Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.11.2018 Ran by Rodrigo (15-11-2018 19:05:05) Running from C:\Users\Rodrigo\Desktop Windows 10 Pro Version 1803 17134.407 (X64) (2018-05-13 16:05:30) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-831344084-618549190-190986482-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-831344084-618549190-190986482-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-831344084-618549190-190986482-1002 - Limited - Enabled) Invitado (S-1-5-21-831344084-618549190-190986482-501 - Limited - Enabled) Rodrigo (S-1-5-21-831344084-618549190-190986482-1000 - Administrator - Enabled) => C:\Users\Rodrigo WDAGUtilityAccount (S-1-5-21-831344084-618549190-190986482-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) ACP Application (HKLM\...\{E6BFB568-3E16-88DA-E73B-0CADE8ED8F59}) (Version: 2016.0811.0433.30 - Advanced Micro Devices, Inc.) Hidden Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.148 - Adobe Systems Incorporated) AIMP (HKLM-x32\...\AIMP) (Version: v4.11.1841, 09.10.2016 - AIMP DevTeam) Amazon Drive (HKU\S-1-5-21-831344084-618549190-190986482-1000\...\Amazon Drive) (Version: 3.5.1.46 - Amazon.com, Inc.) Amazon Music (HKU\S-1-5-21-831344084-618549190-190986482-1000\...\Amazon Amazon Music) (Version: 4.3.0.1330 - Amazon Services LLC) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.) Application Profiles (HKLM-x32\...\{E3775B1D-1BA5-8DAC-8960-8CF8E2C6FAC8}) (Version: 2.0.6094.16647 - Advanced Micro Devices, Inc.) Hidden ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach) BioShock Infinite (HKLM-x32\...\BioShock Infinite_is1) (Version: BioShock Infinite - ) Borderlands - Game of The Year Edition (HKLM-x32\...\Borderlands - Game of The Year Edition_is1) (Version: - ) calibre 64bit (HKLM\...\{7A345D03-2C46-4483-855B-01C7C320600F}) (Version: 3.31.0 - Kovid Goyal) Call of Duty Black Ops III (HKLM-x32\...\Call of Duty Black Ops III_is1) (Version: Call of Duty Black Ops III - ) Camtasia Studio 8 (HKLM-x32\...\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}) (Version: 8.6.0.2054 - TechSmith Corporation) Catalyst Control Center Next Localization BR (HKLM\...\{8EA6D9EE-82A2-2B4C-EA1D-F449DEAC6F0C}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (HKLM\...\{375D6BD5-577A-70EF-DBD1-7F405D028342}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (HKLM\...\{7AE459C1-0A62-C57B-5749-86507E6B4E52}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (HKLM\...\{CD6B59FE-DBB9-CD4E-8E02-4B0EB114E22C}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (HKLM\...\{080DCC1F-C2C2-5542-105F-33C3D6303884}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (HKLM\...\{B0F9AEFC-A0FC-6D86-D7AB-C9E71953F2B4}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (HKLM\...\{B6DBC7C8-D000-3A91-8FA7-8C43AD1501CD}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (HKLM\...\{ABCF7621-B546-0848-C74A-95130C740B3C}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (HKLM\...\{A269F289-72CC-A76E-B7A4-5E85163648E3}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (HKLM\...\{25DD4861-CAA6-0BFC-4EDB-E81F3E2DD1C7}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (HKLM\...\{F31E95EB-E13B-3FEB-4635-66FFE25C5F38}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (HKLM\...\{7DF7698C-846A-1FBC-B545-8906C8F16CBC}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (HKLM\...\{983C7CED-4F22-9EC3-1420-1F75958BC5CA}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (HKLM\...\{97BC4B8D-B414-3286-1F61-66C43F846121}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (HKLM\...\{0D2ED4CA-7A0E-3EEA-AA59-D2CE6916940C}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (HKLM\...\{94302429-CE67-29C6-8D64-C1945A475A0F}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (HKLM\...\{83262E35-D259-F6AA-22A8-878342B7DCB8}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (HKLM\...\{8B884E0E-18C2-C163-4338-0FC41B04DAA2}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (HKLM\...\{8F200427-5414-603D-90C0-D58EA83487AF}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (HKLM\...\{1D07D55E-EB4C-5355-423A-19002C4BB847}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (HKLM\...