Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05.2019
Ran by Juan (22-05-2019 12:05:09)
Running from E:\DIRECTORIO PRINCIPAL\DESCARGAS\FIREFOX
Windows 7 Home Premium Service Pack 1 (X64) (2019-04-14 09:56:50)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-2258397178-3295816786-390305721-500 - Administrator - Disabled)
Invitado (S-1-5-21-2258397178-3295816786-390305721-501 - Limited - Disabled)
Juan (S-1-5-21-2258397178-3295816786-390305721-1000 - Administrator - Enabled) => C:\Users\Juan
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Acer eDisplay Management (HKLM-x32\...\{A586DC50-B18D-48FB-B7CC-A598200457C2}) (Version: 1.20.011 - Portrait Displays, Inc.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe Photoshop CS6 versión 13.0.1 (HKLM-x32\...\{A724DC44-6241-42D3-BA57-778B178ABC17}_is1) (Version: 13.0.1 - Adobe Systems, Inc.)
Advanced RAR Repair v1.2 (HKLM-x32\...\Advanced RAR Repair v1.2) (Version: - )
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
Avast Driver Updater (HKLM-x32\...\{8804140C-3144-4075-9526-1C662E26CA17}) (Version: 2.5.5 - AVAST Software) Hidden
Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
AvastAntiTrackPremium (HKLM-x32\...\AvastAntiTrackPremium) (Version: 1.2.2.21060 - Avast)
CCleaner (HKLM\...\CCleaner) (Version: 5.57 - Piriform)
CDDRV_Installer (HKLM-x32\...\{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}) (Version: 1.00.0000 - Logitech) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Diagnostic Utility (HKLM-x32\...\{7236672F-6430-439E-9B27-27EDEAF1D676}) (Version: 1.00.0000 - Realtek)
FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
Freemake Video Converter versión 4.1.6 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.6 - Ellora Assets Corporation)
Galería de fotos (HKLM-x32\...\{F7314CA2-F900-46D7-9EA1-FBDD9D73F765}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Glary Utilities PRO 5.118 (HKLM-x32\...\Glary Utilities 5) (Version: 5.118.0.143 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Software básico del dispositivo (HKLM\...\{0F694DB2-773D-44A8-B4CF-8AA3056DE318}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HybridReverb2 (HKLM-x32\...\{9EBB34E3-C29E-49A8-A95F-C61F3108D37F}_is1) (Version: - Christian Borß)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
KhalInstallWrapper (HKLM\...\{9B1A8F3D-8059-43FB-A7AE-4F2C21F0AAF2}) (Version: 4.00.121 - Logitech) Hidden
Logitech SetPoint (HKLM-x32\...\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}) (Version: 4.00 - Logitech)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0C0A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2258397178-3295816786-390305721-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{F25C8769-16B6-4B19-BB0B-76F213829AC6}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Music Recorder (HKLM-x32\...\{94A4AE85-9F1D-4687-953F-38371C9D1A4F}) (Version: 18.009.0 - Nero AG) Hidden
Nero 2017 (HKLM-x32\...\{6B81BDC4-3368-4898-8F16-48962F789221}) (Version: 18.0.06100 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 18.0.0010 - Nero AG)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Pivot Software (HKLM-x32\...\{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}) (Version: 8.21.013 - Portrait Displays, Inc.) Hidden
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) Hidden
Prerequisite installer (HKLM-x32\...\{EB511CD1-C87C-490D-A7B1-D6C47F57820F}) (Version: 18.0.0003 - Nero AG) Hidden
Realtek AC'97 Audio (HKLM-x32\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: 5.36 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.006 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 2.28 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version: - )
Revo Uninstaller Pro 4.0.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.0.5 - VS Revo Group, Ltd.)
