Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.12.2018 Ran by Antonio (18-12-2018 17:07:41) Running from C:\Users\Antonio\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2012-05-16 19:08:04) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-2549724298-3477855564-2987377474-500 - Administrator - Disabled) Antonio (S-1-5-21-2549724298-3477855564-2987377474-1000 - Administrator - Enabled) => C:\Users\Antonio Invitado (S-1-5-21-2549724298-3477855564-2987377474-501 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\uTorrent) (Version: 3.5.4.44632 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden Actualización de NVIDIA 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated) Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated) Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.101 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{5C2E19D0-4ECC-B5E8-8777-F7656428D853}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 375.63 - NVIDIA Corporation) Hidden AOMEI Partition Assistant Standard Edition 6.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.) Apple Application Support (32 bits) (HKLM-x32\...\{49F7DD82-FC83-48BF-86C6-CFE6E1E233E1}) (Version: 7.1 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{1FA68E27-2951-42E8-9F57-1A7F6581B4FD}) (Version: 7.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{64695C4A-C68F-46B5-A734-50EBF124A68E}) (Version: 11.3.3.4 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.) AppLogLibSetup (HKLM-x32\...\{7C40ADB8-AD6E-4CDF-94A1-06ACDC99F90F}) (Version: 1.0.2.0 - Brother Industries Ltd.) Hidden aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) Aurora HDR 2018 (HKLM\...\{BB7ADD89-7C4D-430B-9D3C-8597736DFB4E}) (Version: 1.2.0.2114 - Skylum) Hidden Aurora HDR 2018 (HKLM-x32\...\{66060156-f85d-49d2-a414-29e2b65b7e27}) (Version: 1.2.0.2114 - Skylum) Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software) AVS Video Editor 7.1 (HKLM-x32\...\AVS Video Editor_is1) (Version: 7.1.1.259 - Online Media Technologies Ltd.) Backup and Sync from Google (HKLM\...\{608EBDC6-D18A-4CF6-AD54-EE6B71D29065}) (Version: 3.43.1584.4446 - Google, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BrLauncher (HKLM-x32\...\{C661197A-6B93-4E37-9E3F-2A1DFCD64234}) (Version: 1.1.15.0 - Brother Industries Ltd.) Hidden BrLogRx (HKLM-x32\...\{B556F816-FF4D-4BB6-9339-ED28639E2EF3}) (Version: 1.0.2.1 - Brother Industries Ltd.) Hidden BrLogRx (HKLM-x32\...\{E9A086F3-E0CB-4E91-AABE-586D99788BC3}) (Version: 1.0.1.1 - Brother Industries Ltd.) Hidden Brother Port Driver (HKLM-x32\...\{6768BCF7-474C-4428-9FC1-3C46969819D6}) (Version: 1.1.4.4 - Brother Industries Ltd.) Hidden Brother Printer Driver (HKLM-x32\...\{0648F446-BAE9-402F-9BEC-8B333959D8FB}) (Version: 1.2.0.0 - Brother Industries Ltd.) Hidden Brother Scanner Driver (HKLM-x32\...\{A242EB06-0518-48A3-AF7A-5973BE9CAF7B}) (Version: 1.0.7.3 - Brother Industries Ltd.) Hidden BrotherHelpInstaller (HKLM-x32\...\{4E461C2A-EC1C-46D1-AF5B-7FEFD0054AF8}) (Version: 1.0.0.0 - Brother) Hidden BrSupportTools (HKLM-x32\...\{F8F9EB58-33BA-4FF8-80E7-66D87D2E0C3C}) (Version: 1.0.9.0 - Brother Industries Ltd.) Hidden Buzzdock (HKLM-x32\...\{cfd32d46-7d3f-483f-bace-7172aec5592d}) (Version: - Alactro LLC) <==== ATTENTION calibre (HKLM-x32\...\{80B99AE8-4116-4321-877D-A7A063C6D329}) (Version: 3.27.1 - Kovid Goyal) Canon Utilities Digital Photo Professional 4 (HKLM-x32\...\Digital Photo Professional 4 (x64)) (Version: 4.8.30.0 - Canon Inc.) Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.8.20.0 - Canon Inc.) Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.2.0 - Canon Inc.) Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.) Canon Utilities EOS Utility 3 (HKLM-x32\...\EOS Utility 3) (Version: 3.7.0.0 - Canon Inc.) Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.6.30.1 - Canon Inc.) Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.19.10.0 - Canon Inc.) Catalyst Control Center Next Localization BR (HKLM\...\{118C2119-84B6-E32C-63E2-B56DBCF41CE5}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (HKLM\...\{5A083A57-10D6-D4E5-292C-F274870E73A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (HKLM\...\{DF0D7C1C-72B6-9FFB-DF66-B3720237BB80}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (HKLM\...\{238F6F6F-2544-86CF-3AB6-2CDADAB58CF0}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (HKLM\...\{EC688BD0-240D-AE40-55F3-234E54919AE6}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (HKLM\...\{E27224E3-7913-DA1E-5B08-9BEEC8FEE3D1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (HKLM\...\{95A52FC1-C728-841D-1BFC-CC793B77B0A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (HKLM\...\{A22CDEBA-6DB5-12CD-F6CE-6238C2D78363}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (HKLM\...\{C0BFC67D-E447-02C8-6046-C078DFE9EC97}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (HKLM\...\{94C72EBE-2908-F0AC-62DA-D61951830F8F}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (HKLM\...\{5B987681-3652-492B-6A11-E02AC0FE5959}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (HKLM\...\{86BFE5B4-1FCE-3C02-6373-92B1AE6431E8}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (HKLM\...\{0742432E-42D9-2240-4CA1-8595CCCBAA77}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (HKLM\...\{EAEAA839-44F4-22DF-D1CC-88C3B2A3D4B1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (HKLM\...\{A3973655-E448-4A1B-477C-988A79D132D9}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (HKLM\...\{6DC92550-D065-4B36-C4D3-D8D7A702A7A7}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (HKLM\...\{B2A83706-3F14-1532-20CD-B4EE715A8945}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (HKLM\...\{44ED2CDA-4197-E9E9-B328-26E1FB749116}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (HKLM\...\{3450566C-4561-0EE8-B1AB-D5C79CCE8D2C}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (HKLM\...\{FCE8438C-3272-D63F-479F-670F082B294B}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (HKLM\...\{25D1751E-7CA2-5F6D-0125-0A16E47AF9FE}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.49 - Piriform) Color Efex Pro 4 (HKLM-x32\...\Color Efex Pro 4) (Version: 4.0.0.0 - Nik Software, Inc.) ContactKeeper 1.5.0 (HKLM-x32\...\ContactKeeper_is1) (Version: - ContactKeeper) ControlCenter4 (HKLM-x32\...\{9ADB625A-7F6D-4C48-9058-4767A55D5424}) (Version: 4.2.438.1 - Brother Insutries Ltd.) Hidden Core Temp 1.12.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.12.1 - ALCPU) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Debut, capturador de vídeo (HKLM-x32\...\Debut) (Version: 3.12 - NCH Software) DeviceDetect (HKLM-x32\...\{F805D16D-AB79-4DC7-A60F-436621995275}) (Version: 1.2.1.0 - Brother Industries Ltd.) Hidden Dropbox (HKLM-x32\...\Dropbox) (Version: 63.4.107 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen) EaseUS Todo Backup Free 8.0 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.0 - CHENGDU YIWO Tech Development Co., Ltd) ErrorFix KIT (HKLM-x32\...\{87330C1D-D0C8-4AE2-8350-44B356282706}) (Version: 1.0.2.8 - BoolApps Ltd) EVEREST Ultimate Edition v4.60 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 4.60 - Lavalys, Inc.) Express Zip, programa para comprimir archivos (HKLM-x32\...\ExpressZip) (Version: 2.31 - NCH Software) FastStone Photo Resizer 3.8 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.8 - FastStone Soft.) Fotoprix FotoLibro v5.6.56.478 (HKLM\...\{3E451A42-50B4-4FD7-890E-A08B217F39E2}_is1) (Version: 5.6.56.478 - Ikatz, S.A.) Free File Viewer 2014 (HKLM-x32\...\FreeFileViewer_is1) (Version: 2014.2.16.0 - Bitberry Software) <==== ATTENTION Free Mp3 Wma Converter V 1.5.6 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: - Renan Broquin) GoforFiles (HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\GoforFiles) (Version: 1.8.3 - hxxp://www.goforfiles.com/) <==== ATTENTION Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.) Google Earth Pro (HKLM\...\{E466DA1C-39B7-4FA7-98F5-3B7910976C3D}) (Version: 7.3.2.5495 - Google) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden Imagenomic Noiseware 5.0.2 Plug-in (build 5020) (HKLM\...