\{CF31C87C-B952-8CDB-8D89-2F50B46C17EF}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform) CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version: - dvd8n) CoolSoft VirtualMIDISynth 1.12.1 (HKLM-x32\...\CoolSoft VirtualMIDISynth) (Version: 1.12.1.0 - CoolSoft) CyberLink PowerDVD 16 (HKLM-x32\...\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}) (Version: 16.0.1713.60 - CyberLink Corp.) eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: - Steinberg Media Technologies GmbH) Encore 5 (HKLM-x32\...\{5A06BC95-C59E-438D-AA8D-A97690AD628C}) (Version: 1.0.0 - GVOX) EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 3.1 - Poikosoft) Far Cry 4 (HKLM-x32\...\Far Cry 4_is1) (Version: Far Cry 4 - ) Focusrite USB 2.0 Audio Driver 2.5.1 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.5.1 - Focusrite Audio Engineering Limited.) Free DVD Video Converter (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.65.823 - Digital Wave Ltd) Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.69.119 - Digital Wave Ltd) Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.0.2.3 - Genesys Logic) Glary Utilities 5.91 (HKLM-x32\...\Glary Utilities 5) (Version: 5.91.0.112 - Glarysoft Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden GTA V (HKLM-x32\...\GTA V_is1) (Version: GTA V - ) HandBrake 1.1.0 (HKLM-x32\...\HandBrake) (Version: 1.1.0 - ) Hofmann 10.2.0 (HKLM-x32\...\{2DAA2ED7-DC00-4D56-95E2-FF6C1CF5F834}) (Version: 10.2.0 - Hofmann) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation) Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) KORG M1 Le (HKLM-x32\...\{9624502C-3D39-41A0-8917-858EC16769CE}) (Version: 1.0.4 - KORG Inc.) KORG USB-MIDI Driver Tools for Windows (HKLM-x32\...\{CACF2945-0BD5-43D3-B0CF-FA7D25DB2C1E}) (Version: 1.14.1202 - Korg Inc.) Left 4 Dead (HKLM-x32\...\Left 4 Dead. ByKongo22_is1) (Version: - ) LG United Mobile Drivers (HKLM-x32\...\{7BF5C379-41FF-4C6D-842C-DF82D74C2B14}) (Version: 3.7.2.0 - LG Electronics) LibreOffice 5.4.7.2 (HKLM\...\{26D12F93-E454-4637-9A5C-D52F6B4CC0DD}) (Version: 5.4.7.2 - The Document Foundation) LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere) Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes) MediaInfo 0.7.83 (HKLM\...\MediaInfo) (Version: 0.7.83 - MediaArea.net) Mi PC Suite (HKU\S-1-5-21-831344084-618549190-190986482-1000\...\MiPhoneManager) (Version: - Xiaomi Inc.) Microsoft Games for Windows - LIVE (HKLM-x32\...\{A1C962E2-2426-49C6-A38B-9A07E40D607C}) (Version: 3.2.217.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-831344084-618549190-190986482-1000\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (HKLM\...\{764384C5-BCA9-307C-9AAC-FD443662686A}) (Version: 11.0.60610 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (HKLM\...\{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}) (Version: 11.0.60610 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{449EFED6-5F86-4428-8EB2-3DA1F6E67CE4}) (Version: 1.20.146.0 - Microsoft) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Modern Chess Opening Volume I (HKLM-x32\...\Peshka_is1) (Version: - ) Mozilla Firefox 62.0.3 (x64 es-ES) (HKLM\...\Mozilla Firefox 62.0.3 (x64 es-ES)) (Version: 62.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 62.0.2.6837 - Mozilla) MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team) MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others) MuseScore 2 (HKLM-x32\...\{0317B5F7-01A3-4640-A491-456B453CCAB3}) (Version: 2.2.1 - Werner Schweer and Others) Native Instruments Komplete Audio 6 Driver (HKLM-x32\...\Native Instruments Komplete Audio 6 Driver) (Version: - Native Instruments) Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: - Native Instruments) Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments) Nexus Root Toolkit (HKLM-x32\...\Nexus Root Toolkit) (Version: 2.1.9 - WugFresh) NVIDIA PhysX (HKLM-x32\...\{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}) (Version: 9.13.0725 - NVIDIA Corporation) OnePlus USB Drivers 1.00 (HKLM-x32\...\OnePlus USB Drivers 1.00) (Version: 1.00 - OnePlus, Inc) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Oracle VM VirtualBox 5.0.14 (HKLM\...