Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.02.2019 02 Ran by Zergiomp (22-02-2019 12:09:31) Running from G:\Zergiomp\Descargas Windows 7 Home Premium Service Pack 1 (X64) (2018-12-05 12:30:30) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-1829066510-2516727013-3389263464-500 - Administrator - Disabled) HomeGroupUser$ (S-1-5-21-1829066510-2516727013-3389263464-1009 - Limited - Enabled) Invitado (S-1-5-21-1829066510-2516727013-3389263464-501 - Limited - Enabled) => C:\Users\Invitado Proyecto SEO TSA (S-1-5-21-1829066510-2516727013-3389263464-1007 - Administrator - Enabled) => C:\Users\Proyecto SEO TSA Zergiomp (S-1-5-21-1829066510-2516727013-3389263464-1000 - Administrator - Enabled) => C:\Users\Zergiomp ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Kaspersky Internet Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8} AS: Kaspersky Internet Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1829066510-2516727013-3389263464-1000\...\uTorrent) (Version: 3.5.4.44632 - BitTorrent Inc.) Ace Stream Media 3.1.32 (HKU\S-1-5-21-1829066510-2516727013-3389263464-1000\...\AceStream) (Version: 3.1.32 - Ace Stream Media) <==== ATTENTION Actualización de NVIDIA 35.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 35.0.0.0 - NVIDIA Corporation) Hidden Adobe After Effects CC 2015.3 (HKLM-x32\...\AEFT_13_8_0) (Version: 13.8.0 - Adobe Systems Incorporated) Adobe Audition CC 2015.2 (HKLM-x32\...\AUDT_9_2_0) (Version: 9.2.0 - Adobe Systems Incorporated) Adobe Bridge CC 2015 (HKLM-x32\...\KBRG_6_3) (Version: 6.3 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated) Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.142 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated) Adobe Illustrator CC 2015.3 (HKLM-x32\...\ILST_20_0_0) (Version: 20.0.0 - Adobe Systems Incorporated) Adobe InCopy CC 2015 (HKLM-x32\...\{9EF1DB49-6D32-1014-93B7-EB62FA572532}) (Version: 11.4.0.090 - Adobe Systems Incorporated) Adobe InDesign CC 2015 (HKLM-x32\...\{DBFD0312-6E55-1014-8952-E78D43BC0147}) (Version: 11.4.0.090 - Adobe Systems Incorporated) Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.6.1 - Adobe Systems Incorporated) Adobe Media Encoder CC 2015.3 (HKLM-x32\...\AME_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated) Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0) (Version: 17.0.0 - Adobe Systems Incorporated) Adobe Prelude CC 2015 (HKLM-x32\...\{4D911A81-7146-470C-A48F-98479255251C}) (Version: 4.0.0 - Adobe Systems Incorporated) Adobe Prelude CC 2015.4 (HKLM-x32\...\PRLD_5_0_0) (Version: 5.0.0 - Adobe Systems Incorporated) Adobe Premiere Pro CC 2015.3 (HKLM-x32\...\PPRO_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated) Adobe Scout CC (HKLM\...\{BA573BFE-83B4-11E3-93D2-D231FEB1DC81}) (Version: 1.1.3.354121 - Adobe Systems Incorporated) Adobe SpeedGrade CC 2015 (HKLM-x32\...\{8FD7F1DB-7355-469E-A3F2-2118148D8477}) (Version: 9.1.0 - Adobe Systems Incorporated) Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.72 - Hulubulu Software) AOMEI Partition Assistant Standard Edition 6.3 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.) Apple Application Support (32 bits) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.) Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.) AR8171 Driver Installation (HKLM-x32\...\{1E672F6A-B698-48A2-AE8C-427F97AF8F0E}) (Version: 1.0.0.28 - Rivet Networks) AR8171 Drivers (HKLM\...\{AC937267-F287-4B31-89E3-70C978366D87}) (Version: 1.0.0.28 - Rivet Networks) Hidden AutoFirma (HKLM-x32\...\AutoFirma) (Version: 1.6.3 - Gobierno de España) Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1508.1001 - Micro-Star International Co., Ltd.) Hidden Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1508.1001 - Micro-Star International Co., Ltd.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC) BOINC (HKLM\...\{B3B5C017-61CD-4587-9FA8-7E5E2D94810E}) (Version: 7.6.22 - Space Sciences Laboratory, U.C. Berkeley) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Brother MFL-Pro Suite DCP-1610W series (HKLM-x32\...\{75E38F04-1BAF-4054-A059-57F831688943}) (Version: 1.0.2.0 - Brother Industries, Ltd.) calibre (HKLM-x32\...\{133AA70C-DB58-48DB-90AE-3A7033C896A7}) (Version: 3.39.1 - Kovid Goyal) CCleaner (HKLM\...\CCleaner) (Version: 5.49 - Piriform) Configurador_FNMT (HKLM-x32\...\{438D4C4C-B703-4971-9C3D-33FF8A010ADB}) (Version: 3.7 - FNMT-RCM) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0190 - Disc Soft Ltd) Desinstalar impresora EPSON SX218 Series (HKLM\...\EPSON SX218 Series) (Version: - SEIKO EPSON Corporation) Diskeeper 16 (HKLM\...