900.4

Date: 2019-05-09 11:47:09.443
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: NT AUTHORITY\Servicio de red
Nombre de proceso: C:\Windows\System32\svchost.exe
Versión de firma: AV: 1.293.1102.0, AS: 1.293.1102.0, NIS: 1.293.1102.0
Versión de motor: AM: 1.1.15900.4, NIS: 1.1.15900.4

Date: 2019-05-09 11:57:09.174
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.293.1102.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15900.4
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2019-05-06 10:42:20.546
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.293.664.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15900.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-05-06 10:42:20.546
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.293.664.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15900.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-05-06 10:42:20.545
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.293.664.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15900.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-05-06 10:42:20.532
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.293.664.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15900.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

CodeIntegrity:
===================================

Date: 2019-12-22 09:38:43.494

Puedo comprobar el pendrive? o espero a tu respuesta de los ultimos reportes? Tambien comentarte, que este pendrive me ha ido siempre bien, hace mas de tres años que lo uso, y todo el problema de ese archivo empezo cuando pase carpetas de un dispositivo ketron para reproducir midifiles y pistas de audio de un amigo. eso fue hace dos semanas, nunca antes me habia entrado un virus asi en mi ordenador.

Aun no.

Ese Pendrive es lo que infecto tu equipo.


Ademas cambiaste el orden del reporte de Addition, puedes dividirlo pero respetando el orden, o mejor adjuntalo completo al tema, con el Método 4 de la Guia:

Salu2

Addition.txt (71,6 KB) Hola ya pegue el txt aqui, muchas gracias, espero tu respuesta. Feliz Navidad y saludos.

1 me gusta

Hola @JAL2000

Sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Desactiva Temporalmente tu antivirus.

3.- Abre un nuevo archivo Notepad/Bloc de Notas y copia y pega este contenido:

Start
CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\MountPoints2: {9c6a3cdc-b600-11e8-a9d2-bc5ff4202a67} - "I:\Autorun.exe" 
HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\MountPoints2: {ca838e5b-b437-11e9-aab7-9d87e92199ff} - "D:\setup_vmc_lite.exe" /checkApplicationPresence
GroupPolicy: Restriction ? <==== ATTENTION
Task: {5EFB72E1-A993-47A9-BFB7-DADB97975864} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Jordi\Downloads\esetonlinescanner_esn.exe [8162616 2019-12-20] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {C8D513CE-DA0C-40D2-884F-D594632E651B} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Jordi => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [5445120 2018-07-17] (H.D.S. Hungary) [File not signed]
Task: {DB9B2E6F-7F08-4B34-8685-B07C2AFB07D1} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Jordi\Downloads\esetonlinescanner_esn.exe [8162616 2019-12-20] (ESET, spol. s r.o. -> ESET spol. s r.o.)
S3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2330224 2018-07-12] (ESET, spol. s r.o. -> ESET)
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u https://activation.paceap.com/InitiateActivation [X]
2019-12-20 22:34 - 2019-12-22 00:45 - 000000000 ____D C:\KVRT_Data
2019-12-20 22:34 - 2019-12-20 22:34 - 179094968 _____ (AO Kaspersky Lab) C:\Users\Jordi\Downloads\KVRT.exe
2019-12-20 08:31 - 2019-12-20 08:31 - 008162616 _____ (ESET spol. s r.o.) C:\Users\Jordi\Downloads\esetonlinescanner_esn.exe
2019-12-20 08:31 - 2019-12-20 08:31 - 000000769 _____ C:\Users\Jordi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2019-12-20 08:31 - 2019-12-20 08:31 - 000000670 _____ C:\Users\Jordi\Desktop\ESET Online Scanner.lnk
2019-12-18 00:49 - 2019-12-18 00:56 - 000000000 ____D C:\ProgramData\RogueKiller
2019-12-18 00:49 - 2019-12-18 00:49 - 037028920 _____ C:\Users\Jordi\Downloads\RogueKiller_portable64.exe
2019-12-18 00:16 - 2019-12-18 00:17 - 002953520 _____ (AVAST Software) C:\Users\Jordi\Downloads\avast-browser-cleanup.exe
2019-12-04 17:43 - 2019-12-04 17:43 - 000011101 _____ C:\Users\Jordi\Downloads\ge27877.mid
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
AlternateDataStreams: C:\ProgramData\Config32:D_Time [5]
AlternateDataStreams: C:\ProgramData\Config32:reg [47]


CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Prueba tu USB revisa que hay adentro, puedes tomarnos una imagen y subirla si es que se ven reiterados los archivos del sistema.