\ImagenomicNoisewarePlugin) (Version: - ) InPixio Photo (HKLM-x32\...\{5F0C0CD8-77B1-4C3E-9F01-5AF10D85DBB4}) (Version: 6.09.0 - Avanquest Software) Instalación de DivX (HKLM\...\DivX Setup) (Version: 10.8.6.0 - DivX, LLC) Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation) Java Runtime Environment Packages (HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\Java Runtime Environment Packages) (Version: - ) <==== ATTENTION JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) K-Lite Mega Codec Pack 8.3.2 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.3.2 - ) Luminar (HKLM-x32\...\{31F059A3-09B0-460B-8FD4-31A48ED1860D}) (Version: 1.0.0.6 - Macphun) Hidden Luminar (HKLM-x32\...\{d41d616a-53a7-4ef9-b78d-8ee9226f86cc}) (Version: 1.0.0.6 - Macphun) Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation) Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Camera Codec Pack (HKLM\...\{122D94E8-4E70-42BC-80A2-2C9F81003512}) (Version: 6.3.9723.0 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710F4C1C-CC18-4C49-8CBF-51240C89A1A2}) (Version: - ) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: - ) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: - ) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: - ) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 54.0.1 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 es-ES)) (Version: 54.0.1 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG) Nero 12 Content Pack (HKLM-x32\...\{4E7AC009-5212-499F-942F-A5AA42AE359E}) (Version: 12.0.00400 - Nero AG) Nero CoverDesigner (HKLM-x32\...\{79BB6415-00A7-413A-B278-A7EAE69F1753}) (Version: 12.0.02700 - Nero AG) Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1007 - Nero AG) Nero MediaHome Free (HKLM-x32\...\{C9652153-FBF4-465F-A789-51476FF9BDFB}) (Version: 16.0.02800 - Nero AG) NetworkRepairTool (HKLM-x32\...\{4694AD3E-D4A2-4D98-9848-662A0475E872}) (Version: 1.2.11.0 - Brother Insutries Ltd.) Hidden NMSDVDX64 v1.1 (HKLM\...\{49C4A807-A535-4E85-BD6D-5A7803473CA3}) (Version: 1.01.0001 - FOTOPRIX) NVIDIA Controlador de 3D Vision 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.25 - NVIDIA Corporation) NVIDIA Controlador de audio HD 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation) NVIDIA Controlador de gráficos 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation) NVIDIA Controlador de la controladora 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA Software del sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) OEM Application Profile (HKLM-x32\...\{ADAED067-B399-069C-3B99-29D93AACA64E}) (Version: 1.00.0000 - Nombre de su organización) Olacarita Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.0 - Google Inc.) Hidden Opera Stable 56.0.3051.116 (HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\Opera 56.0.3051.116) (Version: 56.0.3051.116 - Opera Software) Panel de control de NVIDIA 347.25 (HKLM\...\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 347.25 - NVIDIA Corporation) Hidden Paquete de controladores de Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.) PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden PDF24 Creator 8.4.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) Pentablet versión 1.5.2.180828 (HKLM\...\{5DAB8C1A-6D8E-467D-BE62-AC13087AA950}_is1) (Version: 1.5.2.180828 - XPPEN Technology) PhotoME (HKLM-x32\...\PhotoME_is1) (Version: 0.79R17 - Jens Duttke) Polar FlowSync versión 2.6.2 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 2.6.2 - Polar Electro Oy) Powersuite (HKLM-x32\...\{793A260C-CDBF-499C-ABBA-B51E8E076867}_is1) (Version: 4.7.1.0 - Uniblue Systems Limited) <==== ATTENTION Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0005 - Nero AG) Hidden Prerequisite installer (HKLM-x32\...\{799AFA36-4EA5-4323-8689-74C06645A26B}) (Version: 16.0.0004 - Nero AG) Hidden QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7982 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.49 - Piriform) Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.8.1 - Reimage) <==== ATTENTION SafeZone Stable 1.48.2066.114 (HKLM-x32\...\SafeZone 1.48.2066.114) (Version: 1.48.2066.114 - Avast Software) Hidden Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics) ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden Skype versión 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.) SmartGlobe(TM) Infinity+, V1.00 (HKLM-x32\...\Oregon Scientific SmartGlobe(TM) Infinity+_is1) (Version: - Oregon Scientific) Sokoban game Stand-alone version 2.0 (HKLM-x32\...\{2622F00A-1520-474E-B0B9-633B825A1FF3}_is1) (Version: - 365freesoft.com) StatusMonitor (HKLM-x32\...\{86D16055-3C14-44C6-BCD7-5514B83BAD34}) (Version: 1.12.4.0 - Brother Insutries Ltd.) Hidden Stereoscopic Player (HKLM-x32\...\{9C20C313-D587-447C-BE2B-26B136C832A0}) (Version: 1.7.8 - 3dtv.at) Unity Web Player (HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS) Unknown File Handler (HKLM-x32\...\UFH_is1) (Version: 2015.12.29.0 - File.org) Unlocker 1.9.0-x64 (HKLM\...\Unlocker) (Version: 1.9.0-x64 - Cedrick Collomb) UsbRepairTool (HKLM-x32\...\{523276A4-5779-4105-9163-CA1CF94EC533}) (Version: 1.4.0.0 - Brother Insutries Ltd.) Hidden VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden VideoPad, editor de vídeo (HKLM-x32\...\VideoPad) (Version: 5.05 - NCH Software) vReveal 3 (HKLM-x32\...\vReveal 3) (Version: - MotionDSP) VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.3.0.21 - VSO Software) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) WarThunder (HKLM-x32\...\WarThunder) (Version: - ) <==== ATTENTION WavePad, editor de audio (HKLM-x32\...\WavePad) (Version: 5.58 - NCH Software) Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.14000 - Nero AG) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) Windows Movie Maker 2017 (HKLM-x32\...\{3CC29C1A-B5FE-457B-1234-32A2557A92C7}}_is1) (Version: - winmoviemaker) WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH) WMPx64PluginFix (HKLM\...\{00a8ce68-cb2e-4652-aecd-c05c0d9d53a7}.sdb) (Version: - ) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team) Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\ChromeHTML: -> <==== ATTENTION CustomCLSID: HKU\S-1-5-21-2549724298-3477855564-2987377474-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> no filepath ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-20] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-20] (AVAST Software) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-20] (AVAST Software) ContextMenuHandlers1: [BCSShellMenuExt] -> {947217BD-E967-400A-B14A-BA851A8EDCBB} => -> No File ContextMenuHandlers1: [DivXShellExtensionItem] -> {48A8A3B0-57E8-4F2B-A49D-19E02B92377B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2017-10-06] (DivX, LLC) ContextMenuHandlers1: [DivXShellExtensionItem64] -> {6B49A276-0DBA-43F4-BC96-A841AD11B40B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2017-10-06] (DivX, LLC) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ContextMenuHandlers1: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll [2017-04-09] () ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google) ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2014-12-14] (CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers1: [TVCShellExt] -> {4E33A7F5-8083-4C08-9D45-C5CED88F5C04} => -> No File ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal) ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2014-12-14] (CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-20] (AVAST Software) ContextMenuHandlers4: [BCSShellMenuExt] -> {947217BD-E967-400A-B14A-BA851A8EDCBB} => -> No File ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google) ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2013-11-08] (Piriform Ltd) ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2014-12-14] (CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal) ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-06-24] (Advanced Micro Devices, Inc.) ContextMenuHandlers5: [BCSShellMenuExt] -> {947217BD-E967-400A-B14A-BA851A8EDCBB} => -> No File ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-01-10] (NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-20] (AVAST Software) ContextMenuHandlers6: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll [2017-04-09] () ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2013-11-08] (Piriform Ltd) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {03B22B71-8FDA-4F2A-894B-C8ECB1BFCD6C} - System32\Tasks\DoctorPC_Popup => C:\Program Files (x86)\Doctor PC\Splash.exe <==== ATTENTION Task: {05B246F8-D147-406D-81C1-7915F60E3065} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-20] (AVAST Software) Task: {0C201700-5754-4EB3-8507-CD29FF05EDAD} - System32\Tasks\DoctorPC_Start => C:\Program Files (x86)\Doctor PC\DoctorPC.exe <==== ATTENTION Task: {0CE38C2A-DB22-490C-B973-5542C2E83F2D} - System32\Tasks\Opera scheduled Autoupdate 1512766308 => C:\Users\Antonio\AppData\Local\Programs\Opera\launcher.exe [2018-11-26] (Opera Software) Task: {1BE5F0AF-A098-4818-871C-7A01B46AA4BA} - System32\Tasks\{BE00B586-9306-481C-9DC8-70BCBC299A9A} => C:\Windows\system32\pcalua.exe -a G:\PROGRAMAS\Nero11\Nero.Platinum.HD.v11.2.00700.retail.incl.patch-iOTA\Nero_PlatinumHD-11.2.00700.exe -d G:\PROGRAMAS\Nero11\Nero.Platinum.HD.v11.2.00700.retail.incl.patch-iOTA Task: {1CAE1ABE-45FF-4FF1-8EB4-2D63F1BA1526} - System32\Tasks\{BB560825-81DE-4286-8B08-BD8E65F6380C} => C:\Windows\system32\pcalua.exe -a C:\Users\Antonio\AppData\Roaming\awesomehp\UninstallManager.exe Task: {1DD8CC6B-C093-42A1-8264-D360D0A846E6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-06] (Adobe Systems Incorporated) Task: {29605CDE-0675-4CE0-BFA7-8E6D7D5A64B5} - System32\Tasks\{8377E1DC-7E3A-48D0-8E64-C90F4620DCA3} => C:\Windows\system32\pcalua.exe -a "D:\POWER TRASLATOR PRO 6.2\INSTALL.EXE" -d "D:\POWER TRASLATOR PRO 6.2" Task: {323E2866-A101-4EF5-934E-56584F80A67F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-06] (Piriform Software Ltd) Task: {3C0B7A65-699F-4F02-8380-AA816E7F3147} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-06] (Adobe Systems Incorporated) Task: {3C732C13-8DA4-4E43-8D4D-5A0D8D1C3093} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-03-04] (Nero AG) Task: {4517B710-5B6B-4877-A634-4ADA9791E019} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe Task: {57F27434-6276-4487-BD29-364FBDE378F2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated) Task: {5EC4DC3C-7FEF-4A63-A89E-086293710C48} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe <==== ATTENTION Task: {66B4ACFC-D6EA-4488-83EC-361EADB37855} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_pepper.exe [2018-12-06] (Adobe Systems Incorporated) Task: {6B94F0E7-F51C-4EFC-A855-3D5B64EFBA26} - System32\Tasks\NCH Software\VideoPadSevenDays => C:\Program Files (x86)\NCH Software\VideoPad\VideoPad.exe [2017-07-28] (NCH Software) Task: {72A86DF0-F11D-45AF-9FD1-D67A44CE5CD6} - System32\Tasks\powersuite_monitor => C:\Program Files (x86)\Uniblue\Powersuite\powersuite_monitor.exe [2018-04-18] (Uniblue Systems Ltd) <==== ATTENTION Task: {73CB9821-4AB7-4FC0-B6B3-63EEC6551F60} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-08-24] (Dropbox, Inc.) Task: {78FC1BE2-5037-43D4-8485-88EF175DCB03} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-08-24] (Piriform Ltd) Task: {8134D17D-5033-4271-B42D-6AD5C2493712} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [2017-08-02] (DivX, LLC) Task: {858C56BB-A1EA-4F62-939F-4597529F8834} - System32\Tasks\{C57F1BE9-8AFF-4684-B585-AD7E1C10A27B} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup Task: {87C51F17-D1B6-4BEA-87D2-B2C825FE9D0A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.) Task: {969F7AD3-D36D-490F-8364-5926CA46671C} - System32\Tasks\JetCleanLoginCheckUpdate => C:\remote-service\jetclean\AutoUpdate.exe Task: {A9FE1937-8212-4DBE-B435-D0137458B719} - System32\Tasks\{A0EF792D-144C-42B4-959F-37327A95EF76} => C:\Windows\system32\pcalua.exe -a "E:\Remote Programs\Jewel Quest 3\GPlrLanc.exe" -c -LOpCode 2 /RemoveContent cid=642550;name=Jewel Quest 3;dir=E:\Remote Programs\Jewel Quest 3\;prvid=143;cmdid=1;prvdir=Default Task: {AA4930B1-4258-4038-B94C-1B2188FE0991} - System32\Tasks\FreeFileViewerUpdateChecker => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe [2015-12-30] (Bitberry Software) <==== ATTENTION Task: {AC61AC9E-CE4C-42B4-A2FA-022E01ED499A} - System32\Tasks\NCH Software\ExpressZipSevenDays => C:\Program Files (x86)\NCH Software\ExpressZip\ExpressZip.exe [2016-08-19] (NCH Software) Task: {AD6E3E9B-9A8B-4758-9C72-D8F032AB8F04} - System32\Tasks\{34A9BC66-CB9A-4963-9A84-8B1A828F107F} => C:\Windows\system32\pcalua.exe -a "G:\PROGRAMAS\OnOne.PhotoFrame.v4.6.6.Professional.Edition.incl.keygen-REDT\OnOne.PhotoFrame.v4.6.6.Professional.Edition.incl.keygen-REDT\setup\PhotoFrame 4.6.6 Professional Editon.exe" -d G:\PROGRAMAS\OnOne.PhotoFrame.v4.6.6.Professional.Edition.incl.keygen-REDT\OnOne.PhotoFrame.v4.6.6.Professio (the data entry has 34 more characters). Task: {AFB5D759-935A-4301-AB49-BD705206F163} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe Task: {B5C5DB26-9611-4790-AD42-0423859283A9} - System32\Tasks\{75B110E7-01EE-4FFA-ADF4-4FC961C3A13E} => C:\Windows\system32\pcalua.exe -a "G:\PROGRAMAS\VisualMapXXI\INSTALAR 2006.exe" -d G:\PROGRAMAS\VisualMapXXI Task: {C784E7F7-1D90-41B0-BBCA-60BF15C10C83} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.) Task: {C7F1EE94-18DA-407D-BC66-C06DAD793A40} - System32\Tasks\Yahoo! Powered limid => C:\Windows\system32\wscript.exe "C:\ProgramData\{A19D64FE-2BDF-EE38-AD19-707A375BFBB4}\dira.txt" "68747470733a2f2f71616a6f6c6f732e636f6d" "433a5c50726f6772616d446174615c7b41313944363446452d324244462d454533382d414431392d3730374133373542464242347d5c6d6f6c697465" "433a5c50726f6772616d446174615c7b41313944363446452d324244462d454533382d (the data entry has 84 more characters). <==== ATTENTION Task: {D0A6DBC4-4216-4786-9B7D-5A66D08AA6F4} - System32\Tasks\AdobeAAMUpdater-1.0-Antonio-PC-Antonio => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated) Task: {D2680788-47A2-49B0-8EE7-8664685FBC77} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-10-28] (AVAST Software) Task: {D3D24397-15D9-4E5D-9582-93D6AE3926E2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-08-24] (Dropbox, Inc.) Task: {D7136D70-3470-4CDE-B048-78678D34F368} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.) Task: {EC20F106-2EB8-4AD7-8A05-E529833297E4} - System32\Tasks\Final Media Player Update Checker => C:\Program Files (x86)\FinalMediaPlayer\FMPCheckForUpdates.exe Task: {EEBF5FD2-5EF8-43AC-8D22-EE1C76DA95CC} - System32\Tasks\NCH Software\WavePadSevenDays => C:\Program Files (x86)\NCH Software\WavePad\WavePad.exe [2013-08-30] (NCH Software) Task: {FFCD4EA4-398D-49D5-99DF-05B3003E2651} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION Task: C:\Windows\Tasks\powersuite_monitor.job => C:\Program Files (x86)\Uniblue\Powersuite\powersuite_monitor.exe <==== ATTENTION Task: C:\Windows\Tasks\Yahoo! Powered limid.job => Wscript.exe C:\ProgramData\{A19D64FE-2BDF-EE38-AD19-707A375BFBB4}\dira.txt <==== ATTENTION ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Antonio\Favorites\Sitio para descargas de NCH Software.lnk -> hxxp://www.nchsoftware.com/es/index.htm ShortcutWithArgument: C:\Users\Antonio\Desktop\CANALES online en directo YOMVI es Mo.._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=lglkinplimdkabolmjlphkoobkiecchm ShortcutWithArgument: C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\CANALES online en directo YOMVI es Mo.._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=lglkinplimdkabolmjlphkoobkiecchm ShortcutWithArgument: C:\Users\Antonio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&click_id=1638245534836e4baca857d33a5a686e5ad79cd8 --app-window-size=1366,768 ShortcutWithArgument: C:\Users\Antonio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CANALES online en directo YOMVI es Mo.._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=lglkinplimdkabolmjlphkoobkiecchm ==================== Loaded Modules (Whitelisted) ============== 2018-10-21 