\{24CA6BF3-C7E2-4E11-9009-A0A34B97413E}) (Version: 19.0.1214.64 - Condusiv Technologies) DiskInternals Linux Reader (HKLM-x32\...\DiskInternals Linux Reader) (Version: 3.0.0.0 - DiskInternals Research) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 418.91 - NVIDIA Corporation) Hidden Dragon Gaming Center (HKLM-x32\...\{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 1.0.1501.2801 - Micro-Star International Co., Ltd.) Hidden Dragon Gaming Center (HKLM-x32\...\InstallShield_{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 1.0.1501.2801 - Micro-Star International Co., Ltd.) Football Manager 2019 MULTi18 - ElAmigos versión 19.1.1 (HKLM-x32\...\{3F1B9592-8FF4-408E-9FED-E5F77317E1BF}_is1) (Version: 19.1.1 - SEGA) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden HandBrake 1.1.0 (HKLM-x32\...\HandBrake) (Version: 1.1.0 - ) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1169 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4565 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.7.0.1000 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.2.42 - Intel Corporation) Intel(R) Wireless Bluetooth(R)(patch version 18.1.1546.2762) (HKLM\...\{302600C1-6BDF-4FD1-1510-148929CC1385}) (Version: 18.1.1510.0550 - Intel Corporation) iTunes (HKLM\...\{1E67C4CA-3AF5-4503-A65A-F52EAC07EEA6}) (Version: 12.9.3.3 - Apple Inc.) JDownloader 2 (HKLM\...\jdownloader2-1) (Version: 2.0 - AppWork GmbH) Kaspersky Internet Security (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Loaris Trojan Remover 3.0.74 (HKLM\...\{29988DC6-9C4A-49B2-AC86-5C380B29ADB9}_is1) (Version: 3.0.74 - Loaris, LLC.) McAfee True Key (HKLM\...\TrueKey) (Version: 5.2.167.1 - McAfee, LLC) MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Mi PC Suite (HKU\S-1-5-21-1829066510-2516727013-3389263464-1000\...\MiPhoneManager) (Version: - Xiaomi Inc.) Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\Proplus2019Retail - es-es) (Version: 16.0.11029.20079 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1829066510-2516727013-3389263464-1000\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation) Microsoft Project Professional 2019 - es-es (HKLM\...\ProjectPro2019Retail - es-es) (Version: 16.0.11029.20079 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Visio Professional 2019 - es-es (HKLM\...\VisioPro2019Retail - es-es) (Version: 16.0.11029.20079 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Mozilla Firefox 65.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 65.0.1 (x64 es-ES)) (Version: 65.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0 - Mozilla) Mp3tag v2.79 (HKLM-x32\...\Mp3tag) (Version: v2.79 - Florian Heidenreich) Nero 2018 (HKLM-x32\...\{5637174D-25C6-4815-93CD-AD18561D4E7C}) (Version: 19.0.07300 - Nero AG) Nitro Pro 10 (HKLM\...\{88267846-6F04-424D-BB76-BDDEC9A92B66}) (Version: 10.5.8.44 - Nitro) NMSDVDX64 v1.1 (HKLM\...\{49C4A807-A535-4E85-BD6D-5A7803473CA3}) (Version: 1.01.0001 - FOTOPRIX) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.13 - NVIDIA Corporation) Hidden NVIDIA Controlador de gráficos 418.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 418.91 - NVIDIA Corporation) NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation) NVIDIA Software del sistema PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden Panel de control de NVIDIA 418.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 418.91 - NVIDIA Corporation) Hidden Paquete de controladores de Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.) Paquete de controladores de Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.) Pillars of Eternity MULTi7 - ElAmigos versión 3.07.1318 (HKLM-x32\...\{DC9805B8-5E00-49BB-8E09-A5CB85F19102}_is1) (Version: 3.07.1318 - Paradox Interactive) Plex Media Server (HKLM-x32\...\{6d7fe5a0-cecb-4bb9-88f0-fef90aa02f9a}) (Version: 1.13.9.5456 - Plex, Inc.) Plex Media Server (HKLM-x32\...\{D3D8D681-AF07-4212-BA66-AA70B7999E8C}) (Version: 1.13.9456 - Plex, Inc.) Hidden PuTTY release 0.68 (64-bit) (HKLM\...\{DB149DDE-903A-4B5E-93C4-46BBEC48F0C2}) (Version: 0.68.0.0 - Simon Tatham) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7885 - Realtek Semiconductor Corp.) Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.) SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association) SecureW2 Enterprise Client 3.5.16 (HKLM-x32\...\SecureW2 Enterprise Client) (Version: - ) Skype versión 8.39 (HKLM-x32\...\Skype_is1) (Version: 8.39 - Skype Technologies S.A.) Software Intel® PROSet/Wireless (HKLM-x32\...\{a2733506-e526-4bae-bc12-b2d37e2016ec}) (Version: 18.30.0 - Intel Corporation) Software para dispositivos de chipset Intel® (HKLM-x32\...