Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018 Ran by Acer (16-10-2018 03:34:15) Running from C:\Users\Acer\Desktop\spy Windows 10 Home Single Language Version 1803 17134.345 (X64) (2018-07-26 23:48:38) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Acer (S-1-5-21-127154364-3155986121-4053048774-1001 - Administrator - Enabled) => C:\Users\Acer Administrador (S-1-5-21-127154364-3155986121-4053048774-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-127154364-3155986121-4053048774-503 - Limited - Disabled) defaultuser0 (S-1-5-21-127154364-3155986121-4053048774-1000 - Limited - Enabled) => C:\Users\defaultuser0 Invitado (S-1-5-21-127154364-3155986121-4053048774-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-127154364-3155986121-4053048774-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.08.2001 - Acer Incorporated) abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated) Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3027 - Acer Incorporated) Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.01.3011 - Acer Incorporated) Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer) Acer Jumpstart (HKLM-x32\...\{8B441B85-0AFA-4EB3-A756-A47453481D2D}) (Version: 3.1.18240.4 - Acer) Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated) Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3025 - Acer Incorporated) Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.03.3000 - Acer Incorporated) Actualización de NVIDIA 23.23.30.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 23.23.30.0 - NVIDIA Corporation) Hidden Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.008.20074 - Adobe Systems Incorporated) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 376.89 - NVIDIA Corporation) Hidden AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform) Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.) Discord (HKU\S-1-5-21-127154364-3155986121-4053048774-1001\...\Discord) (Version: 0.0.301 - Discord Inc.) Dolby Audio X2 Windows API SDK (HKLM\...\{82C288CC-A96D-43E3-9119-944DABF5DD61}) (Version: 0.8.0.74 - Dolby Laboratories, Inc.) Dolby Audio X2 Windows API SDK (HKLM\...\{F994125B-7BF5-4A38-A569-82833CEB24DC}) (Version: 0.8.4.83 - Dolby Laboratories, Inc.) Dolby Audio X2 Windows APP (HKLM\...\{DBC4388A-9417-41DB-85CF-DF4993B84D5A}) (Version: 0.7.5.67 - Dolby Laboratories, Inc.) Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden ELAN HIDI2C Filter Driver X64 13.6.9.4_WHQL (HKLM\...\Elantech) (Version: 13.6.9.4 - ELAN Microelectronic Corp.) Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1004 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4639 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation) Logitech Gaming Software 9.00 (HKLM\...\Logitech Gaming Software) (Version: 9.00.42 - Logitech Inc.) Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes) Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-127154364-3155986121-4053048774-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation) Mozilla Firefox 57.0 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0 (x64 en-US)) (Version: 57.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.0.6525 - Mozilla) Mu (HKLM-x32\...\{F57CEB84-3D22-4657-8EDA-F8CD5217B83E}) (Version: 0.68.0000 - Webzen) NVIDIA Controlador de audio HD 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation) NVIDIA Controlador de gráficos 376.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.89 - NVIDIA Corporation) NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation) NVIDIA Software del sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.3.16.0 - NVIDIA Corporation) Hidden NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) Panel de control de NVIDIA 388.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.16 - NVIDIA Corporation) Hidden Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10414 - Qualcomm) Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.295 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21294 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.13.1223.2016 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8224 - Realtek Semiconductor Corp.) Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden Software para dispositivos de chipset Intel® (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => -> No File ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => -> No File ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => -> No File ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated) ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated) ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated) ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => -> No File ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => -> No File ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => -> No File ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2f75f5358a5cad12\igfxDTCM.dll [2017-11-06] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-30] (NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {149A8770-16E8-41AB-92C2-E7BD13409455} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation) Task: {152DE921-EB33-4695-940E-9CA9D1DB61ED} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {1D679532-786B-4A59-B7C1-C85FC964659B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-19] (Piriform Ltd) Task: {25B2656D-8909-45C7-9782-ADEB92C92ADE} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation) Task: {2BE9297A-CCA6-4D46-A1FD-C8F4B0441851} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2017-02-21] () Task: {47B62017-6C6F-4B3B-9A0D-C83BAC3D7F74} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2017-02-17] (TODO: ) Task: {52239989-7662-4817-9FFF-6E6B260895E4} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [2018-09-26] (Acer) Task: {57D4C8CD-5291-4856-9F35-8EACA854B785} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-26] (Google Inc.) Task: {58C1548C-EE8C-4A22-A3B8-883641CAF2DB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-09-25] (Microsoft Corporation) Task: {65ED9232-986F-440A-980A-EF6BA52D37C4} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] () Task: {696E79BC-5D8B-41D7-985E-DCA46CD8574B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-09-25] (Microsoft Corporation) Task: {71D8D96C-E752-4E7C-8697-3D0F5E1BAB17} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [2016-09-20] () Task: {817FA158-4A72-4985-9E82-58FB78F2F2FD} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation) Task: {81F75144-6C4B-4467-AC65-832A22E2E92B} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe Task: {83291C04-25F0-4F5B-BB95-4EB815C088AE} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2018-03-09] (Acer Incorporated) Task: {83F74BAB-CC98-4C97-9D9B-39F98290C780} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation) Task: {88B19EED-3F61-4617-907F-8A03699E1566} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [2017-12-14] () Task: {A23F908E-068F-449E-9C66-20229BC6E7A5} - System32\Tasks\User Boot Experience Task => C:\OEM\Preload\FUBService\FUBService.exe [2015-05-14] () Task: {A8D44134-2095-4F7A-A6F3-4B10E365E541} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2018-03-09] (Acer Incorporated) Task: {AB798B14-F9AA-4C7F-BBBA-EE3949097BE5} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2017-02-21] () Task: {B282773A-22FA-4444-BA08-E6A471DB68AF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated) Task: {BEE573CE-5DF4-49F0-B6FA-986C6C5ADD37} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-09-25] (Microsoft Corporation) Task: {C28C4E30-9BF4-4C64-8FE6-9E6FA2113A1B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-19] (Piriform Ltd) Task: {C7E64AE4-1A9E-4A8F-970A-38A89B2F4A5C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation) Task: {D870F3DD-32F7-45E8-A3BB-46EDD19B94A5} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"] Task: {DC9B280A-605A-42CE-8B35-C6AC578BD3FE} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2017-02-21] () Task: {DEDAC5E7-03FC-41A6-B8C4-483394CE2900} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {DFE4C837-806A-49F4-88DE-05A47989FB8B} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [2017-12-13] (Acer Incorporated) Task: {E7C13959-06EC-4771-8A13-97967AEF42F1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation) Task: {F0964C69-2468-4EAB-8E7C-707A6163718C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-26] (Google Inc.) Task: {F159B3D1-AF37-4F4C-ADB5-C2B0B58D62F4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation) Task: {F1AE0F7B-9687-44ED-9B12-7F48060C3571} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-12-05] (Intel(R) Corporation) Task: {F244B1DC-4C35-44B3-9A93-69832A88C13C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation) Task: {F424310B-D7A1-46AC-8685-10CB24613F24} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2017-03-20] (Acer Incorporated) Task: {FA9C1F9E-FBDE-4967-9A4F-3DC01D24F1E5} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2018-03-09] (Acer Incorporated) Task: {FF37CB3D-7994-43C1-AE04-DDC8BDFE9F18} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-09-25] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2018-10-16 02:59 - 2018-09-12 11:35 - 002701064 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-04-11 