02:17 - 2018-10-21 02:17 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-11-30 18:54 - 2017-11-30 18:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2009-01-12 06:15 - 2009-01-12 06:15 - 000082872 _____ () C:\Windows\SysWOW64\NMSAccess64.exe 2016-03-07 17:08 - 2016-06-15 02:14 - 000369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2016-05-02 16:20 - 2016-06-15 02:14 - 001148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll 2016-03-07 17:08 - 2016-06-15 02:14 - 003613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2016-01-27 18:18 - 2016-06-15 02:14 - 000289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2018-06-04 11:00 - 2005-04-22 12:36 - 000143360 _____ () C:\Windows\system32\BrSNMP64.dll 2017-08-24 17:21 - 2014-12-15 00:03 - 000241704 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe 2018-11-20 09:21 - 2018-11-20 09:21 - 000728792 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll 2016-05-02 16:20 - 2016-06-15 02:14 - 002667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll 2016-05-02 16:20 - 2016-06-15 02:14 - 001990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll 2016-05-02 16:20 - 2016-06-15 02:14 - 001842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll 2016-01-27 18:18 - 2016-06-15 02:14 - 000208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll 2012-03-06 21:37 - 2012-03-06 21:37 - 000020288 _____ () C:\Program Files\CCleaner\branding.dll 2018-11-06 17:14 - 2018-11-06 17:14 - 000100936 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll 2016-05-02 16:20 - 2016-06-15 02:14 - 000035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll 2016-05-02 16:20 - 2016-06-15 02:14 - 000921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll 2016-06-24 11:51 - 2016-06-24 11:51 - 000138752 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe 2018-11-20 09:21 - 2018-11-20 09:21 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll 2018-11-20 09:21 - 2018-11-20 09:21 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll 2018-12-17 17:40 - 2018-12-17 17:40 - 005724304 _____ () C:\Program Files\AVAST Software\Avast\defs\18121704\algo.dll 2018-11-20 09:21 - 2018-11-20 09:21 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll 2018-11-20 09:21 - 2018-11-20 09:21 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll 2018-11-20 09:21 - 2018-11-20 09:21 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000098856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000031272 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckTool.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 001296424 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000060968 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000017448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000088616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000107560 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000030248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000068136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000158248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000280104 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000072232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000139816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000037416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000754728 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000193064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000407080 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000148008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000076840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000207912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000024616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000020520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000032296 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000034856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000064040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000022568 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000115752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000194088 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000037928 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000135720 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000020008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000043048 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000096808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBFireWall.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000353832 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000027176 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000137256 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000146984 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000050216 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000061992 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000089640 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000056360 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll 2017-08-24 17:21 - 2014-12-14 23:53 - 000223784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll 2018-10-03 19:38 - 2018-04-18 07:31 - 000629928 _____ () C:\Program Files (x86)\Uniblue\Powersuite\ui_dll.dll 2018-10-03 19:38 - 2018-04-18 07:31 - 020764328 _____ () C:\Program Files (x86)\Uniblue\Powersuite\libcef.dll 2018-10-04 15:56 - 2018-04-18 07:31 - 000299176 _____ () C:\Program Files (x86)\Uniblue\Powersuite\locale\es\resources.dll 2018-10-03 19:38 - 2018-04-18 07:31 - 001100472 _____ () C:\Program Files (x86)\Uniblue\Powersuite\avcodec-53.dll 2018-10-03 19:38 - 2018-04-18 07:31 - 000123576 _____ () C:\Program Files (x86)\Uniblue\Powersuite\avutil-51.dll 2018-10-03 19:38 - 2018-04-18 07:31 - 000190136 _____ () C:\Program Files (x86)\Uniblue\Powersuite\avformat-53.dll 2018-10-03 19:38 - 2018-04-18 07:31 - 000628392 _____ () C:\Program Files (x86)\Uniblue\Powersuite\libglesv2.dll 2018-10-03 19:38 - 2018-04-18 07:31 - 000117928 _____ () C:\Program Files (x86)\Uniblue\Powersuite\libegl.dll 2015-10-17 08:41 - 2016-06-15 02:14 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2018-03-13 09:53 - 2018-03-13 09:53 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2009-02-27 15:38 - 2009-02-27 15:38 - 000139264 _____ () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2009-02-26 12:46 - 2009-02-26 12:46 - 000064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll 2011-06-22 10:46 - 2011-06-22 10:46 - 000434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll 2015-11-11 03:41 - 2015-11-11 03:41 - 000756376 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows:nlsPreferences [0] AlternateDataStreams: C:\ProgramData\Temp:373E1720 [118] AlternateDataStreams: C:\ProgramData\Temp:890CC2F3 [123] AlternateDataStreams: C:\ProgramData\Temp:F169C698 [133] AlternateDataStreams: C:\Users\Antonio\Cookies:7eHnyYeOwxcbaFta4D [2184] AlternateDataStreams: C:\Users\Antonio\Cookies:XEf1zjLqFw6nxRdst5qt189Bv [2030] AlternateDataStreams: C:\Users\Antonio\AppData\Local\Temp:ko4xdsqQaI8ZD1x0s8WdAfo [2224] AlternateDataStreams: C:\Users\Public\Documents\.DS_Store:AFP_AfpInfo [122] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\123simsen.com -> www.123simsen.com There are 7865 more sites. ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 13:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 80.58.61.250 - 80.58.61.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^$McRebootA5E6DEAA56$.lnk => C:\Windows\pss\$McRebootA5E6DEAA56$.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snagit 11.lnk => C:\Windows\pss\Snagit 11.