\{d4874f67-8c81-475b-91e0-8de9b2892499}) (Version: 10.1.1.12 - Intel(R) Corporation) Hidden Spotify (HKU\S-1-5-21-1829066510-2516727013-3389263464-1000\...\Spotify) (Version: 1.0.94.262.g3d5c231c - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stopping Plex (HKLM-x32\...\{379E74EF-C9E3-4524-8DD8-11DB443FB6F0}) (Version: 1.13.9456 - Plex, Inc.) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.22.0 - Synaptics Incorporated) TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.132598 - TeamViewer) TunesKit Spotify Converter 1.3.3.201 (HKLM-x32\...\TunesKit Spotify Converter_is1) (Version: - TunesKit, Inc.) TunnelBear (HKLM-x32\...\{693db617-0257-4879-8172-50b0f6e53f78}) (Version: 3.7.4.2 - TunnelBear) TunnelBear (HKLM-x32\...\{ED57B22A-F70F-4176-A663-F1CE57D9A950}) (Version: 3.7.4.2 - TunnelBear) Hidden Tyranny Overlord Edition MULTi6 - ElAmigos versión 1.2.1.0160 (HKLM-x32\...\{85C0DE93-80FF-498C-A93E-0829C0D3F24B}_is1) (Version: 1.2.1.0160 - Paradox Interactive) Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod) Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod) VASSAL (3.2.17) (HKLM\...\VASSAL (3.2.17)) (Version: 3.2.17 - vassalengine.org) VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN) Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) WebM Project Directshow Filters (HKU\S-1-5-21-1829066510-2516727013-3389263464-1000\...\webmdshow) (Version: 1.0.4.1 - WebM Project) Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers) WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare) XiaoMiFlash (HKLM-x32\...\{17027A8C-4379-424D-9236-075003273CE3}) (Version: 1.1.4 - XiaoMi) Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1829066510-2516727013-3389263464-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Zergiomp\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Zergiomp\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Zergiomp\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Zergiomp\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Zergiomp\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Zergiomp\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> ) ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2019-02-18] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers1: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2019-01-08] () ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Zergiomp\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2016-09-24] (Florian Heidenreich) ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro 10\NPShellExtension.dll [2016-03-03] (Nitro Software, Inc. -> Nitro PDF) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2019-02-18] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers2: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2019-01-08] () ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Zergiomp\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2016-09-24] (Florian Heidenreich) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Zergiomp\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2019-02-18] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers4: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2019-01-08] () ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Zergiomp\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2016-09-24] (Florian Heidenreich) ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-02-06] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> ) ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2019-02-18] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers6: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2019-01-08] () ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {06F1B20D-A79B-47A2-9BD7-935948139624} - System32\Tasks\MSI_Dragon Gaming Center => C:\Program Files (x86)\MSI\Dragon Gaming Center\mDispatch.exe (MICRO-STAR INTERNATIONAL CO., LTD -> TODO: <公司名稱>) [File not signed] Task: {088B3E6C-E09A-42D5-A53B-8DD29B53015C} - System32\Tasks\SecureW2 Task => C:\Program Files (x86)\SecureW2\sw2_tray.exe (SecureW2 -> SecureW2 B.V.) Task: {095C7828-4912-40CC-A544-0B791BABD3C1} - System32\Tasks\AdobeGCInvoker-1.0-Zergiomp-PC-Proyecto SEO TSA => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated) Task: {0ADA23B2-8137-47A4-A83D-53C627F78175} - System32\Tasks\Copia seguridad a Dropbox => C:\Users\Zergiomp\Desktop\Copiar todo a Dropbox.bat Task: {159EDF6D-2340-4751-8160-A8DD92F3FE6E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation) Task: {1693AE2C-8780-4E86-838C-33028938571C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {1F5A7D70-4A1C-4D1D-9CEE-F1DDC4AB0C4B} - System32\Tasks\Driver