\{82022940-639B-48A3-86D9-B139864105F7}) (Version: 5.0.14 - Oracle Corporation) Paquete de controladores de Windows - Focusrite USB 2.0 Audio Driver (09/25/2013 2.5.128.1) (HKLM\...\CF1FC201D237269A9CD51A3A6B14ADBF67175C32) (Version: 09/25/2013 2.5.128.1 - Focusrite) Plays (HKU\S-1-5-21-831344084-618549190-190986482-1000\...\Plays) (Version: 2.0.4 - Plays.tv, Inc) Python 3.5.2 (32-bit) (HKU\S-1-5-21-831344084-618549190-190986482-1000\...\{cf72a2ab-2f1d-49fd-a0d7-1065e6357e1e}) (Version: 3.5.2150.0 - Python Software Foundation) Python 3.5.2 Core Interpreter (32-bit) (HKLM-x32\...\{EB0611B2-7F10-4D97-BCF2-DCAAB1199498}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden Python 3.5.2 Development Libraries (32-bit) (HKLM-x32\...\{5DB2183B-62D3-407F-BBC1-EAD2F36283FA}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden Python 3.5.2 Documentation (32-bit) (HKLM-x32\...\{1FBA5182-78DD-4940-9F06-96E5042B7061}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden Python 3.5.2 Executables (32-bit) (HKLM-x32\...\{33B10015-A9B1-4210-B50A-26C6443979B0}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden Python 3.5.2 pip Bootstrap (32-bit) (HKLM-x32\...\{9ADF9987-3327-48C6-91B3-B10900366491}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden Python 3.5.2 Standard Library (32-bit) (HKLM-x32\...\{FCBB04F4-D2CF-4F55-BE92-B3898696B318}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden Python 3.5.2 Tcl/Tk Support (32-bit) (HKLM-x32\...\{C1153533-FDC4-4922-892D-B71810F69566}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden Python 3.5.2 Test Suite (32-bit) (HKLM-x32\...\{9D50A6D7-410A-4469-87B7-35FA84CBD479}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden Python 3.5.2 Utility Scripts (32-bit) (HKLM-x32\...\{E6DEBF43-7ACF-4E88-9BBF-9B5945683281}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{963ECCDD-F09F-4C24-9367-8B5D748AA7C8}) (Version: 3.5.2121.0 - Python Software Foundation) qBittorrent 4.1.3 (HKLM-x32\...\qBittorrent) (Version: 4.1.3 - The qBittorrent project) Raptr (HKLM-x32\...\Raptr) (Version: 5.2.5-r115042-release - Raptr, Inc) Rayman Legends (HKLM-x32\...\Rayman Legends_is1) (Version: Rayman Legends - ) Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.27 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.21.1 - Razer Inc.) Real Hide IP (HKLM-x32\...\RealHideIP) (Version: 4.0.9.8 - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8228 - Realtek Semiconductor Corp.) Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games) Screen Recorder Launcher (HKU\S-1-5-21-831344084-618549190-190986482-1000\...\ScreenRecorderLauncher) (Version: 1.7 - ) Software para dispositivos de chipset Intel® (HKLM-x32\...\{d370215a-d003-43ae-a3b6-1028af64d5a1}) (Version: 10.0.20 - Intel(R) Corporation) Hidden Spek (HKLM-x32\...\{7CDF6754-F5A0-4F34-B589-197530FEF862}) (Version: 0.8.2 - Spek Project) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.0 - Steinberg Media Technologies GmbH) SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk) SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.0 - Krzysztof Kowalczyk) Synthesia (remove only) (HKLM-x32\...\Synthesia) (Version: - ) Trine Collection (HKLM-x32\...\Trine Collection_is1) (Version: Trine Collection - ) Vulkan Run Time Libraries 1.0.11.0 (HKLM\...\VulkanRT1.0.11.0) (Version: 1.0.11.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.11.0 (HKLM\...\VulkanRT1.0.11.0-2) (Version: 1.0.11.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0-3) (Version: 1.0.17.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.21.0 (HKLM\...\VulkanRT1.0.21.0) (Version: 1.0.21.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-4) (Version: 1.0.26.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1-4) (Version: 1.0.3.1 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.8.0 (HKLM\...\VulkanRT1.0.8.0) (Version: 1.0.8.0 - LunarG, Inc.) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) XYplorer 16.00 (HKLM-x32\...