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Antonio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EOS Utility.lnk => C:\Windows\pss\EOS Utility.lnk.Startup MSCONFIG\startupfolder: C:^Users^Antonio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Hardcopy.LNK => C:\Windows\pss\Hardcopy.LNK.Startup MSCONFIG\startupfolder: C:^Users^Antonio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^lolipop.lnk => C:\Windows\pss\lolipop.lnk.Startup MSCONFIG\startupfolder: C:^Users^Antonio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^lollipop.lnk => C:\Windows\pss\lollipop.lnk.Startup MSCONFIG\startupreg: AgentMonitor => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: Bubble Dock => "C:\Users\Antonio\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe" /winstartup MSCONFIG\startupreg: Chromium => "c:\users\antonio\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session MSCONFIG\startupreg: ContactKeeper Birthday reminder => "C:\Program Files (x86)\ContactKeeper\ContactKeeper.exe" /Reminder MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup MSCONFIG\startupreg: Exetender => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: Iminent => C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C" MSCONFIG\startupreg: IminentMessenger => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: MDS_Menu => "C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0" MSCONFIG\startupreg: Media Finder => "C:\Program Files (x86)\Media Finder\Media Finder.exe" /opentotray MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart MSCONFIG\startupreg: Olympus ib => "C:\Program Files (x86)\Olympus\ib\olycamdetect.exe" /Startup MSCONFIG\startupreg: PDFPrint => "C:\Program Files (x86)\PDF24\pdf24.exe" MSCONFIG\startupreg: Polar FlowSync => C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SoftonicAssistant => "C:\Users\Antonio\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe" MSCONFIG\startupreg: StartCN => "C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon MSCONFIG\startupreg: uTorrent => "C:\Users\Antonio\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe MSCONFIG\startupreg: Yontoo Desktop => "C:\Users\Antonio\AppData\Roaming\Yontoo\YontooDesktop.exe" HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "AgentMonitor" HKLM\...\StartupApproved\Run32: => "mobilegeni daemon" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "DivXUpdate" HKLM\...\StartupApproved\Run32: => "DelaypluginInstall" HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\StartupApproved\StartupFolder: => "Dropbox.lnk" HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\StartupApproved\Run: => "Sidebar" HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\StartupApproved\Run: => "Xvid" HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\StartupApproved\Run: => "SoftonicAssistant" HKU\S-1-5-21-2549724298-3477855564-2987377474-1000\...\StartupApproved\Run: => "Dropbox Update" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{2C91DD93-F310-4450-BE00-5510C437207F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe FirewallRules: [{14BBDBE1-E933-4602-9A17-437C26B27164}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe FirewallRules: [{4A1071DA-6F87-416F-AD02-5408290A8AF6}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe FirewallRules: [{7D440E8D-AA63-47B4-A6B3-601B0AE5E26B}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe FirewallRules: [{225C7A52-51A3-4FFC-AA5A-8561F515A6B1}] => (Allow) LPort=7935 FirewallRules: [{1FFD7D7B-E22B-477F-B8EF-FED85E796928}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{384E4C14-068C-4D07-8DE8-62A8085D9495}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{AE758550-1A45-40CD-B425-54D9B4309797}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{090C0528-DCCF-4E91-BB3F-4EDAAED71DAB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{CFC845E7-EB64-4851-AAE0-E171FB2AA7EB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{C592E935-480A-4C68-9B36-55E8F7BDF495}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{169CD429-79AC-4CEC-9C5D-65B672C95FF2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{77713BD3-6773-4E4D-9183-3C704FCA0396}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{15387FA8-F0FB-4FA2-9AA8-3D6083652479}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{92CB2EB6-39CF-4408-9D00-7ED77CB1B6ED}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [TCP Query User{D55C1C41-D4E8-4DD2-85C1-02FE84B0C860}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe FirewallRules: [UDP Query User{B664745F-AA06-4A68-985A-F05AF9B83A25}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe FirewallRules: [TCP Query User{D2F50ED2-E0BA-49A4-B137-8334B82019D3}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{079303A1-440A-448C-9784-35DAC526165D}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [{CE6CE098-0B50-47D2-8368-6A75BFFDB0B2}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe FirewallRules: [{9F11A70F-715A-45C9-BA15-29DE59BC00B1}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe FirewallRules: [{F80B44F1-86CF-4179-9CF6-391810295D88}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe FirewallRules: [{196246E7-5335-44DD-9913-D1E53519C71A}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe FirewallRules: [{4C891DA9-1138-4A02-90D1-06043BB8B3C7}] => (Allow) C:\Users\Antonio\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{1468A312-4442-43C9-8C5F-5EFA3AC71A78}] => (Allow) C:\Users\Antonio\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{D7D8FAA1-96A2-429B-BB0D-9E8A77D3671D}C:\program files (x86)\wondershare\vcu\dscheck.exe] => (Allow) C:\program files (x86)\wondershare\vcu\dscheck.exe FirewallRules: [UDP Query User{2FB53AB5-BDB6-43C6-A6E2-0E1025022505}C:\program files (x86)\wondershare\vcu\dscheck.exe] => (Allow) C:\program files (x86)\wondershare\vcu\dscheck.exe FirewallRules: [{BE62F60C-E929-4A2B-8727-B4269A5FD8C0}] => (Allow) C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe FirewallRules: [{82DA814A-D69E-4856-A2E3-135044389CEB}] => (Allow) C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe FirewallRules: [{AFB581AD-2A97-46F8-9E60-A8E7845A9CD5}] => (Allow) C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe FirewallRules: [{43019FF9-211C-431A-AB64-03043C9798BF}] => (Allow) C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe FirewallRules: [TCP Query User{3FF9DA06-81BD-4C59-9FA0-283F529E4D75}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe FirewallRules: [UDP Query User{61E0BF5C-2203-4587-B3F6-D831AA008799}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe FirewallRules: [{06BB605F-F9F3-4479-AA31-9E1FDE3F3710}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{19A36D8F-2392-4AC2-84BF-12177F0753EC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A960746F-8622-4A24-9C83-429DA6E186DF}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe FirewallRules: [{10A4AB3F-B138-41F0-B0C1-493139E51707}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe FirewallRules: [{BDDADCCB-1117-45A5-978E-E77A0B739910}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe FirewallRules: [{A8CC2D76-6BCF-4258-B45F-A8BDAF3FE0C3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{6ADAB4D9-120F-42B0-90D3-C290B19468E6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{72A8FFB9-6E88-4B70-87AB-CAE93338D3E2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{CA307B07-E900-40B3-9067-8A85C9DA8344}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{2359DF00-54CF-4569-B25D-BE4A7DA4DEF0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{902A1EAF-3C98-4205-8DEF-70802602EA07}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{091E603F-A35C-42CA-9D29-A9EF1299F957}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{E4B2B74C-74B1-40C6-A312-73F59EBE9186}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{7CE6E8A9-E6C2-4B5B-ADFF-280EA915B12B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{F3CFF0D6-8458-4337-94D2-9BB09222922C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{4E8DD9B6-8182-4C98-B5E1-0931D817F431}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{B5DA1E44-6276-4DE8-9B46-047BC52879B8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{F8445BB7-F6B7-4F2E-B78A-93A102AA4B2A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{6FEED3F9-96CD-4B24-8ED6-8EE5FC664FAD}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [UDP Query User{709AE254-C02E-481A-9670-5B665F2CB1F1}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [TCP