Booster SkipUAC (Zergiomp) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe Task: {237422E1-4155-482C-ABD9-5CF341A99805} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation) Task: {2CF96E05-C67B-4682-84B8-183A4A2AFB28} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation) Task: {2E9DBB00-0BBD-4E5D-A79C-1C596236938D} - System32\Tasks\AdobeGCInvoker-1.0-Zergiomp-PC-Zergiomp => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated) Task: {2F72FB46-F316-42CE-8A92-B482B989F6A8} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe Task: {303C9651-243A-4EAD-B8B8-96CDC8EB2FCB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation) Task: {33EDE567-19CC-4709-8D1E-980995109D6C} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {3A7FE764-9DD4-4FD1-B343-EB3C8ABD1512} - System32\Tasks\AdobeAAMUpdater-1.0-Zergiomp-PC-Zergiomp => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {40951C49-8A29-4D12-9FCA-497B6A0A960B} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe Task: {428FF5ED-7556-4988-BB5E-00F32AA37508} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation) Task: {54A03897-2A9F-4B90-BC61-4CEEFD5B1FA5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation) Task: {5CDDB998-B192-46BB-89B7-A4092379AFCA} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1829066510-2516727013-3389263464-1000 => C:\Users\Zergiomp\AppData\Local\MEGAsync\MEGAupdater.exe (Mega Limited -> Mega Limited) Task: {76C38B3D-08B6-4A81-8FCC-CDC20125612F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) Task: {7B289FB0-6CF9-408E-9CD4-DD4200CF4BE0} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {7F8578E5-B3AF-401E-9C6B-C4A939317B69} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {92C241B5-64FC-4858-995C-D2CB12BC6EEB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\AVAST Software\Avast\setup\overseer.exe Task: {9D1D5115-4F60-475B-B79F-17704BD89D5B} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {A057E7BA-AF5F-4E1F-975B-FC32EBFC63DE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd) Task: {B0BA3701-787E-4AB1-8B30-8F0E9249A691} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {B3B6133F-067E-4A37-B4B2-7015ABC53345} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {B48D9435-AFD4-47D3-9A26-2EA3E3AA4888} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {B85BD3C1-B241-4CF9-A086-69C01D8D7F89} - System32\Tasks\{18B9199D-24A0-467E-8CB9-9E2AFCE3BDAA} => "c:\program files\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=installer&ver=7.27.80.101&LastError=-9 Task: {C2260351-A687-43E2-BF40-FB8193E24B90} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {C2C6BF72-43C6-49C0-9235-9FCBBD507EBE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation) Task: {C67EC604-696F-43D1-B403-C623D62DEECE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {C6B93EED-2D94-405F-BF89-2C2AAD2152CF} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe Task: {C8252E96-6BD3-4B31-B9E1-BE5AAC02DFB7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {C9F4B72E-B3B7-411B-BF09-034E77AA4093} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation) Task: {CEEE5683-BC50-4E87-8A0D-EA2216300E7F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {D7697A24-38EA-469F-9198-936A751CD9FF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {DC3E0A45-8EF8-4EC9-ACFB-00FA50C25714} - System32\Tasks\{30A21F74-AC07-4B59-BE42-AF8EDC4778D6} => C:\GOG Games\Star Wars - KotOR\swkotor.exe Task: {F43E1013-BBA7-497D-9AD0-39982F450E96} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {FA93F1EE-0BCB-4E6A-A62B-C57569598D0A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {FD0EB414-1E37-400A-8E3F-F7365401BADE} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ==================== Loaded Modules (Whitelisted) ============== 2019-01-15 01:27 - 2019-01-15 01:27 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2019-01-15 01:28 - 2019-01-15 01:28 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-03-03 15:31 - 2016-03-03 15:31 - 000417944 _____ () C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe 2016-03-03 15:30 - 2016-03-03 15:30 - 002546840 _____ () C:\Program Files\Nitro\Pro 10\Nitro_KissMetrics.dll 2009-01-12 07:15 - 2009-01-12 07:15 - 000082872 _____ () C:\Windows\SysWOW64\NMSAccess64.exe 2019-02-15 21:31 - 2019-01-30 21:17 - 001315208 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-05-02 03:40 - 2019-02-08 15:42 - 000030416 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2017-10-18 22:51 - 2017-10-18 22:51 - 000598528 _____ () C:\Users\Zergiomp\AppData\Local\MEGAsync\ShellExtX64.dll 