Nos comentas .

Salu2.

Fixlog.txt (13,2 KB)

Buenos dias, he abierto la carpeta del usb y el archivo exe sigue estando ahi.

Hola @JAL2000

Intentaste eliminarlo manualmente y ver si se vuelve a generar, pero desde el Modo Seguro?


Prueba también formatear el Pendrive desde CMD, debes hacerlo con mucha atención y no confundir tu unidad de disco:

https://es.easeus.com/partition-manager-tips/format-usb-flash-drive-using-cmd.html

Salu2

Hola. Intente borralo desde el modo seguro y se crean todas las carpetas de nuevo. Intente formatear siguiendo los pasos desde Cmd y en el paso: create partiton primary, me sale este mensaje: mensaje disk part pendrive.txt (608 Bytes) No obstante igualmente consegui formatearlo pero siguen apareciendo las carpetas y archivos. Tambien puse el lapiz en un portatil completamente nuevo y limpio y pobe a borrar desde alli y lo mismo. Ese portatil no ha estado en contacto ni con los otros ordenadores ni con el lapiz anteriormente. Saludos.

Hola y con permiso. :+1:

Solo entro para haceros un comentario. :face_with_raised_eyebrow:

Es muy probable que ese USB este dañado, :angry: yo tengo todavía guardado(por NO tirarlo y desde hace años) un USB con ese mismo problema. :-1:

Las memorias USB son elementos muy delicados, cualquier pequeña caida/golpe o incluso por mala calidad del producto pueden provocar que se deterioren con facilidad.

Y una vez dañados, por mucho que queramos eliminar/borrar o formatearlos seguiremos viendo que el contenido del USB sigue siendo el mismo.

Incluso podemos intentar eliminar/formatear el USB desde un entorno distinto a Windows como puede ser un LiveCD y el resultado será el mismo.

Puedes probar a usar un LiveCD como este que te pongo para desde el eliminar los archivos y verificar SI una vez eliminados y despues de desconectar el USB y volverlo a a conectar siguen apareciendo. :thinking:

:arrow_right: ¿Cómo puedo salvar mis archivos si en mi PC NO arranca el sistema? o ¿Cómo hacer un Livecd.?

Sigan ustedes y FELICES FIESTAS. :champagne: :clinking_glasses:

Saludos.

1 me gusta

Gracias Javier voy a probar, pero el enlace que me pusiste de Livecd esta caido. Felices fiestas y saludos.

Hola @JAL2000

Revisa de nuevo pinchando en el enlace, porque acabo de probarlo y me ha funcionado, :thinking: puede que fuese un problema puntual. :face_with_raised_eyebrow:

Dinos si has podido acceder de nuevo. :+1:

De todas maneras, un comentario, en este manual basicamente se explica como crear un LiveCD y luego usarlo para poder salvar los archivos del disco duro de un equipo que NO arranca o NO deja acceder al contenido del mismo.

En TU caso el uso NO sería para lo mismo, pero el uso del LiveCD, bien sea con este o cualquier otro que tu prefieras, te puede permitir valorar SI el problema es por una infección o por un problema físico de daño del USB.

Saludos.

Pues clico donde pone aqui: :1: Nos descargamos una .iso desde Aquí Y me manda a una pagina quw pone 404: Page not found Saludos y gracias por tu ayuda.

Ahhhh… entendido, :roll_eyes: pensé que te referias al tema principal nuestro y era el enlace a la descarga de Ubuntu. :+1:

Ya la tienes modificada, que la habían cambiado. :face_with_raised_eyebrow:

Saludos.

Buenos dias solo quiero aportar que me paso lo mismo intentaba formatear , lo eliminaba y mis archivos seguian ahi , intente con el cmd tampoco intente desde linux y nada , le pase antivirus todos lo que hay en el mercado y nada , ningun antivirus detecta bicho , tambien pense que el usb que lo habia prestado le habian puesto en modo lectura entre al cmd y lo desactive e intente formatear y nada seguia igual yo creo en lo personal que ese debe ser algun problema del pendrive en mi casa ya bote el usb jijij espero que les ayude

1 me gusta

Efectivamente… USB para tirarlo a la basura. :-1:

Saludos.

Hola, gracias a todos por la ayuda, finalmente doy por hecho que el pen esta dañado. Por lo que creo que ya se puede cerrar este hilo. Una vez mas gracias y feliz año nuevo. Saludos. Jordi

Hola @JAL2000

Buen Año!!

Tema Terminado

Para otros problemas, ya sabes donde encontrarnos…:+1:

Salu2.