Query User{812E66DA-AEA7-4F23-B03E-C0A09775C965}C:\program files (x86)\wondershare\vcu\dscheck.exe] => (Block) C:\program files (x86)\wondershare\vcu\dscheck.exe FirewallRules: [UDP Query User{40FD999C-7ED9-4A2D-8B12-42C0BA053E41}C:\program files (x86)\wondershare\vcu\dscheck.exe] => (Block) C:\program files (x86)\wondershare\vcu\dscheck.exe FirewallRules: [{5AF5879E-A4C1-4314-97B4-14A0AE9FE450}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe FirewallRules: [{330C0182-4B6E-44C5-9A82-B4AFCF75221C}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe FirewallRules: [{B1C12332-78F0-4DDF-A9A3-B276C41345DC}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe FirewallRules: [{79B6C673-37BD-463E-BEC3-9A0184CE5B69}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe FirewallRules: [{B6270C52-C741-4761-853F-4B768DB32916}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609_0\SZBrowser.exe FirewallRules: [{33EF2CA2-A4B9-467E-81DF-FB95F7A0E6EF}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe FirewallRules: [{86246B09-787F-4175-A8FD-2F68C5912498}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe FirewallRules: [{B3B76A50-B8B1-4B11-A5C1-E7190F8C5E5C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{CCD53382-2F74-48A0-A857-B817066914B7}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{7997F7D0-09EA-4974-852F-40933B595EAC}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{D828C082-9518-40B2-832F-2D2DA9E24705}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{32E12D7A-BF8F-4E19-B029-1408F78DCD89}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe FirewallRules: [TCP Query User{8B3AD8D5-7502-4320-8DFC-E8B2FE454E19}G:\programas\inpixio photo editor premium v1.7.6278 - ita (16 marzo 2017) (portable)\data\local\stubexe\0x73b57fe2adbe9109\chrome.exe] => (Block) G:\programas\inpixio photo editor premium v1.7.6278 - ita (16 marzo 2017) (portable)\data\local\stubexe\0x73b57fe2adbe9109\chrome.exe FirewallRules: [UDP Query User{C6F6CE61-D40E-4B6B-B86E-8A3B6FB19728}G:\programas\inpixio photo editor premium v1.7.6278 - ita (16 marzo 2017) (portable)\data\local\stubexe\0x73b57fe2adbe9109\chrome.exe] => (Block) G:\programas\inpixio photo editor premium v1.7.6278 - ita (16 marzo 2017) (portable)\data\local\stubexe\0x73b57fe2adbe9109\chrome.exe FirewallRules: [{DE1CB0E9-C5F4-41CB-8AF8-C5EF485F0D9C}] => (Allow) LPort=5354 FirewallRules: [{F7BCA5AF-054D-4DE9-A7A5-D1ADF6B59D96}] => (Allow) LPort=5354 FirewallRules: [{F6304B30-197C-4EB9-8119-590E7B3172A7}] => (Allow) LPort=5354 FirewallRules: [{58EE6A54-B0A5-42EE-A734-0F4E74EDB5D0}] => (Allow) LPort=5354 FirewallRules: [{A19B41A9-B868-4BAA-8C47-6D9C776A83D6}] => (Allow) LPort=5354 FirewallRules: [{9E280112-58D0-4603-8877-0417691498B7}] => (Allow) LPort=5354 FirewallRules: [{E64DA65F-1D2F-48D2-B9C0-149A9A895DDD}] => (Allow) LPort=5354 FirewallRules: [{D5C686D7-1444-407E-9035-BE4072315651}] => (Allow) LPort=5354 FirewallRules: [{5E0DE753-2F06-4A6D-915A-9D81B5A01016}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe FirewallRules: [{58D8218C-65B5-4F8F-88B3-AD113B8F6B98}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{6378E35D-2B92-41B9-AE5D-63D154C63C4F}] => (Allow) LPort=2869 FirewallRules: [{699BB195-DE50-4003-A684-06F9BA957781}] => (Allow) LPort=1900 FirewallRules: [{F05E0C73-1406-41A5-877B-50F3930DB378}] => (Allow) LPort=54925 FirewallRules: [{F9238894-7382-4AEA-A50D-9D4882849D43}] => (Allow) C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe FirewallRules: [{6B8DAD36-9B8A-4D10-829D-B22AFC6D1D8E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{E3CE6498-4812-49B0-9D7F-7864B62EF9E0}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{1180658A-D6D8-4E32-ACD3-C3D7349BA1D7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{DCA9B14D-1757-4FD5-B6F3-55D0E38A3CAD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{319D2529-9A08-4534-94F9-EB422F2F6EA4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe FirewallRules: [{E25A2093-B722-4173-A0CD-319988C91803}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe FirewallRules: [{02BB4F44-2B1E-49AB-AEC8-B4E03BF12528}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe FirewallRules: [{3D137296-901E-4912-87D3-8680291652E5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe FirewallRules: [{043DDC77-0191-4A27-B646-687D919D07EC}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{38D182BD-9651-4CDF-96CA-6E8C2B268A56}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{1E7B24B7-1080-4459-B9CE-A21BCAAD2948}] => (Allow) C:\Users\Antonio\AppData\Local\Programs\Opera\56.0.3051.104\opera.exe FirewallRules: [{AC984108-E553-4EB5-8DE9-A339AEE7056F}] => (Allow) C:\Users\Antonio\AppData\Local\Programs\Opera\56.0.3051.116\opera.exe FirewallRules: [{E169F9D4-9FAC-4CC6-B85A-BB8038624B5F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{F4247AFB-E48E-4B34-8E94-CDD894A4AAB6}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ==================== Restore Points ========================= 14-12-2018 15:03:53 Punto de control programado 14-12-2018 15:21:03 Windows Update 14-12-2018 15:53:42 Aurora HDR 2018 14-12-2018 15:54:57 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 14-12-2018 15:55:06 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 ==================== Faulty Device Manager Devices ============= Name: X5XSEx_Pr143 Description: X5XSEx_Pr143 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: X5XSEx_Pr143 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (12/18/2018 05:05:04 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema. Error: (12/18/2018 03:39:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: Aurora HDR 2018.exe, versión: 1.2.0.2114, marca de tiempo: 0x5b2a306f Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000 Código de excepción: 0xc0000005 Desplazamiento de errores: 0x0000000000000000 Id. del proceso con errores: 0x6c8 Hora de inicio de la aplicación con errores: 0x01d496df5a4b1265 Ruta de acceso de la aplicación con errores: C:\Program Files\Skylum\Aurora HDR 2018\Aurora HDR 2018.exe Ruta de acceso del módulo con errores: unknown Id. del informe: aab66bf3-02d2-11e9-b72d-5404a60adacd Error: (12/18/2018 03:39:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicación: Aurora HDR 2018.exe Versión de Framework: v4.0.30319 Descripción: el proceso terminó debido a una excepción no controlada. Información de la excepción: System.AccessViolationException en .mipl.miplTearDown() en Aurora.App.OnExit(System.Object, System.Windows.ExitEventArgs) en System.Windows.Application.OnExit(System.Windows.ExitEventArgs) en System.Windows.Application.DoShutdown() en System.Windows.Application.ShutdownImpl() en System.Windows.Application.ShutdownCallback(System.Object) en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) en System.Windows.Threading.DispatcherOperation.InvokeImpl() en MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object) en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) en MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object) en System.Windows.Threading.DispatcherOperation.Invoke() en System.Windows.Threading.Dispatcher.ProcessQueue() en System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) en MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) en MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) en System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) en MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) en MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef) en System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) en System.Windows.Application.RunDispatcher(System.Object) en System.Windows.Application.RunInternal(System.Windows.Window) en Aurora.App.Main() Error: (12/18/2018 01:18:52 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema. Error: (12/17/2018 06:36:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: Aurora HDR 2018.exe, versión: 1.2.0.2114, marca de tiempo: 0x5b2a306f Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000 Código de excepción: 0xc0000005 Desplazamiento