\XYplorer) (Version: 16.00 - Donald Lessau) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-831344084-618549190-190986482-1000_Classes\CLSID\{869C14C8-1830-491F-B575-5F9AB40D2B42}\InprocServer32 -> C:\Program Files\MediaInfo\MediaInfo_InfoTip.dll (MediaArea.net) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2016-12-17] (AIMP DevTeam) ContextMenuHandlers1: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2013-02-19] (Poikosoft) ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-12-21] (Glarysoft Ltd) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-12-21] (Glarysoft Ltd) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes) ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2016-12-17] (AIMP DevTeam) ContextMenuHandlers4: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2013-02-19] (Poikosoft) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-10] (Advanced Micro Devices, Inc.) ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation) ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-12-21] (Glarysoft Ltd) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes) ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {02DF502C-5E36-40B1-B981-815CD63C7D9C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-13] (Adobe Systems Incorporated) Task: {157582D1-406D-464B-84C7-CC050DAF09F1} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {1B2EF42F-B4EF-444D-A408-5FA2F5CB24F7} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {1D6A3E41-7D16-4ADF-B2D5-4ACF2813057F} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2018-01-17] (Glarysoft Ltd) Task: {2ECB5711-89C1-4A2A-92CC-7BB38664C25F} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {2ED54F9F-E1BE-4F81-B9C2-5B96CC4F9379} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_148_Plugin.exe [2018-11-13] (Adobe Systems Incorporated) Task: {2FE33DCE-F1D6-4902-A9A4-FB210079AA5A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe Task: {30A27032-6FA1-4B4D-847A-BBA92FB2E206} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {37239CC8-FDD8-4D66-926A-9F23B35131F6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3E6E99B3-11B1-40BC-B473-5F7FC4EAF66C} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {415292C6-D74A-4165-A378-474BDEDB41F9} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {4197D01D-4BB4-4464-AB08-EF05109ECB4C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-22] (Microsoft Corporation) Task: {440630A0-9987-403A-87FB-E3E0FDA43AEE} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {443FAEE3-44CB-4158-9F3E-FFCC70A2ED56} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-19] (Piriform Ltd) Task: {49233ADB-F5E0-4F67-A925-83027FEF15BE} - System32\Tasks\{1714DB00-0293-4668-B32F-7A8D723CBE05} => C:\Program Files (x86)\Crytek\Saga Crysis\Crysis I\Bin64\Crysis64.exe Task: {4A60329F-607B-4C93-965D-60965A109F56} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-22] (Microsoft Corporation) Task: {53166DDA-2716-4FE5-ABAD-60F35580D40F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\Overseer\overseer.exe <==== ATTENTION Task: {55DE5C25-6D8C-4248-BC53-94A4FF32B34B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {55F112AB-09EB-4C98-9886-A647F19FA6C8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {5709B921-17D0-4F18-94FF-18CD61EBBE17} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {590A3C5B-751E-4A80-8AFF-F88D323864C7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {684B7407-8A7E-41D6-A194-E392EDDA4576} - System32\Tasks\{F0F2AC24-3791-4B7D-8375-4F0D26BA9872} => C:\Windows\system32\pcalua.exe -a C:\Users\Rodrigo\Downloads\win64_152823.exe -d C:\Users\Rodrigo\Downloads Task: {8A04368B-0140-4ABD-9A98-0F90566ED461} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {903F4891-A1E6-40F9-9226-38D4F13661AD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-22] (Microsoft Corporation) Task: {907629A4-037E-4EB5-9B08-AC537B3CFDD8} - System32\Tasks\{69770892-8B7C-4997-BCE0-7093C3EC72CE} => C:\Program Files (x86)\Crytek\Saga Crysis\Crysis I\Bin64\Crysis64.exe Task: {9A489E4C-CA82-40A0-8EBA-2A892DA69411} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9EC84E4F-EB74-42D3-BDB3-98C49AFC751A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {A17E40E4-4812-40B7-9D15-9B803D1581D7} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2018-01-17] (Glarysoft Ltd) Task: {A454E1C5-B716-4A3B-B125-A97C92948132} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-19] (Piriform Ltd) Task: {A49A1044-89CA-4068-B4C9-52D6AF4204F4} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-10] (Advanced