18:34 - 2018-04-11 18:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll 2018-04-11 18:34 - 2018-04-11 18:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-11 18:34 - 2018-04-11 18:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-10-12 13:30 - 2018-09-19 22:38 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-10-03 21:34 - 2018-10-03 21:35 - 000181248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.30.98.1000_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe 2018-06-18 12:51 - 2016-08-15 18:03 - 000111320 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll 2017-09-22 15:17 - 2017-09-22 15:17 - 000641312 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll 2017-09-22 15:17 - 2017-09-22 15:17 - 000654072 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll 2017-09-22 15:14 - 2017-09-22 15:14 - 000202528 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll 2017-09-22 15:16 - 2017-09-22 15:16 - 000119072 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll 2018-07-27 21:31 - 2018-07-27 21:31 - 000015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll 2017-03-20 14:24 - 2017-03-20 14:24 - 000013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll 2017-03-20 14:21 - 2017-03-20 14:21 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll 2017-02-19 09:52 - 2017-02-19 09:52 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-127154364-3155986121-4053048774-1001\...\localhost -> localhost ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-07-16 06:47 - 2016-07-16 06:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-127154364-3155986121-4053048774-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Acer\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\fifa_world_cup_2018_portugal_cristiano_ronaldo_2880x1800.jpg DNS Servers: Media is not connected to internet. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{C7F2CC3E-E047-4A9B-A8A2-D6B8287EEA3C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{7B1115A6-DE90-4E00-B901-82BE07DAA8CB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{9617BE4A-EAFF-487C-9B50-BD05FB683CFB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{4270CA08-9F2D-477A-B8F0-FA0ADFF1EC1D}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{26B2B91C-AA09-4D08-93E5-CF2CF10D9E12}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe FirewallRules: [{12E6B460-6C21-4253-A84B-EF489EBC947C}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe FirewallRules: [{FF818A73-A4A1-4122-8656-FADF63FFC0A0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8B6CEC51-0DA4-4C1F-B2F6-9A697C324B76}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{2B8D3222-71A1-4CF7-96FE-F90CB442D244}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{A1AE92EA-5648-431F-89B7-C9A20750376A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{1A58BDBD-C386-4DBF-AC72-BF4C3E970879}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{E16D0BCE-80B0-4DFA-9AAD-A02F555F6E6E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{F35E9BE3-10C7-4399-88E3-BFF34167FC11}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{21E0A9B5-E342-4290-BBAB-2C49886BEA31}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{776DE62A-B391-4CA9-8EF2-40681A49605F}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{C84BC289-25B4-4B02-80C6-20D7901F0E10}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{2C043E64-15A2-44EE-8287-132205B333DC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{7BE3850D-4728-4B38-8B98-AC527A12BF84}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe FirewallRules: [{5FD40176-5AF0-4FB4-B0F3-A29C91007F4F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe FirewallRules: [{8DA90338-4651-49E6-B229-86BC7C50ADAA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{AD9D110F-AAAF-4333-B03D-68411527C9E7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{426052D6-F41F-427B-8913-6A6B7AC55769}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{7F86F53B-BBFC-4C51-9EB0-6CB8BA6C2AF5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{6DDA8C9F-8828-4353-9FEC-7E7E62EE4CD2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{0ED76E36-07B5-4100-BA58-CFF60C807BDE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{FC3E6EF4-9108-44E1-BB8B-955C2BE1145A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{A629000D-A926-4AA6-BCC5-4000C373CDCE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [TCP Query User{B31A90F3-4C02-4DD7-BC9A-7E3E3D143B1E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{EDDFCD28-4F8A-4D58-BB7C-0B39DC228DEF}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{1329A0CF-E31F-4BB5-9CDF-1A4250566D3D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe FirewallRules: [{70920CD3-80CA-4C4F-BD2F-5F7ED3A814F1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe FirewallRules: [{5284A486-AEF1-44E8-8FCC-68954E62040C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe FirewallRules: [{2B090EE3-0A74-47C5-BB3F-5369E67218E3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe FirewallRules: [{C5289683-15ED-46CE-91CB-6A6BB2ED6BF4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PRO EVOLUTION SOCCER 2019 DEMO\PES2019.exe FirewallRules: [{C64AFFA2-3B4B-4659-9721-9ABA6D6A2EB5}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PRO EVOLUTION SOCCER 2019 DEMO\PES2019.exe FirewallRules: [TCP Query User{7D8D73A8-F808-4921-950F-489A22EAADF3}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{AE8E0BDA-86BA-4B31-91DA-5EC101A103F5}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{96779BA2-002F-4106-A372-9E2CC4A48609}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\MU Legend\GameLauncher\WZLauncher.exe FirewallRules: [{6BCFB6C5-B857-44E8-8DAB-2E25C132EEA4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\MU Legend\GameLauncher\WZLauncher.exe FirewallRules: [{2A2AF32A-2B58-4AF1-A84F-52154D89A161}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\MU Legend\Binaries\Win32\MULegend.exe FirewallRules: [{26013015-8D6F-4781-9971-F3A95411F6E2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\MU Legend\Binaries\Win32\MULegend.exe FirewallRules: [{969A9984-843D-4145-86CA-D9F66C16568E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\MU Legend\Binaries\Win64\MULegend.exe FirewallRules: [{8DB7E7EB-6059-4D18-905A-964717008EA5}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\MU Legend\Binaries\Win64\MULegend.exe FirewallRules: [{0A2545E1-5A77-4323-B2AD-4E1903DFA263}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe FirewallRules: [{9F68491C-2497-4D92-A337-925BAE7DD427}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe FirewallRules: [{496848EB-3220-4029-B6F3-38C7FCEA8371}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{FDE0FECA-2488-4CB5-AAD2-4228AEB74443}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{58530996-3736-4B58-8195-B408EA3B15B9}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{E49D7446-3C0B-4410-AB9F-B8DB1FBF040F}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{7ECBEA9E-10EB-4CA2-B8B9-716E11CA5409}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe FirewallRules: [{B7751018-14DB-40D5-9596-D88506DEAC36}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe FirewallRules: [{6DB53D7C-E8F3-4952-A34A-4416B8D58D0D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{FA8B7BB5-BFFD-4D4C-A25A-70C834A1831B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{A682EC76-D776-4D86-9B48-07F38068D698}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{6EE19A9C-58A5-4791-874E-507A9C9ABF6E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{B4E3A554-A657-40DF-AF7E-F8C2413F97BF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{C677FE3B-934F-4527-90DC-C50C3FE69FDA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{488F6C52-4F65-4BB6-809F-D94E1AEDA6B9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{30AB22C0-6BF0-4242-A034-2BE09937B1FB}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{FB589F7D-90B8-4DAC-AB78-FD9746A01FE4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{D3C97EB7-3A5C-4D76-BE87-80E9C094772F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{922010C8-AE1B-481E-A767-ED2A73E06C54}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{A978A005-85A4-4AE4-8784-13FB4DC4F374}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{FE512889-D266-41FE-B696-43DD6E937E0F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [{69C3A388-638E-43AE-85DF-0EC52AEF4838}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [TCP Query User{9F211C1D-A72D-405C-A2B5-26A56EDBCD54}D:\program files (x86)\overwatch\overwatch.exe] => (Allow) D:\program files (x86)\overwatch\overwatch.exe FirewallRules: [UDP Query User{598D6F6C-9074-4DF2-9143-D477B5089C59}D:\program files (x86)\overwatch\overwatch.exe] => (Allow) D:\program files (x86)\overwatch\overwatch.exe FirewallRules: [{6F3E257F-4DCA-4E99-8AA5-96575692FF50}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe FirewallRules: [{CBACBB93-5233-43C7-B974-2BE2C9879786}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe FirewallRules: [{30BC80BB-B6D8-462B-9307-3217A5E83B9B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Black Desert Online SA\BlackDesertPatcher32.pae.exe FirewallRules: [{E7011BAC-2836-403D-9DFF-521B225B0024}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Black Desert Online SA\BlackDesertPatcher32.pae.exe FirewallRules: [TCP Query User{3DD61138-53A7-44EC-BF9B-0E38C12C8823}D:\program files (x86)\steam\steamapps\common\black desert online sa\bin64\blackdesert64.