de errores: 0x0000000000000000 Id. del proceso con errores: 0xa28 Hora de inicio de la aplicación con errores: 0x01d4962ef72b8db0 Ruta de acceso de la aplicación con errores: C:\Program Files\Skylum\Aurora HDR 2018\Aurora HDR 2018.exe Ruta de acceso del módulo con errores: unknown Id. del informe: 3a4fc1b2-0222-11e9-9f83-5404a60adacd Error: (12/17/2018 06:36:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicación: Aurora HDR 2018.exe Versión de Framework: v4.0.30319 Descripción: el proceso terminó debido a una excepción no controlada. Información de la excepción: System.AccessViolationException en .mipl.miplTearDown() en Aurora.App.OnExit(System.Object, System.Windows.ExitEventArgs) en System.Windows.Application.OnExit(System.Windows.ExitEventArgs) en System.Windows.Application.DoShutdown() en System.Windows.Application.ShutdownImpl() en System.Windows.Application.ShutdownCallback(System.Object) en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) en System.Windows.Threading.DispatcherOperation.InvokeImpl() en MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object) en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) en MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object) en System.Windows.Threading.DispatcherOperation.Invoke() en System.Windows.Threading.Dispatcher.ProcessQueue() en System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) en MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) en MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) en System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) en MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) en MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef) en System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) en System.Windows.Application.RunDispatcher(System.Object) en System.Windows.Application.RunInternal(System.Windows.Window) en Aurora.App.Main() Error: (12/17/2018 06:14:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: Aurora HDR 2018.exe, versión: 1.2.0.2114, marca de tiempo: 0x5b2a306f Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000 Código de excepción: 0xc0000005 Desplazamiento de errores: 0x0000000000000000 Id. del proceso con errores: 0x4a0 Hora de inicio de la aplicación con errores: 0x01d4962bca3632f6 Ruta de acceso de la aplicación con errores: C:\Program Files\Skylum\Aurora HDR 2018\Aurora HDR 2018.exe Ruta de acceso del módulo con errores: unknown Id. del informe: 2d801d60-021f-11e9-9f83-5404a60adacd Error: (12/17/2018 06:14:14 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicación: Aurora HDR 2018.exe Versión de Framework: v4.0.30319 Descripción: el proceso terminó debido a una excepción no controlada. Información de la excepción: System.AccessViolationException en .mipl.miplTearDown() en Aurora.App.OnExit(System.Object, System.Windows.ExitEventArgs) en System.Windows.Application.OnExit(System.Windows.ExitEventArgs) en System.Windows.Application.DoShutdown() en System.Windows.Application.ShutdownImpl() en System.Windows.Application.ShutdownCallback(System.Object) en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) en System.Windows.Threading.DispatcherOperation.InvokeImpl() en MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object) en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) en MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object) en System.Windows.Threading.DispatcherOperation.Invoke() en System.Windows.Threading.Dispatcher.ProcessQueue() en System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) en MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) en MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) en System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) en MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) en MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef) en System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) en System.Windows.Application.RunDispatcher(System.Object) en System.Windows.Application.RunInternal(System.Windows.Window) en Aurora.App.Main() System errors: ============= Error: (12/18/2018 05:05:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: El servicio Superfetch se cerró con el siguiente error: El sistema no puede encontrar el archivo especificado. Error: (12/18/2018 05:05:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: amdkmafd Error: (12/18/2018 05:04:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio X5XSEx_Pr143 no pudo iniciarse debido al siguiente error: El sistema no puede encontrar el archivo especificado. Error: (12/18/2018 05:04:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio Reimage Real Time Protector no pudo iniciarse debido al siguiente error: El sistema no puede encontrar la ruta especificada. Error: (12/18/2018 05:04:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio Service Installer TrueKey no pudo iniciarse debido al siguiente error: El sistema no puede encontrar la ruta especificada. Error: (12/18/2018 05:04:58 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT AUTHORITY) Description: El servicio Programador de tareas no pudo cargar las tareas al inicio del servicio. Datos adicionales: valor del error: 2147549183. Error: (12/18/2018 05:04:58 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT AUTHORITY) Description: El servicio Programador de tareas no pudo cargar las tareas al inicio del servicio. Datos adicionales: valor del error: 2147549183. Error: (12/18/2018 05:04:50 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Se bloqueó la carga de \SystemRoot\SysWow64\Drivers\pfc.SYS por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador. Windows Defender: =================================== Date: 2016-02-24 17:18:43.292 Description: Windows Defender detectó spyware u otro software potencialmente no deseado. Para obtener más información, consulte lo siguiente: http://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/Mizenota&threatid=223449 Nombre:SoftwareBundler:Win32/Mizenota Id.:223449 Gravedad:Alta Categoría:Software que instala varios programas Ruta de acceso encontrada:containerfile:C:\Users\Antonio\Downloads\Peppa Pig Complete Series 1 2 Downloader.7z;file:C:\Users\Antonio\Downloads\Peppa Pig Complete Series 1 2 Downloader.7z->USE PASSWORD - 12345.txt;filelocalcopy:C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{B52F5BE2-D452-4438-90E2-80E0A5D27217}-Peppa Pig Complete Series 1 2 Downloader.7z;webfile:C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{B52F5BE2-D452-4438-90E2-80E0A5D27217}-Peppa Pig Complete Series 1 2 Downloader.7z|http://mymediadownloadsthirtyfive.com/?dmVyc2lvbj0xLjEuNS4yNiZjYW1waWQ9MzY4NyZpbnN0aWRbYXBwbmFtZV09UGVwcGElMjBQaWclMjBDb21wbGV0ZSUyMFNlcmllcyUyMDElMjAyJTIwQW5kJTIwMyUyMDE1OSUyMFNob3dzJTIwRG93bmxvYWRlciZpbnN0aWRbYXBwc2V0dXB1cmxdPWh0dHAlM0ElMkYlMkZmYXN0bWVkaWFkb3dubG9hZHMuY29tJTJGZG93bmxvYWQlMkZQcm9tcHQtRG93bmxvYWRlci0xNDM1NzU3Nzk5LmV4ZSZpbnN0aWRbY21kbGluZV09Jmluc3RpZFthcHBpbWFnZXVybF09aHR0cCUzQSUyRiUyRnByb21wdGRvd25sb2FkZXIuY29tJTJGbG9nby5wbmcmcHJlZml4PVBlcHBhJTIwUGlnJTIwQ29tcGxldGUlMjBTZXJpZXMlMjAxJTIwMiUyMCUyMERvd25sb2FkZXImaW5zdGlkW Tipo de detección:Concreto Origen de detección:Descargas y datos adjuntos Estado:Desconocido Usuario:ANTONIO\Antonio Nombre de proceso:C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Date: 2016-02-24 17:17:52.515 Description: Windows Defender detectó spyware u otro software potencialmente no deseado. Para obtener más información, consulte lo siguiente: http://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/Mizenota&threatid=223449 Nombre:SoftwareBundler:Win32/Mizenota Id.:223449 Gravedad:Alta Categoría:Software que instala varios programas Ruta de acceso encontrada:containerfile:C:\Users\Antonio\Downloads\Peppa Pig Complete Series 1 2 Downloader.7z;file:C:\Users\Antonio\Downloads\Peppa Pig Complete Series 1 2 Downloader.7z->USE PASSWORD - 12345.txt;filelocalcopy:C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{6D9BBD80-6802-4039-89E4-E08EBF1E6CA6}-Peppa Pig Complete Series 1 2 