Right Click Image Converter 1.0.0.0 (HKLM-x32\...\Right Click Image Converter 1.0.0.0) (Version: - )
SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 2.05.004 - Portrait Displays, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SmartDefender (HKLM-x32\...\{A58CAEF6-D78F-4E0C-8598-ECD5901F4AC2}) (Version: 1.0.0.0 - Vondos Media GmbH)
Spotify (HKU\S-1-5-21-2258397178-3295816786-390305721-1000\...\Spotify) (Version: 1.1.6.113.gb388fe17 - Spotify AB)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1034 - SUPERAntiSpyware.com)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.2.8352 - TeamViewer)
TunesKit Spotify Converter 1.5.0.525 (HKLM-x32\...\TunesKit Spotify Converter_is1) (Version: - TunesKit, Inc.)
UltraISO Premium V9.62 (HKLM-x32\...\UltraISO_is1) (Version: - )
VEGAS Pro 16.0 (HKLM\...\{0ABBD080-A716-11E8-974B-00155D6302F2}) (Version: 16.0.261 - VEGAS)
VIA Administrador de dispositivos de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{3F7D70F3-381C-4136-8BBA-358322578EF8}) (Version: 14.0.8050.1202 - Microsoft Corporation)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2258397178-3295816786-390305721-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2258397178-3295816786-390305721-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Juan\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2258397178-3295816786-390305721-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Juan\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2258397178-3295816786-390305721-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Juan\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2258397178-3295816786-390305721-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Juan\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Juan\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-16] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Juan\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-16] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Juan\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-16] (Mega Limited -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Juan\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-16] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Juan\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-16] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Juan\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-16] (Mega Limited -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-11] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Juan\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-16] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-11] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Juan\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-16] (Mega Limited -> )
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3-x32: [FAExt] -> {05672D66-9736-42F5-8BEB-FA1DD3CA51C4} => C:\Program Files (x86)\FileASSASSIN\FileASSASSINExt.dll [2007-03-30] (Malwarebytes) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Juan\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-16] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Juan\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-16] (Mega Limited -> )
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-11] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) ==============
2019-04-14 16:00 - 2008-06-04 16:59 - 000237568 _____ () [File not signed] C:\Program Files (x86)\Common Files\Portrait Displays\drivers\di2c.dll
2019-04-14 16:00 - 2008-06-04 16:58 - 000098304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Portrait Displays\drivers\vista.dll
2019-04-14 16:00 - 2008-06-06 10:42 - 000114688 _____ () [File not signed] C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe
2019-04-14 16:00 - 2004-05-11 14:51 - 000798720 _____ () [File not signed] C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\LIBEAY32.dll
2019-04-14 15:59 - 2004-11-17 15:49 - 004603904 _____ () [File not signed] C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\qt-mt332.dll
2019-04-14 16:00 - 2004-05-11 14:51 - 000155648 _____ () [File not signed] C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\SSLEAY32.dll
2019-04-14 16:00 - 2008-06-06 10:40 - 000077824 _____ () [File not signed] C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\CC\gui.dll
2019-04-14 15:59 - 2008-06-06 10:40 - 000069632 _____ () [File not signed] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