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\black desert online sa\bin64\blackdesert64.exe FirewallRules: [UDP Query User{05EDE94D-46BC-4C8A-AA18-2AEDB5450CC0}D:\program files (x86)\steam\steamapps\common\black desert online sa\bin64\blackdesert64.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\black desert online sa\bin64\blackdesert64.exe FirewallRules: [{C57D604F-E4CF-465A-944C-1C006C8DBE3B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{310874E3-E328-4309-A09C-69428B1853A6}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe FirewallRules: [UDP Query User{A9912831-DCB1-41F7-BFDE-CEDDA55B9F80}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe FirewallRules: [{C0C7C2B9-2BEB-4A14-A3E1-B9F926DB0EB7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{079FDB76-2325-4A40-B48B-A9C613E4ADDC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe ==================== Restore Points ========================= 22-09-2018 16:49:55 Instalador de Módulos de Windows 23-09-2018 20:33:20 Instalador de Módulos de Windows 24-09-2018 22:49:55 Instalador de Módulos de Windows 26-09-2018 20:49:37 Instalador de Módulos de Windows 27-09-2018 22:49:36 Instalador de Módulos de Windows 28-09-2018 23:45:47 Instalador de Módulos de Windows 30-09-2018 20:35:07 Instalador de Módulos de Windows 02-10-2018 11:06:43 Instalador de Módulos de Windows 03-10-2018 12:33:30 Instalador de Módulos de Windows 04-10-2018 14:32:52 Instalador de Módulos de Windows 06-10-2018 12:33:23 Instalador de Módulos de Windows 07-10-2018 17:08:18 Instalador de Módulos de Windows 08-10-2018 20:46:42 Instalador de Módulos de Windows 11-10-2018 10:15:52 Instalador de Módulos de Windows 12-10-2018 14:59:21 Instalador de Módulos de Windows 13-10-2018 16:31:25 Instalador de Módulos de Windows 15-10-2018 01:38:14 Instalador de Módulos de Windows 16-10-2018 03:19:29 Instalador de Módulos de Windows 16-10-2018 03:21:55 JRT Pre-Junkware Removal ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/15/2018 01:14:48 PM) (Source: COM) (EventID: 10031) (User: ) Description: Se realizó una comprobación de directiva de anulación de serialización al anular la serialización de un objeto con serialización personalizada; se rechazó la clase {41FD88F7-F295-4D39-91AC-A85F3149A05B} Error: (10/15/2018 01:14:47 PM) (Source: COM) (EventID: 10031) (User: ) Description: Se realizó una comprobación de directiva de anulación de serialización al anular la serialización de un objeto con serialización personalizada; se rechazó la clase {95CABCC9-BC57-4C12-B8DF-BA193232AA01} Error: (10/15/2018 02:21:50 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: El programa explorer.exe, versión 10.0.17134.165, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control. Identificador de proceso: 17f4 Hora de inicio: 01d4645767657eed Hora de finalización: 0 Ruta de la aplicación: C:\Windows\explorer.exe Identificador de informe: 86c4b849-25a4-4d24-9aa6-f92e55f0474a Nombre completo de paquete con errores: Identificador de aplicación relativa del paquete con errores: Error: (10/15/2018 02:15:45 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicación: MrNiceGuysDownloader.exe Versión de Framework: v4.0.30319 Descripción: el proceso terminó debido a una excepción no controlada. Información de la excepción: System.UnauthorizedAccessException en System.IO.__Error.WinIOError(Int32, System.String) en System.IO.File.InternalDelete(System.String, Boolean) en System.IO.File.Delete(System.String) en LXC2Ns2u8pw'H}wX8 >gsEuY+IFD5(A1_\&:8Sopd\&1:4l;#>c\,.‎‏‬‬‬‪‭‭‏‭‍‎​‎‭‪‌‮‭‬‪‌‌‭‏‮‮‫‮(System.String) en LXC2Ns2u8pw'H}wX8 >gsEuY+IFD5(A1_\&:8Sopd\&1:4l;#>c\,.MoveNext() Información de la excepción: System.AggregateException en System.Threading.Tasks.Task.ThrowIfExceptional(Boolean) en System.Threading.Tasks.Task.Wait(Int32, System.Threading.CancellationToken) en rmeAFwIQEvcYnWkMtqOonTUIdlPDb.