Micro Devices, Inc.) Task: {A609FC55-CA42-47BC-ABA0-35482FE6D21D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {AB649159-5CF4-434A-9C8A-4E7B93B02F35} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {AFE967C4-CF56-4143-A9BE-6849A23399AB} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {BBEA668D-E31F-4DAA-BD56-2003ED9AC920} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {C75C1DA5-8E83-497C-9F4A-4FDE54E0A92C} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {C7ACBA4D-78F3-498C-8E08-009EE2564DD3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D72E4EB0-8C03-4562-9B6F-2C7C1D69192A} - System32\Tasks\{53475DC1-CED1-44AC-B346-E1AFE48F57EC} => C:\Windows\system32\pcalua.exe -a C:\Users\Rodrigo\Downloads\mb_driver_intel_irst_13.1\IRST\Hotfix\64\MSuSetup.exe -d C:\Users\Rodrigo\Downloads\mb_driver_intel_irst_13.1\IRST\Hotfix\64 Task: {E83BCBEA-7E27-4BEF-9B09-3C0A40A6F291} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {EC7BC38D-ABB9-4287-8644-DA6ACB6E6EFF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-22] (Microsoft Corporation) Task: {EF976E0E-AF6E-4A6F-9F6F-8B7137029D02} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {EFD1F6D2-9D8A-4481-91FE-96910059915C} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F0D99526-6C68-48AA-8BE2-6CD94B3BE8D7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F80ACD66-4CD3-4ACE-9462-30FB10730E3C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {F818C366-38E0-4836-82AF-6EAA6FBFDBBF} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2015-12-02 14:25 - 2015-12-02 14:25 - 000022016 _____ () C:\WINDOWS\System32\suge1l6.dll 2018-10-09 17:10 - 2018-10-31 16:28 - 002821952 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2018-10-09 17:10 - 2018-10-31 16:28 - 002695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-11-13 19:20 - 2018-11-01 07:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-10-04 20:58 - 2018-10-04 20:59 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll 2018-11-13 21:13 - 2018-11-13 21:13 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ChakraBridge.dll 2018-11-13 21:13 - 2018-11-13 21:13 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll 2018-11-13 21:13 - 2018-11-13 21:13 - 010873344 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\LibWrapper.dll 2018-11-13 21:13 - 2018-11-13 21:13 - 002834432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\skypert.dll 2018-11-13 21:13 - 2018-11-13 21:13 - 000685568 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll 2018-11-13 21:13 - 2018-11-13 21:13 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe 2015-03-08 17:22 - 2011-05-25 20:09 - 000049152 _____ () C:\Windows\SysWOW64\UMonit.exe 2016-05-05 15:05 - 2016-04-15 01:44 - 005907944 _____ () C:\Users\Rodrigo\AppData\Local\Amazon Music\Amazon Music Helper.exe 2017-05-06 18:35 - 2016-03-11 05:11 - 000157624 _____ () C:\Users\Rodrigo\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe 2018-11-09 12:29 - 2018-09-23 01:00 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll 2018-11-09 12:29 - 2018-10-30 19:06 - 001057056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll 2018-11-09 12:29 - 2018-09-23 01:00 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll 2018-11-09 12:29 - 2018-09-23 01:00 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll 2018-11-13 01:59 - 2018-11-08 23:14 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libglesv2.dll 2018-11-13 01:59 - 2018-11-08 23:14 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libegl.dll 2016-06-04 09:29 - 2015-07-30 09:00 - 000541683 _____ () C:\Program Files (x86)\CyberLink\PowerDVD16\Kernel\DMS\sqlite3.dll 2018-01-24 20:22 - 2017-03-20 16:17 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2018-01-24 20:22 - 2017-03-20 16:17 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2018-01-24 20:22 - 2017-03-20 16:17 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2018-01-24 20:22 - 2017-03-20 16:17 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2017-05-06 18:36 - 2016-03-11 05:11 - 000065976 _____ () C:\Users\Rodrigo\AppData\Local\MiPhoneManager\main\MiFramework.dll 2017-05-06 18:36 - 2016-03-11 05:11 - 000018360 _____ () C:\Users\Rodrigo\AppData\Local\MiPhoneManager\main\MiTrace.dll 2017-05-06 18:36 - 2016-03-11 05:11 - 000136632 _____ () C:\Users\Rodrigo\AppData\Local\MiPhoneManager\main\MiPlugin4NSIS.dll 2017-05-06 18:36 - 2016-03-11 05:04 - 000099600 _____ () C:\Users\Rodrigo\AppData\Local\MiPhoneManager\main\zlib1.dll 2018-01-24 20:22 - 2018-01-22 18:18 - 000042984 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\jansson.dll 2018-11-04 18:07 - 2018-10-30 19:06 - 000879904 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2018-11-04 18:07 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2018-11-04 18:07 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2018-11-04 18:07 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2018-11-04 18:07 - 2018-11-10 03:55 - 002649376 _____ () C:\Program Files (x86)\Steam\video.dll 2018-11-04 18:07 - 2017-12-20 02:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll 2018-11-04 18:07 - 2017-12-20 02:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll 2018-11-04 18:07 - 2017-12-20 02:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll 2018-11-04 18:07 - 2017-12-20 02:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll 2018-11-04 18:07 - 2017-12-20 02:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll 2018-11-04 18:07 - 2018-11-10 03:55 - 001028384 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2018-11-04 18:07 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2018-08-31 10:34 - 2018-08-31 10:34 - 000143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2018-11-15 18:15 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-831344084-618549190-190986482-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. HKLM\...\StartupApproved\Run32: => "Raptr" HKU\S-1-5-21-831344084-618549190-190986482-1000\...\StartupApproved\Run: => "Amazon Drive" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{A1B8D88F-63D0-4ECF-B1F1-1359D024FD44}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{13D35CB4-6047-48F3-AF0C-672E1AF60B45}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{703FB47C-99C5-419B-9436-22B06DBCC8EE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{10EE6505-F35E-4BCC-9C4A-37A82E34DD5F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{4EDA881A-204C-4EFB-9BDD-029B7B244806}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 13-11-2018 19:20:00 Windows Update 13-11-2018 19:20:13 Windows Update ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/15/2018 07:00:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: RadeonSettings.exe, versión: 10.1.1.1682, marca de tiempo: 0x58ebbc60 Nombre del módulo con errores: RadeonSettings.exe, versión: 10.1.1.1682, marca de tiempo: 0x58ebbc60 Código de excepción: 0xc0000409 Desplazamiento de errores: 0x00000000002f66cc Identificador del proceso con errores: 0x16e8 Hora de inicio de la aplicación con errores: 0x01d47d0c5312f2ba Ruta de acceso de la aplicación con errores: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe Ruta de acceso del módulo con errores: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe Identificador del informe: ba687704-9db0-4784-840f-65085fad8d04 Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: Error: (11/15/2018 06:42:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: RadeonSettings.exe, versión: 10.1.1.1682, marca de tiempo: 0x58ebbc60 Nombre del módulo con errores: RadeonSettings.exe, versión: 10.1.1.1682, marca de tiempo: 0x58ebbc60 Código de excepción: 0xc0000409 Desplazamiento de errores: 0x00000000002f66cc Identificador del proceso con errores: 0x1f00 Hora de inicio de la aplicación con errores: 0x01d47d09ec1d035f Ruta de acceso de la aplicación con errores: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe Ruta de acceso del módulo con errores: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe Identificador del informe: 41a02049-2960-41e2-815b-9ba1077f7e37 Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: Error: (11/15/2018 06:20:36 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe. Error: (11/15/2018 06:19:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: RadeonSettings.exe, versión: 10.1.1.1682, marca de tiempo: 0x58ebbc60 Nombre del módulo con errores: RadeonSettings.exe, versión: 10.1.1.1682, marca de tiempo: 0x58ebbc60 Código de excepción: 0xc0000409 Desplazamiento de errores: 0x00000000002f66cc Identificador del proceso con errores: 0x3518 Hora de inicio de la aplicación con errores: 0x01d47d06acf802bf Ruta de acceso de la aplicación con errores: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe Ruta de acceso del módulo con errores: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe Identificador del informe: 21b34850-a291-44ff-bdf0-b66037c6c512 Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: Error: (11/15/2018 06:17:31 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe. Error: (11/15/2018 06:14:41 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe. Error: (11/14/2018 11:20:58 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe. Error: (11/14/2018 10:20:36 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe. System errors: ============= Error: (11/15/2018 06:57:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} y APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} al usuario NT AUTHORITY\Servicio de red con SID (S-1-5-20) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (11/15/2018 06:56:50 PM) (Source: DCOM) (EventID: 10016) (User: RODRIGO-PC) Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} y APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} al usuario Rodrigo-PC\Rodrigo con SID (S-1-5-21-831344084-618549190-190986482-1000) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (11/15/2018 06:55:30 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID Windows.SecurityCenter.WscDataProtection y APPID No disponible al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (11/15/2018 06:55:30 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID Windows.SecurityCenter.WscBrokerManager y APPID No disponible al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (11/15/2018 06:55:29 PM) (Source: DCOM) (EventID: 10016) (User: RODRIGO-PC) Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} y APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} al usuario Rodrigo-PC\Rodrigo con SID (S-1-5-21-831344084-618549190-190986482-1000) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (11/15/2018 06:54:57 PM) (Source: DCOM) (EventID: 10016) (User: RODRIGO-PC) Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} y APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} al usuario Rodrigo-PC\Rodrigo con SID (S-1-5-21-831344084-618549190-190986482-1000) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (11/15/2018 06:54:57 PM) (Source: DCOM) (EventID: 10016) (User: RODRIGO-PC) Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} y APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} al usuario Rodrigo-PC\Rodrigo con SID (S-1-5-21-831344084-618549190-190986482-1000) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (11/15/2018 06:54:57 PM) (Source: DCOM) (EventID: 10016) (User: RODRIGO-PC) Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} y APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} al usuario Rodrigo-PC\Rodrigo con SID (S-1-5-21-831344084-618549190-190986482-1000) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Windows Defender: =================================== Date: 2018-11-10 15:26:10.768 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {97C3ADB2-8BD2-440F-8B2A-7E49D9C2EC05} Tipo de examen: Antimalware Parámetros de examen: Examen personalizado Usuario: Rodrigo-PC\Rodrigo Date: 2018-11-05 19:47:40.528 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para obtener más información consulte lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Skeeyah&threatid=2147708902&enterprise=0 Nombre: Trojan:Win32/Skeeyah Id.: 2147708902 Gravedad: Grave Categoría: Caballo de Troya Ruta de acceso: file:_C:\Program Files (x86)\VALVE\Left 4 Dead\change_name.exe; file:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VALVE\Left 4 Dead\Nombre Jugador.lnk; startup:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VALVE\Left 4 Dead\Nombre Jugador.lnk Origen de detección: Equipo local Tipo de detección: FastPath Fuente de detección: Sistema Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: Unknown Versión de