2019-04-14 15:59 - 2008-06-06 10:39 - 000102400 _____ () [File not signed] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll
2019-04-14 16:00 - 2007-02-09 11:16 - 000245760 _____ () [File not signed] C:\Program Files (x86)\Portrait Displays\Pivot Software\winphook.dll
2019-04-14 16:21 - 2007-04-23 03:00 - 000077824 _____ () [File not signed] C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
2017-09-10 21:51 - 2017-09-10 21:51 - 000798208 _____ () [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\libsodium.dll
2016-02-18 04:16 - 2016-02-18 04:16 - 023927296 _____ (FFmpeg Project) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\avcodec-57.dll
2016-02-18 04:16 - 2016-02-18 04:16 - 006306816 _____ (FFmpeg Project) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\avformat-57.dll
2016-02-18 04:16 - 2016-02-18 04:16 - 000599552 _____ (FFmpeg Project) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\avutil-55.dll
2016-02-18 04:16 - 2016-02-18 04:16 - 000287232 _____ (FFmpeg Project) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\swresample-2.dll
2016-02-18 04:16 - 2016-02-18 04:16 - 000513024 _____ (FFmpeg Project) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\swscale-4.dll
2019-02-21 21:00 - 2019-02-21 21:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-04-14 15:55 - 2000-01-01 01:00 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2019-04-14 16:00 - 2007-02-09 11:15 - 000372736 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Portrait Displays\Pivot Software\ijl15.dll
2019-04-14 15:59 - 2001-06-01 08:26 - 000372736 _____ (Intel Corporation) [File not signed] C:\Windows\ijl15.dll
2007-04-23 03:00 - 2007-04-23 03:00 - 000620032 _____ (Logitech Inc.) [File not signed] C:\Program Files\Common Files\Logitech\KhalShared\KhalApi.dll
2007-04-23 03:00 - 2007-04-23 03:00 - 000518656 _____ (Logitech Inc.) [File not signed] C:\Program Files\Common Files\Logitech\KhalShared\KHALHID.DLL
2007-04-23 03:00 - 2007-04-23 03:00 - 000636928 _____ (Logitech Inc.) [File not signed] C:\Program Files\Common Files\Logitech\KhalShared\KHALHPP.DLL
2007-04-23 03:00 - 2007-04-23 03:00 - 000348672 _____ (Logitech Inc.) [File not signed] C:\Program Files\Common Files\Logitech\KhalShared\KHALITCH.DLL
2007-04-23 03:00 - 2007-04-23 03:00 - 000551936 _____ (Logitech Inc.) [File not signed] C:\Program Files\Common Files\Logitech\KhalShared\KHALMOU.DLL
2007-04-23 03:00 - 2007-04-23 03:00 - 000402944 _____ (Logitech Inc.) [File not signed] C:\Program Files\Common Files\Logitech\KhalShared\KHALMW.DLL
2007-04-23 03:00 - 2007-04-23 03:00 - 000506368 _____ (Logitech Inc.) [File not signed] C:\Program Files\Common Files\Logitech\KhalShared\KHALUSB.DLL
2019-04-14 17:21 - 2007-04-23 03:00 - 000049152 _____ (Logitech Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\GameHook.dll
2019-04-14 17:21 - 2007-04-23 03:00 - 000011776 _____ (Logitech Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\IMHook.dll
2019-04-14 17:21 - 2007-04-23 03:00 - 000097792 _____ (Logitech Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\kgame.dll
2019-04-14 17:21 - 2007-04-23 03:00 - 000059904 _____ (Logitech Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\lgscroll.dll
2019-04-14 17:21 - 2007-04-23 03:00 - 001443328 _____ (Logitech Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\Macros\MacroCore.dll
2019-04-14 17:21 - 2007-04-23 03:00 - 001041920 _____ (Logitech Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\SetPoint.exe
2019-04-14 17:21 - 2007-04-23 03:00 - 000033280 _____ (Logitech Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\SetPointCOM.dll
2019-04-14 17:21 - 2007-04-23 03:00 - 000334336 _____ (Logitech Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\WebBrowserSupport.dll
2019-04-14 16:21 - 2007-04-23 03:00 - 000013824 _____ (Logitech Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\x86\AdobeHookDll.dll
2019-04-14 16:21 - 2007-04-23 03:00 - 000014336 _____ (Logitech Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\x86\AOLHookDll.dll
2019-04-14 16:21 - 2007-04-23 03:00 - 000057344 _____ (Logitech Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\x86\GameHook.dll
2019-04-14 16:21 - 2007-04-23 03:00 - 000012288 _____ (Logitech Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\x86\HookDll.dll
2019-04-14 16:21 - 2007-04-23 03:00 - 000010240 _____ (Logitech Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\x86\IMHook.dll