​‏‍‮‏‭‏‫‎‏‏‭‬‌‏​‪‬‌‍‭‬‏‎‏‮(System.Object, System.ComponentModel.AsyncCompletedEventArgs) en System.Net.WebClient.OnDownloadFileCompleted(System.ComponentModel.AsyncCompletedEventArgs) en System.Net.WebClient.DownloadFileOperationCompleted(System.Object) en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) en System.Windows.Threading.DispatcherOperation.InvokeImpl() en System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object) en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) en MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object) en System.Windows.Threading.DispatcherOperation.Invoke() en System.Windows.Threading.Dispatcher.ProcessQueue() en System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) en MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) en MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) en System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) en MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) en MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef) en System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) en System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame) en System.Windows.Application.RunDispatcher(System.Object) en System.Windows.Application.RunInternal(System.Windows.Window) en System.Windows.Application.Run(System.Windows.Window) en ‌‬‎‪‏​‪‬‏‏‌‫‍‭‫‪‮‫‏‪‌‮‬‌‮‮.‪‪‭‭‪‏‫‌‭‎‏‌‎‪​‫‎‌‫‫‎‫​​‭‭‫‫‮() Error: (10/14/2018 07:29:11 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 16203 Error: (10/14/2018 07:29:11 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 16203 Error: (10/14/2018 07:29:11 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (10/14/2018 01:17:48 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 16125 System errors: ============= Error: (10/16/2018 03:24:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 1000 milisegundos: Reiniciar el servicio. Error: (10/16/2018 03:22:31 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} y APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (10/16/2018 03:21:17 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: El servicio Optimización de entrega no respondió después de iniciar. Error: (10/16/2018 03:20:34 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID Windows.SecurityCenter.WscBrokerManager y APPID No disponible al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (10/16/2018 03:20:34 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID Windows.SecurityCenter.WscDataProtection y APPID No disponible al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (10/16/2018 03:20:34 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID Windows.SecurityCenter.WscDataProtection y APPID No disponible al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (10/16/2018 03:19:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio Dashlane Upgrade Service no pudo iniciarse debido al siguiente error: El servicio no respondió a tiempo a la solicitud de inicio o de control. Error: (10/16/2018 03:19:10 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Dashlane Upgrade Service. Windows Defender: =================================== Date: 2018-10-12 17:49:58.902 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {04E8CF5B-5657-474D-84C5-B2D77020F138} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2018-10-07 17:31:13.668 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {B2D49DEF-F48E-426D-A454-2AC6D967C8F5} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2018-09-30 21:05:37.523 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {CDBC8E79-64E9-4BC2-B4CB-90631DFA6C01} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2018-08-27 13:03:50.469 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para obtener más información consulte lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nombre: HackTool:Win32/AutoKMS Id.: 2147685180 Gravedad: Alta Categoría: Herramienta Ruta de acceso: containerfile:_D:\Renzo\kms\OFF2016X64\Office Professional Plus 2016 W64\Activadores\KMSAuto.Net.v1.3.9.Portable\KMSAuto Net 2015 v1.3.9 Portable.zip; file:_D:\Renzo\kms\OFF2016X64\Office Professional Plus 2016 W64\Activadores\KMSAuto.Net.v1.3.9.Portable\KMSAuto Net 2015 v1.3.9 Portable.zip; file:_D:\Renzo\kms\OFF2016X64\Office Professional Plus 2016 W64\Activadores\KMSAuto.Net.v1.3.9.Portable\KMSAuto Net 2015 v1.3.9 Portable.zip->KMSAuto Net 2015 v1.3.9 Portable/KMSAuto Net.exe; file:_D:\Renzo\kms\OFF2016X64\Office Professional Plus 2016 W64\Activadores\KMSAuto.Net.v1.3.9.Portable\KMSAuto Net 2015 v1.3.9 Portable\KMSAuto Net.exe Origen de detección: Equipo local Tipo de detección: Concreto Fuente de detección: Protección en tiempo real Usuario: LAPTOP-UQ38PMGM\Acer Nombre de proceso: C:\Windows\explorer.exe Versión de firma: AV: 1.275.263.0, AS: 1.275.263.0, NIS: 1.275.263.0 Versión de motor: AM: 1.1.15200.1, NIS: 1.1.15200.1 Date: 2018-08-27 13:03:47.683 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para obtener más información consulte lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nombre: HackTool:Win32/AutoKMS Id.: 2147685180 Gravedad: Alta Categoría: Herramienta