Downloader.7z;webfile:C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{6D9BBD80-6802-4039-89E4-E08EBF1E6CA6}-Peppa Pig Complete Series 1 2 Downloader.7z|http://mymediadownloadsthirtyfive.com/?dmVyc2lvbj0xLjEuNS4yNiZjYW1waWQ9MzY4NyZpbnN0aWRbYXBwbmFtZV09UGVwcGElMjBQaWclMjBDb21wbGV0ZSUyMFNlcmllcyUyMDElMjAyJTIwQW5kJTIwMyUyMDE1OSUyMFNob3dzJTIwRG93bmxvYWRlciZpbnN0aWRbYXBwc2V0dXB1cmxdPWh0dHAlM0ElMkYlMkZmYXN0bWVkaWFkb3dubG9hZHMuY29tJTJGZG93bmxvYWQlMkZQcm9tcHQtRG93bmxvYWRlci0xNDM1NzU3Nzk5LmV4ZSZpbnN0aWRbY21kbGluZV09Jmluc3RpZFthcHBpbWFnZXVybF09aHR0cCUzQSUyRiUyRnByb21wdGRvd25sb2FkZXIuY29tJTJGbG9nby5wbmcmcHJlZml4PVBlcHBhJTIwUGlnJTIwQ29tcGxldGUlMjBTZXJpZXMlMjAxJTIwMiUyMCUyMERvd25sb2FkZXImaW5zdGlkW Tipo de detección:Concreto Origen de detección:Descargas y datos adjuntos Estado:Desconocido Usuario:ANTONIO\Antonio Nombre de proceso:C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Date: 2016-02-23 17:01:29.707 Description: Windows Defender detectó spyware u otro software potencialmente no deseado. Para obtener más información, consulte lo siguiente: http://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/Mizenota&threatid=223449 Nombre:SoftwareBundler:Win32/Mizenota Id.:223449 Gravedad:Alta Categoría:Software que instala varios programas Ruta de acceso encontrada:containerfile:C:\Users\Antonio\Downloads\Peppa Pig Complete Season 2 Downloader.7z;file:C:\Users\Antonio\Downloads\Peppa Pig Complete Season 2 Downloader.7z->USE PASSWORD - 12345.txt;filelocalcopy:C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{325BCD85-CDE6-4852-B1B9-E4C1A3470674}-Peppa Pig Complete Season 2 Downloader.7z;webfile:C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{325BCD85-CDE6-4852-B1B9-E4C1A3470674}-Peppa Pig Complete Season 2 Downloader.7z|http://mymediadownloadsthirtyfive.com/?dmVyc2lvbj0xLjEuNS4yNiZjYW1waWQ9MzY4NyZpbnN0aWRbYXBwbmFtZV09UGVwcGElMjBQaWclMjBDb21wbGV0ZSUyMFNlYXNvbiUyMDIlMjBEb3dubG9hZGVyJmluc3RpZFthcHBzZXR1cHVybF09aHR0cCUzQSUyRiUyRmZhc3RtZWRpYWRvd25sb2Fkcy5jb20lMkZkb3dubG9hZCUyRlByb21wdC1Eb3dubG9hZGVyLTExNjU5OTUyMTYuZXhlJmluc3RpZFtjbWRsaW5lXT0maW5zdGlkW2FwcGltYWdldXJsXT1odHRwJTNBJTJGJTJGcHJvbXB0ZG93bmxvYWRlci5jb20lMkZsb2dvLnBuZyZwcmVmaXg9UGVwcGElMjBQaWclMjBDb21wbGV0ZSUyMFNlYXNvbiUyMDIlMjBEb3dubG9hZGVyJmluc3RpZFtpbnRlcnJ1cHRlZF09aHR0cCUzQSUyRiUyRnByb21wdGRvd25sb2FkZXIuY Tipo de detección:Concreto Origen de detección:Descargas y datos adjuntos Estado:Desconocido Usuario:ANTONIO\Antonio Nombre de proceso:C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Date: 2015-08-13 03:29:46.289 Description: El examen de Windows Defender se detuvo antes de completarse. Id. de examen:{190AA9E4-C854-4508-81E5-BE8EFAFF64B3} Tipo de examen:AntiSpyware Parámetros de examen:Examen rápido Usuario:NT AUTHORITY\Servicio de red Date: 2015-02-19 05:49:29.541 Description: Windows Defender detectó spyware u otro software potencialmente no deseado. Para obtener más información, consulte lo siguiente: http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/KipodToolsCby&threatid=207199 Nombre:BrowserModifier:Win32/KipodToolsCby Id.:207199 Gravedad:Alta Categoría:Modificador de explorador Ruta de acceso encontrada:clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{066F86D8-D35A-48FB-85D6-1A203DAE80F2};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{0F8B624E-49E8-4597-A4A7-5348DCAADD32};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{108BD590-972F-4522-B436-01F29D3FF0BF};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{1D45275A-BC14-4895-A248-BD29203C246F};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{31315407-D66C-4425-A652-5BCC67B28E1C};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{37CFB851-58F0-4B15-9CF3-1D37DB676D77};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{3CE9D5BD-A8E3-4E9B-9400-CE689BA79A3E};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{410112FD-9BAA-47A6-8498-567207484756};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{4C15F2BD-08B2-4363-B81C-BF7ECD1A221A};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{5BE733B3-9159-4713-9274-CCF46A4C4077};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{6247EC17-5617-472B-8C0D-A35C8B63E47D};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{97F44E1A-A58A-453C-B38E-E1F6E90D76F3};cls Tipo de detección:Concreto Origen de detección:Sistema Estado:Desconocido Usuario:NT AUTHORITY\Servicio de red Nombre de proceso:c:\program files\windows defender\MpCmdRun.exe Date: 2016-07-30 10:31:47.548 Description: Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas. Firmas intentadas:Actual Código de error:0x80070002 Descripción de error:El sistema no puede encontrar el archivo especificado. Versión de firma:0.0.0.0 Versión de motor:0.0.0.0 Date: 2016-07-30 10:31:47.532 Description: Windows Defender encontró un error al intentar actualizar las firmas. Nueva versión de firma:1.203.2523.0 Versión de firma anterior: Origen de actualización:Carpeta de actualizaciones de firmas Tipo de firma:AntiSpyware Tipo de actualización:Completa Usuario:NT AUTHORITY\SYSTEM Versión de motor actual:1.1.8403.0 Versión de motor anterior: Código de error:0x80070666 Descripción de error:Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. Date: 2016-07-30 10:31:47.532 Description: Windows Defender encontró un error al intentar actualizar el motor. Nueva versión de motor:1.1.8403.0 Versión de motor anterior: Origen de actualización:Carpeta de actualizaciones de firmas Usuario:NT AUTHORITY\SYSTEM Código de error:0x80070666 Descripción de error:Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. Date: 2016-02-25 16:11:47.409 Description: Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas. Firmas intentadas:Actual Código de error:0x80070002 Descripción de error:El sistema no puede encontrar el archivo especificado. Versión de firma:0.0.0.0 Versión de motor:0.0.0.0 Date: 2016-02-25 16:11:47.394 Description: Windows Defender encontró un error al intentar actualizar las firmas. Nueva versión de firma:1.203.2523.0 Versión de firma anterior: Origen de actualización:Carpeta de actualizaciones de firmas Tipo de firma:AntiSpyware Tipo de actualización:Completa Usuario:NT AUTHORITY\SYSTEM Versión de motor actual:1.1.8403.0 Versión de motor anterior: Código de error:0x80070666 Descripción de error:Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. CodeIntegrity: =================================== Date: 2016-09-08 16:12:08.034 Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema. Date: 2016-09-08 16:11:13.994 Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema. Date: 2016-09-08 16:11:13.963 Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema. Date: 2016-09-07 16:04:10.339 Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema. Date: 2016-09-07 16:03:38.698 Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema. Date: 2016-09-07 16:03:38.651 Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema. Date: 2016-09-06 16:29:54.800 Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema. Date: 2016-09-06 16:29:31.947 Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz Percentage of memory in use: 18% Total physical RAM: 16366.3 MB Available physical RAM: 13394.93 MB Total Virtual: 34790.49 MB Available Virtual: 32176.99 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:226.64 GB) (Free:17.74 GB) NTFS Drive e: (DATOS) (Fixed) (Total:931.51 GB) (Free:34.45 GB) NTFS Drive f: () (Fixed) (Total:0.59 GB) (Free:0.56 GB) NTFS ==>[system with boot components (obtained from drive)] Drive g: () (Fixed) (Total:232.79 GB) (Free:16.25 GB) NTFS Drive i: (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[system with boot components (obtained from drive)] Drive k: () (Fixed) (Total:5.66 GB) (Free:2.19 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: FCBF2C8B) Partition 1: (Active) - (Size=600 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=226.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=5.7 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: A73A6717) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 14E514E5) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================