2019-04-14 16:21 - 2007-04-23 03:00 - 000015360 _____ (Logitech Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\x86\KEMHook.dll
2019-04-14 16:21 - 2007-04-23 03:00 - 000045568 _____ (Logitech Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\x86\lgscroll.dll
2019-04-14 16:21 - 2007-04-23 03:00 - 000069632 _____ (Logitech Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\x86\MessengerHook.dll
2019-04-14 17:21 - 2007-04-23 03:00 - 000228864 _____ (Logitech Inc.) [File not signed] C:\Windows\system32\kemutb.dll
2019-04-14 17:21 - 2007-04-23 03:00 - 000218112 _____ (Logitech Inc.) [File not signed] C:\Windows\system32\KemUtil.dll
2019-04-14 17:21 - 2007-04-23 03:00 - 000152064 _____ (Logitech Inc.) [File not signed] C:\Windows\system32\KemWnd.dll
2019-04-14 17:21 - 2007-04-23 03:00 - 000072192 _____ (Logitech Inc.) [File not signed] C:\Windows\system32\KemXML.dll
2019-04-14 16:00 - 2002-01-05 02:40 - 000487424 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Portrait Displays\Pivot Software\MSVCP70.dll
2019-04-14 16:00 - 2002-01-05 02:37 - 000344064 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Portrait Displays\Pivot Software\MSVCR70.dll
2019-04-14 15:59 - 2002-01-05 04:48 - 000974848 _____ (Microsoft Corporation) [File not signed] C:\Windows\mfc70.dll
2019-04-14 15:59 - 2002-01-05 03:40 - 000487424 _____ (Microsoft Corporation) [File not signed] C:\Windows\MSVCP70.dll
2019-05-05 21:15 - 2019-05-05 21:15 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.DLL
2019-05-05 21:15 - 2019-05-05 21:15 - 001654784 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2019-04-14 15:59 - 2008-06-06 10:42 - 000324096 _____ (Portrait Displays, Inc) [File not signed] C:\Program Files (x86)\Acer Display\eDisplay Management\DTHtml.exe
2019-04-14 16:00 - 2008-06-04 16:59 - 000110592 _____ (Portrait Displays, Inc.) [File not signed] C:\Program Files (x86)\Common Files\Portrait Displays\drivers\pdi_nv2.dll
2019-04-14 16:00 - 2008-06-04 16:59 - 000090112 _____ (Portrait Displays, Inc.) [File not signed] C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
2019-04-14 16:00 - 2008-06-04 16:59 - 000204800 _____ (Portrait Displays, Inc.) [File not signed] C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\WrapI2C.dll
2019-04-14 16:00 - 2008-06-06 10:40 - 000114688 _____ (Portrait Displays, Inc.) [File not signed] C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\CC\colorcal.dll
2017-09-10 20:08 - 2017-09-10 20:08 - 000061952 _____ (The c-ares library, hxxps://c-ares.haxx.se/) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\cares.dll
2017-10-10 00:33 - 2019-04-16 09:33 - 000275456 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\libcurl.dll
2017-09-11 00:51 - 2019-04-16 09:33 - 001374208 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\LIBEAY32.dll
2017-09-11 00:51 - 2019-04-16 09:33 - 000337920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\SSLEAY32.dll
2017-09-14 07:37 - 2017-09-14 07:37 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\imageformats\qgif.dll
2017-09-14 07:42 - 2017-09-14 07:42 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\imageformats\qicns.dll
2017-09-14 07:37 - 2017-09-14 07:37 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\imageformats\qico.dll
2017-09-14 07:37 - 2017-09-14 07:37 - 000245760 _____ (The Qt Company Ltd) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\imageformats\qjpeg.dll
2017-09-14 07:42 - 2017-09-14 07:42 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\imageformats\qsvg.dll
2017-09-14 07:42 - 2017-09-14 07:42 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\imageformats\qtga.dll
2017-09-14 07:42 - 2017-09-14 07:42 - 000316416 _____ (The Qt Company Ltd) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\imageformats\qtiff.dll
2017-09-14 07:42 - 2017-09-14 07:42 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\imageformats\qwbmp.dll
2017-09-14 07:42 - 2017-09-14 07:42 - 000322560 _____ (The Qt Company Ltd) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\imageformats\qwebp.dll
2017-09-14 07:37 - 2017-09-14 07:37 - 001010688 _____ (The Qt Company Ltd) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\platforms\qwindows.dll
2017-09-25 15:30 - 2017-09-25 15:30 - 004641792 _____ (The Qt Company Ltd) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\Qt5Core.dll
2017-09-14 07:32 - 2017-09-14 07:32 - 005016576 _____ (The Qt Company Ltd) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\Qt5Gui.dll