Ruta de acceso: containerfile:_D:\Renzo\kms\OFF2016X64\Office Professional Plus 2016 W64\Activadores\KMSAuto.Net.v1.3.9.Portable\KMSAuto Net 2015 v1.3.9 Portable.zip; file:_D:\Renzo\kms\OFF2016X64\Office Professional Plus 2016 W64\Activadores\KMSAuto.Net.v1.3.9.Portable\KMSAuto Net 2015 v1.3.9 Portable.zip; file:_D:\Renzo\kms\OFF2016X64\Office Professional Plus 2016 W64\Activadores\KMSAuto.Net.v1.3.9.Portable\KMSAuto Net 2015 v1.3.9 Portable.zip->KMSAuto Net 2015 v1.3.9 Portable/KMSAuto Net.exe; file:_D:\Renzo\kms\OFF2016X64\Office Professional Plus 2016 W64\Activadores\KMSAuto.Net.v1.3.9.Portable\KMSAuto Net 2015 v1.3.9 Portable\KMSAuto Net.exe Origen de detección: Equipo local Tipo de detección: Concreto Fuente de detección: Protección en tiempo real Usuario: LAPTOP-UQ38PMGM\Acer Nombre de proceso: C:\Program Files\WinRAR\WinRAR.exe Versión de firma: AV: 1.275.263.0, AS: 1.275.263.0, NIS: 1.275.263.0 Versión de motor: AM: 1.1.15200.1, NIS: 1.1.15200.1 Date: 2018-10-16 03:27:24.161 Description: Antivirus de Windows Defender encontró un error al intentar actualizar las firmas. Nueva versión de firma: Versión de firma anterior: 1.277.1071.0 Origen de actualización: Servidor de Microsoft Update Tipo de firma: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión de motor actual: Versión de motor anterior: 1.1.15300.6 Código de error: 0x800704cf Descripción del error: No es posible el acceso a la ubicación de red. Para obtener información para solucionar problemas de red, vea la Ayuda de Windows. Date: 2018-10-10 16:36:25.704 Description: Antivirus de Windows Defender encontró un error al intentar actualizar las firmas. Nueva versión de firma: Versión de firma anterior: 1.277.822.0 Origen de actualización: Servidor de Microsoft Update Tipo de firma: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión de motor actual: Versión de motor anterior: 1.1.15300.6 Código de error: 0x80072efd Descripción del error: No se pudo establecer conexión con el servidor Date: 2018-10-05 10:04:17.779 Description: Antivirus de Windows Defender encontró un error al intentar actualizar las firmas. Nueva versión de firma: Versión de firma anterior: 1.277.560.0 Origen de actualización: Servidor de Microsoft Update Tipo de firma: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión de motor actual: Versión de motor anterior: 1.1.15300.6 Código de error: 0x8024402c Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. Date: 2018-10-05 09:44:18.283 Description: Antivirus de Windows Defender encontró un error al intentar actualizar las firmas. Nueva versión de firma: Versión de firma anterior: 1.277.560.0 Origen de actualización: Servidor de Microsoft Update Tipo de firma: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión de motor actual: Versión de motor anterior: 1.1.15300.6 Código de error: 0x8024402c Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. Date: 2018-09-29 16:44:01.739 Description: Antivirus de Windows Defender encontró un error al intentar actualizar las firmas. Nueva versión de firma: Versión de firma anterior: 1.277.305.0 Origen de actualización: Servidor de Microsoft Update Tipo de firma: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión de motor actual: Versión de motor anterior: 1.1.15300.6 Código de error: 0x80240016 Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. CodeIntegrity: =================================== Date: 2018-10-16 03:30:02.895 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-10-16 03:30:02.893 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-10-16 03:25:51.890 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-10-16 03:25:51.888 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-10-16 03:24:25.830 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-10-16 03:24:25.829 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-10-16 03:24:03.828 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-10-16 03:24:03.826 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-7300HQ CPU @ 2.50GHz Percentage of memory in use: 22% Total physical RAM: 12171.6 MB Available physical RAM: 9488.08 MB Total Virtual: 18315.6 MB Available Virtual: 14900.46 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:344.46 GB) (Free:221.29 GB) NTFS Drive d: (Disco ) (Fixed) (Total:585.94 GB) (Free:349.77 GB) NTFS \\?\Volume{cf5aded8-3a05-47dd-a7ac-ef04177bf8fa}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.58 GB) NTFS \\?\Volume{38e3c46b-7cd6-4971-b496-bba3e7d54f8e}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: AE9A405A) Partition: GPT. ==================== End of Addition.txt ============================