firma: AV: 1.279.1242.0, AS: 1.279.1242.0, NIS: 1.279.1242.0 Versión de motor: AM: 1.1.15400.4, NIS: 1.1.15400.4 Date: 2018-11-05 19:46:53.986 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para obtener más información consulte lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Skeeyah&threatid=2147708902&enterprise=0 Nombre: Trojan:Win32/Skeeyah Id.: 2147708902 Gravedad: Grave Categoría: Caballo de Troya Ruta de acceso: file:_C:\Program Files (x86)\VALVE\Left 4 Dead\change_name.exe Origen de detección: Equipo local Tipo de detección: FastPath Fuente de detección: Sistema Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: Unknown Versión de firma: AV: 1.279.1242.0, AS: 1.279.1242.0, NIS: 1.279.1242.0 Versión de motor: AM: 1.1.15400.4, NIS: 1.1.15400.4 Date: 2018-11-03 20:25:31.063 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {B590C519-4065-4E25-8C5A-137FC1D91FCF} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2018-10-18 21:29:07.045 Description: Antivirus de Windows Defender detectó un comportamiento sospechoso. Nombre: Informational:Behavior/ModifiedKernel Id.: 242602795 Gravedad: Baja Categoría: Comportamiento sospechoso Ruta de acceso encontrada: process:_0 Origen de detección: Desconocido Tipo de detección: Sospechoso Fuente de detección: Protección en tiempo real Estado: Ejecutando Usuario: Unknown\Unknown Nombre de proceso: Unknown Id. de firma: 717259538435 Versión de firma: AV: 1.279.32.0, AS: 1.279.32.0 Versión de motor: 1.1.15400.4 Etiqueta de fidelidad: Medio Nombre de archivo de destino: c:\windows\\system32\drivers\ndis.sys Date: 2018-11-05 20:45:00.118 Description: La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error: Característica: Durante el acceso Código de error: 0x8007043c Descripción del error: El servicio no puede iniciarse en modo a prueba de errores Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema. Date: 2018-11-05 20:34:31.977 Description: La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error: Característica: Durante el acceso Código de error: 0x8007043c Descripción del error: El servicio no puede iniciarse en modo a prueba de errores Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema. CodeIntegrity: =================================== Date: 2018-11-14 18:12:37.238 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-11-14 18:12:37.234 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-11-14 18:12:36.649 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2018-11-14 08:56:46.496 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-11-14 08:56:46.490 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-11-14 08:56:46.015 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2018-11-13 20:17:46.774 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-11-13 20:17:46.769 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz Percentage of memory in use: 41% Total physical RAM: 8085.36 MB Available physical RAM: 4694.12 MB Total Virtual: 16277.36 MB Available Virtual: 12788.19 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:476.4 GB) (Free:28.63 GB) NTFS Drive d: (WD Elements Play) (Fixed) (Total:1863.01 GB) (Free:854.33 GB) NTFS Drive f: (Seagate Expansion Drive) (Fixed) (Total:2794.52 GB) (Free:489.2 GB) NTFS Drive g: (Elements) (Fixed) (Total:3725.99 GB) (Free:1605.75 GB) NTFS Drive i: (My Passport) (Fixed) (Total:1862.98 GB) (Free:275.94 GB) NTFS \\?\Volume{c652e743-6c21-11e4-a2a1-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{090a0909-0000-0000-0000-f01f77000000}\ () (Fixed) (Total:0.44 GB) (Free:0.04 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 090A0909) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=476.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 1 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000) Partition: GPT. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 2. ======================================================== Disk: 3 (Size: 1863 GB) (Disk ID: 9A6027CC) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ======================================================== Disk: 4 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 3685701B) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================