2017-09-14 07:30 - 2017-09-14 07:30 - 000851968 _____ (The Qt Company Ltd) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\Qt5Network.dll
2017-09-14 07:42 - 2017-09-14 07:42 - 000255488 _____ (The Qt Company Ltd) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\Qt5Svg.dll
2017-09-14 07:35 - 2017-09-14 07:35 - 004433920 _____ (The Qt Company Ltd) [File not signed] C:\Users\Juan\AppData\Local\MEGAsync\Qt5Widgets.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2019-04-16 11:39 - 000001319 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.0 keystone.mwbsys.com
0.0.0.0 telemetry.malwarebytes.com
127.0.0.1 23.74.204.49
127.0.0.1 2.20.235.247
127.0.0.1 216.58.214.40
127.0.0.1 151.101.12.143
127.0.0.1 66.117.29.4
127.0.0.1 63.140.41.167
127.0.0.1 13.80.12.54
127.0.0.1 239.255.255.250
127.0.0.1 23.74.204.49
127.0.0.1 2.20.235.247
127.0.0.1 216.58.214.40
127.0.0.1 151.101.12.143
127.0.0.1 66.117.29.4
127.0.0.1 63.140.41.167
127.0.0.1 13.80.12.54
127.0.0.1 239.255.255.250
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-2258397178-3295816786-390305721-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Juan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A1D5AADA-D050-4509-BB0D-B353E6BAAD4E}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{ACDE9771-16DD-4612-80B5-819CEBA93325}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{48FE6AEB-E05E-47F1-A778-31FA593CC210}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\StartNBR.exe (Nero AG -> Nero AG)
FirewallRules: [{51521F42-F464-4E17-BE66-D520B5A61372}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\NMDllHost.exe (Nero AG -> Nero AG)
FirewallRules: [{CA59ABF7-D544-4E53-84ED-20D640D377C2}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\MediaHome.exe (Nero AG -> Nero AG)
FirewallRules: [{31F394D8-E162-4817-B63B-344680E3994D}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\nero.exe (Nero AG -> Nero AG)
FirewallRules: [{1C604646-2587-4582-B55E-FC6C8BB48D6A}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{44EBE161-F3E7-4E50-9333-6B51588D86C5}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{3F1D6068-29B9-4D7F-A7A1-E487AD210F37}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{01BF5A83-F8FD-4ADE-8090-D792C3147052}C:\users\juan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\juan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{5D5891E7-BF91-40E6-AF85-8F148F55DDB6}C:\users\juan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\juan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A57582FD-4C3B-4B80-9FBD-9C77C2BC297A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{1B709241-36B3-4CA3-B01B-CF8C02D71181}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{2F0D12BB-F1B1-462B-B15F-34C7D78C6E49}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{613152B3-0548-4765-835C-50476A2108DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{D46A99D3-F81B-4C43-A5CC-38CC6686B5EC}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{860D9482-139E-4AFB-8C99-08821D0FC2C9}] => (Allow) C:\Users\Juan\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6C7AF063-FB12-4012-BC26-60692892FC2E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5DF2D761-2A4D-4849-B34A-AC4A963B616D}] => (Allow) LPort=2869
FirewallRules: [{4B5B60E2-A3F7-4F69-A1E5-99C532E1B2CF}] => (Allow) LPort=1900
FirewallRules: [{024D3983-A9A9-4E4E-A0CD-C62D3D22CACF}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CAAC6A76-31E5-40AF-9CE3-C0104CEF9238}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
==================== Restore Points =========================
16-05-2019 11:32:45 Windows Update
22-05-2019 11:42:50 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
22-05-2019 11:43:50 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/22/2019 11:41:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (05/22/2019 10:05:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AUDIODG.EXE, versión: 6.1.7601.24435, marca de tiempo: 0x5caa0ceb
Nombre del módulo con errores: VIASysFx.dll, versión: 1.0.0.0, marca de tiempo: 0x4c59383d
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000005dc9e
Id. del proceso con errores: 0x42c
Hora de inicio de la aplicación con errores: 0x01d5107d2b797d48
Ruta de acceso de la aplicación con errores: C:\Windows\system32\AUDIODG.EXE
Ruta de acceso del módulo con errores: C:\Windows\system32\VIASysFx.dll
Id. del informe: c0745598-7c70-11e9-b3eb-50465da21e3b
Error: (05/22/2019 10:04:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (05/22/2019 08:40:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AUDIODG.EXE, versión: 6.1.7601.24435, marca de tiempo: 0x5caa0ceb
Nombre del módulo con errores: VIASysFx.dll, versión: 1.0.0.0, marca de tiempo: 0x4c59383d
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000005dc9e
Id. del proceso con errores: 0x43c
Hora de inicio de la aplicación con errores: 0x01d510712d2cd894
Ruta de acceso de la aplicación con errores: C:\Windows\system32\AUDIODG.EXE
Ruta de acceso del módulo con errores: C:\Windows\system32\VIASysFx.dll
Id. del informe: e97b54a4-7c64-11e9-bdf1-50465da21e3b
Error: (05/22/2019 08:38:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (05/21/2019 02:51:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (05/21/2019 02:49:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AUDIODG.EXE, versión: 6.1.7601.24435, marca de tiempo: 0x5caa0ceb
Nombre del módulo con errores: VIASysFx.dll, versión: 1.0.0.0, marca de tiempo: 0x4c59383d
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000005dc9e
Id. del proceso con errores: 0x41c
Hora de inicio de la aplicación con errores: 0x01d50fdc076b2f6c
Ruta de acceso de la aplicación con errores: C:\Windows\system32\AUDIODG.EXE
Ruta de acceso del módulo con errores: C:\Windows\system32\VIASysFx.dll
Id. del informe: 51f0bc1b-7bcf-11e9-95c3-50465da21e3b
Error: (05/21/2019 09:57:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
System errors:
=============
Error: (05/22/2019 11:42:43 AM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1.
Error: (05/22/2019 11:42:42 AM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1.
Error: (05/22/2019 11:42:42 AM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1.
Error: (05/22/2019 11:42:41 AM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1.
Error: (05/22/2019 11:42:41 AM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1.
Error: (05/22/2019 11:40:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio EIO no pudo iniciarse debido al siguiente error:
Se ha bloqueado la descarga de este controlador
Error: (05/22/2019 11:40:32 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \??\C:\Windows\SysWow64\drivers\EIO.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.
Error: (05/22/2019 10:03:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio EIO no pudo iniciarse debido al siguiente error:
Se ha bloqueado la descarga de este controlador
Windows Defender:
===================================
Date: 2019-04-29 11:13:53.996
Description:
Windows Defender encontró un error al intentar actualizar el motor.
Nueva versión de motor:1.1.15900.4
Versión de motor anterior:1.1.6402.0
Origen de actualización:Usuario
Usuario:NT AUTHORITY\SYSTEM
Código de error:0x8050800c
Descripción de error:Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico.
CodeIntegrity:
===================================
Date: 2019-05-22 12:00:11.131
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2019-05-22 11:53:04.978
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2019-05-22 11:53:04.541
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2019-05-22 11:51:19.568
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2019-05-22 11:42:16.215
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2019-05-22 10:11:02.556
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2019-05-22 10:09:57.917
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2019-05-22 10:09:13.541
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\ViaKaraokeApo.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 0703 08/24/2012
Motherboard: ASUSTeK COMPUTER INC. P8B75-M LE
Processor: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz
Percentage of memory in use: 45%
Total physical RAM: 7865.74 MB
Available physical RAM: 4252.8 MB
Total Virtual: 15729.62 MB
Available Virtual: 12163.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:488.93 GB) (Free:302.95 GB) NTFS
Drive e: (E: Disco externo) (Fixed) (Total:931.51 GB) (Free:503.85 GB) NTFS
Drive j: (Juan) (Fixed) (Total:442.49 GB) (Free:441.83 GB) NTFS
\\?\Volume{971352ff-5e99-11e9-bac9-806e6f6e6963}\ () (Fixed) (Total:0.09 GB) (Free:0.08 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: AB49EE94)
Partition 1: (Active) - (Size=100 MB) - (Type=0B)
Partition 2: (Not Active) - (Size=488.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=442.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 0011235A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================