2016-10-25 09:57 - 2016-10-25 09:57 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2019-02-16 09:47 - 2019-01-08 18:08 - 001801728 _____ () C:\Program Files\Loaris Trojan Remover\shellext.dll 2019-02-15 21:31 - 2019-01-30 21:17 - 101252488 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll 2019-02-15 21:31 - 2019-01-30 21:17 - 002673544 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll 2019-02-15 21:31 - 2019-01-30 21:17 - 000139144 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll 2014-01-22 09:44 - 2014-01-22 09:44 - 000075912 _____ () C:\Program Files (x86)\MSI\Dragon Gaming Center\WinIo64.dll 2018-12-11 19:18 - 2018-12-11 19:18 - 008984664 _____ () C:\Program Files\Microsoft Office\root\Office16\3082\GrooveIntlResource.dll 2016-11-09 15:33 - 2016-11-09 15:33 - 000637952 _____ () C:\Program Files\Condusiv Technologies\Diskeeper\boost_log-vc110-mt-1_54.dll 2016-11-09 15:33 - 2016-11-09 15:33 - 000019456 _____ () C:\Program Files\Condusiv Technologies\Diskeeper\boost_system-vc110-mt-1_54.dll 2016-11-09 15:33 - 2016-11-09 15:33 - 000028672 _____ () C:\Program Files\Condusiv Technologies\Diskeeper\boost_chrono-vc110-mt-1_54.dll 2016-11-09 15:33 - 2016-11-09 15:33 - 000050176 _____ () C:\Program Files\Condusiv Technologies\Diskeeper\boost_date_time-vc110-mt-1_54.dll 2016-11-09 15:33 - 2016-11-09 15:33 - 000116224 _____ () C:\Program Files\Condusiv Technologies\Diskeeper\boost_filesystem-vc110-mt-1_54.dll 2016-11-09 15:33 - 2016-11-09 15:33 - 000098304 _____ () C:\Program Files\Condusiv Technologies\Diskeeper\boost_thread-vc110-mt-1_54.dll 2019-02-18 11:56 - 2019-02-18 11:56 - 000864112 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\kpcengine.2.3.dll 2018-10-30 09:36 - 2018-10-30 09:36 - 000083432 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll 2018-10-30 09:36 - 2018-10-30 09:36 - 000203240 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll 2019-02-04 10:01 - 2019-02-04 10:01 - 000030720 _____ () C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.Wrapper.dll 2019-02-04 10:02 - 2019-02-04 10:02 - 000167424 _____ () C:\Program Files (x86)\TunnelBear\TunnelBear.VigilantBear.Wrapper.dll 2017-05-02 03:40 - 2019-02-08 15:42 - 000029792 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2019-02-15 21:31 - 2019-01-30 21:17 - 001033096 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2015-09-18 22:34 - 2015-09-18 22:34 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-1829066510-2516727013-3389263464-1000\...\fnmt.es -> hxxp://fnmt.es IE trusted site: HKU\S-1-5-21-1829066510-2516727013-3389263464-1000\...\fnmt.es -> hxxps://fnmt.es IE trusted site: HKU\S-1-5-21-1829066510-2516727013-3389263464-1000\...\fnmt.gob.es -> hxxp://fnmt.gob.es ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2019-02-22 12:03 - 000000171 _____ C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 edf.eset.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Calibre2\;C:\adbFastBoot;C:\Program Files\PuTTY\;C:\Program Files\Condusiv Technologies\Diskeeper\TCE\;C:\PROGRA~1\CONDUS~1\DISKEE~1\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\AutoFirma\AutoFirma;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common HKU\S-1-5-21-1829066510-2516727013-3389263464-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Zergiomp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RocketDock.lnk => C:\Windows\pss\RocketDock.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Zergiomp^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup MSCONFIG\startupfolder: C:^Users^Zergiomp^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Enviar a OneNote.lnk => C:\Windows\pss\Enviar a OneNote.lnk.Startup MSCONFIG\startupfolder: C:^Users^Zergiomp^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup MSCONFIG\startupfolder: C:^Users^Zergiomp^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PdaNet Desktop.lnk => C:\Windows\pss\PdaNet Desktop.lnk.Startup MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe" MSCONFIG\startupreg: Adobe Acrobat Synchronizer => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe" MSCONFIG\startupreg: boincmgr => "C:\Program Files\BOINC\boincmgr.exe" /a /s MSCONFIG\startupreg: boinctray => "C:\Program Files\BOINC\boinctray.exe" MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: EPSON SX218 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE /FU "C:\Windows\TEMP\E_S6C2B.tmp" /EF "HKCU" MSCONFIG\startupreg: EZBlocker => "C:\Users\Zergiomp\AppData\Roaming\Spotify\EZBlocker.exe" MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: KakaoTalk => "C:\Program Files (x86)\Kakao\KakaoTalk\KakaoTalk.exe" -bystartup MSCONFIG\startupreg: Lync => "C:\Program Files\Microsoft Office\root\Office16\lync.exe" /fromrunkey MSCONFIG\startupreg: MiPhoneManager => "C:\Users\Zergiomp\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe" MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: Plex Media Server => "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe" MSCONFIG\startupreg: SecureW2 Tray => C:\Program Files (x86)\SecureW2\sw2_tray.exe MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Spotify => C:\Users\Zergiomp\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Zergiomp\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" MSCONFIG\startupreg: vmware-tray.exe => "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe" MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{0B5A48E6-F78C-4775-B093-7A6D02503B37}] => (Allow) C:\Users\Zergiomp\AppData\Roaming\ACEStream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies) FirewallRules: [{6DC192B6-0A38-485A-B68B-DC56BC9707FA}] => (Allow) C:\Users\Zergiomp\AppData\Roaming\ACEStream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies) FirewallRules: [{1EF85593-C97D-4912-B43A-D487869B8A40}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{2EDEBA92-5821-4098-A9B3-1417AB05D428}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{1D69FD11-58D7-439B-AE99-C0A398F92C3E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{169A7424-B24C-4B0B-A8AE-1748868EA37E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{A9C585F0-15D3-40FF-AF47-076713C40452}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{2EA22098-E88C-4CEB-B532-4DA83BE03DCD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{09822163-DB28-42FE-A4B6-BC44E7610CA2}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc -> Plex) FirewallRules: [{2A833996-6177-4361-9380-1C43592B4F91}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc -> Plex, Inc.) FirewallRules: [{EF4EE1F3-1931-4403-BCA7-7140B25EE5E4}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc -> Python Software Foundation) FirewallRules: [{E06A9BD4-EB86-47A5-8212-25F822343ADD}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc -> Plex, Inc.) FirewallRules: [{3B4BAEC8-26C5-46AD-B8F9-05647374FE1C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{34657DCB-D670-479C-B734-111F43DD94B3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{3E83CE19-DC96-4A24-AAA3-870157CB7EDC}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero Burning ROM\nero.exe (Nero AG -> Nero AG) FirewallRules: [{5F766929-A4C7-4304-BFF2-08FCEDC8E0F9}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero Burning ROM\StartNBR.exe (Nero AG -> Nero AG) FirewallRules: [{CA89A136-E109-465D-AF6F-8575DE6A3A3D}] => (Allow) LPort=1688 FirewallRules: [{F2CFB3AA-BF53-4913-9512-D88BDC3B5896}] => (Allow) LPort=1688 FirewallRules: [{581E03F5-B0D9-4784-8A4A-F7FFB179E8B0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{01777C94-7B63-4672-BE09-A49F617B77AD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{8AECE9C7-23BD-4184-AA78-FB5E2A286296}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{67A0C660-EF69-4482-A15D-1E7CCF49D280}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{382FB870-4A77-446B-A217-9B6F54D42E19}] => (Allow) C:\Users\Zergiomp\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{CE1D2229-F17A-4F2B-82CF-5B92F9575350}] => (Allow) C:\Users\Zergiomp\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{3E6BA987-F4A2-437B-96B9-16BB657F91D2}] => (Allow) C:\Users\Zergiomp\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{152C1D04-297F-4596-9D8C-9FAFEE671CAD}] => (Allow) C:\Users\Zergiomp\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{60363BC4-41B2-411E-8AF1-475B2C37BB3E}] => (Allow) C:\Users\Zergiomp\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{4644FAD8-2615-49F9-988A-4605724D3B7B}] => (Allow) C:\Users\Zergiomp\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{5BB1494F-7C6E-4C12-83C6-11A488A8D85C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{C76744F9-B9B8-4840-826C-0D6D9B62E6F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{55D7A487-B9D4-4640-8040-22BCD7E1AC1B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{BA9B72D6-D25B-4FFF-B3C4-3C3DA011DC66}] => (Allow) C:\Users\Zergiomp\AppData\Local\MiPhoneManager\main\MiPCSuite.exe (Xiaomi Technology Inc -> Xiaomi.Inc) FirewallRules: [{837EB513-5CD6-44F3-806A-D8A18B786FC2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{D268E147-DB50-40A7-9662-CA66D809F981}] => (Allow) C:\Program Files\Condusiv Technologies\Diskeeper\DKService.exe (CONDUSIV TECHNOLOGIES -> Condusiv Technologies) FirewallRules: [{449D7487-CB3A-4B6A-B28C-FC67E1146B8C}] => (Allow) C:\Program Files\Condusiv Technologies\Diskeeper\DKService.exe (CONDUSIV TECHNOLOGIES -> Condusiv Technologies) FirewallRules: [{AD13F027-7884-47E6-82CE-0C580422CEF3}] => (Allow) E:\RouterSetup\QISWizard.exe No File FirewallRules: [{A70F044C-91EC-4016-A308-58975DA304B3}] => (Allow) E:\RouterSetup\QISWizard.exe No File FirewallRules: [{5ADCA900-241E-4642-93C1-752D2A4E2AFC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{1D025777-041F-430E-8AE8-3E4C4CB61343}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{758D6ADF-EE26-4858-82DB-456C5D1F2981}] => (Allow) LPort=54925 FirewallRules: [TCP Query User{5EEC37CD-6CBB-4FED-AADF-8C31CAB8EE60}C:\users\zergiomp\appdata\roaming\acestream\engine\ace_engine.exe] => (Block) C:\users\zergiomp\appdata\roaming\acestream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies) FirewallRules: [UDP Query User{69ABF42E-3BCE-4675-B384-F6A257191395}C:\users\zergiomp\appdata\roaming\acestream\engine\ace_engine.exe] => (Block) C:\users\zergiomp\appdata\roaming\acestream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies) FirewallRules: [{92411164-6DE9-404B-BD6D-69C077C016CB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C6E58990-96FA-4470-8233-4845AD4CBBF7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{742AC61E-04D4-496F-AB9F-55FB6B92A21C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9913E201-F438-454D-BC8A-C8A2FBA19542}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{54F0697D-203B-446A-8A93-2E4598BEAEFD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{8803B57F-F474-4E8E-863C-1D7E6AF29E3C}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe () FirewallRules: [UDP Query User{71B41241-550A-44DE-A0DF-71DC9E7924E6}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe () FirewallRules: [TCP Query User{70FD521C-AD37-4E69-A114-4C51F3BAF44D}G:\zergiomp\descargas\ts.v11.0.1.lan-pcmymjuegos\ts.v11.0.1.lan-pcmymjuegos\pcmymjuegos\tabletop simulator.exe] => (Allow) G:\zergiomp\descargas\ts.v11.0.1.lan-pcmymjuegos\ts.v11.0.1.lan-pcmymjuegos\pcmymjuegos\tabletop simulator.exe () FirewallRules: [UDP Query User{36669DCA-2C5B-4820-A076-8451120F1EE1}G:\zergiomp\descargas\ts.v11.0.1.lan-pcmymjuegos\ts.v11.0.1.lan-pcmymjuegos\pcmymjuegos\tabletop simulator.exe] => (Allow) G:\zergiomp\descargas\ts.v11.0.1.lan-pcmymjuegos\ts.v11.0.1.lan-pcmymjuegos\pcmymjuegos\tabletop simulator.exe () FirewallRules: [TCP Query User{7214B091-8DC4-4880-B0E7-4A4D4481434E}C:\games\football manager 2019\fm.exe] => (Allow) C:\games\football manager 2019\fm.exe (Sports Interactive) FirewallRules: [UDP Query User{87E782F6-AECB-49F9-9C27-AA48F1E6DAC3}C:\games\football manager 2019\fm.exe] => (Allow) C:\games\football manager 2019\fm.exe (Sports Interactive) FirewallRules: [{4D883F05-A7E5-441A-941A-EC67BFB79FBA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{302679E7-82F1-4CD3-9758-E15CA6F4781D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{B48D1246-66C6-4B50-B41A-CEB4EC8BBE1C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{0FD2C909-0B2D-485B-B832-B1F31CEA0F19}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{60584290-CF93-4048-859B-4AD6F7DB1861}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{6EEEF868-EABB-429A-A9B2-EBD3E71050DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{3429CD1A-6F0F-4DDF-83B9-509D8B411F78}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{2CC874E1-91C9-4216-8653-DAACF0B4A6D8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{B418414A-915C-4F17-B24C-0BC37BB9F886}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{3CDE8340-86C0-498F-8F19-B2BEA69BD708}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{732E1317-C05E-42AD-B9CD-69DD4A934BAD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{C69E2286-E6DB-4DEE-8423-144CD577F724}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{9875795E-2D50-453C-9CD0-A6E16EA8908C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{FF0FA595-1B0C-4E88-9243-F1663A0C0BBB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) ==================== Restore Points ========================= 21-02-2019 08:23:31 Windows Update ==================== Faulty Device Manager Devices ============= Name: ehdrv Description: ehdrv Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: ehdrv Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (02/22/2019 12:04:13 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema. Error: (02/22/2019 11:45:52 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema. Error: (02/22/2019 08:29:14 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema. Error: (02/21/2019 04:27:49 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema. Error: (02/21/2019 08:20:07 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema. Error: (02/21/2019 03:37:38 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 295684 Error: (02/21/2019 03:37:38 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 295684 Error: (02/21/2019 03:37:38 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (02/22/2019 12:03:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: ehdrv Error: (02/22/2019 11:45:24 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: ehdrv Error: (02/22/2019 08:28:31 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: ehdrv Error: (02/21/2019 04:27:04 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: ehdrv Error: (02/21/2019 08:19:38 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: ehdrv Error: (02/21/2019 08:19:32 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: El cierre anterior del sistema a las 3:37:39 del ‎21/‎02/‎2019 resultó inesperado. Error: (02/21/2019 03:37:17 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 86) (User: ) Description: Se apagó el sistema debido a un evento térmico crítico. Hora de apagado = 2019-02-21T02:37:17.908100100Z Zona térmica ACPI = ACPI\ThermalZone\THRM _CRT = 373K Error: (02/20/2019 07:49:54 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: ehdrv Windows Defender: =================================== Date: 2018-07-04 11:45:45.731 Description: Windows Defender encontró un error al intentar actualizar las firmas. Nueva versión de firma:1.271.442.0 Versión de firma anterior:1.269.1075.0 Origen de actualización:Usuario Tipo de firma:AntiSpyware Tipo de actualización:Diferencia Usuario:NT AUTHORITY\SYSTEM Versión de motor actual:1.1.15000.2 Versión de motor anterior:1.1.14901.4 Código de error:0x80070666 Descripción de error:Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. Date: 2018-07-04 11:45:45.731 Description: Windows Defender encontró un error al intentar actualizar el motor. Nueva versión de motor:1.1.15000.2 Versión de motor anterior:1.1.14901.4 Origen de actualización:Usuario Usuario:NT AUTHORITY\SYSTEM Código de error:0x80070666 Descripción de error:Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. Date: 2018-04-30 11:27:35.496 Description: Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas. Firmas intentadas:Actual Código de error:0x80070002 Descripción de error:El sistema no puede encontrar el archivo especificado. Versión de firma:0.0.0.0 Versión de motor:0.0.0.0 Date: 2018-04-30 11:27:35.480 Description: Windows Defender encontró un error al intentar actualizar las firmas. Nueva versión de firma:1.265.527.0 Versión de firma anterior: Origen de actualización:Carpeta de actualizaciones de firmas Tipo de firma:AntiSpyware Tipo de actualización:Completa Usuario:NT AUTHORITY\SYSTEM Versión de motor actual:1.1.14405.2 Versión de motor anterior: Código de error:0x80070666 Descripción de error:Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. Date: 2018-04-30 11:27:35.480 Description: Windows Defender encontró un error al intentar actualizar el motor. Nueva versión de motor:1.1.14405.2 Versión de motor anterior: Origen de actualización:Carpeta de actualizaciones de firmas Usuario:NT AUTHORITY\SYSTEM Código de error:0x80070666 Descripción de error:Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. CodeIntegrity: =================================== Date: 2016-07-05 20:09:07.370 Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema. Date: 2016-07-05 20:09:07.369 Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema. Date: 2016-07-05 20:09:07.367 Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema. Date: 2016-07-05 20:09:07.366 Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz Percentage of memory in use: 74% Total physical RAM: 8100.53 MB Available physical RAM: 2080.41 MB Total Virtual: 16199.2 MB Available Virtual: 9303.2 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:255.58 GB) (Free:38.22 GB) NTFS Drive d: (DriverCD) (Fixed) (Total:10 GB) (Free:6.74 GB) NTFS Drive g: (Datos) (Fixed) (Total:921.51 GB) (Free:377.03 GB) NTFS \\?\Volume{0e45abe6-3d04-11e7-9664-806e6f6e6963}\ () (Fixed) (Total:0.59 GB) (Free:0.56 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 256.2 GB) (Disk ID: D05363F5) Partition 1: (Active) - (Size=600 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=255.6 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 921732F4) Partition 1: (Not Active) - (Size=921.5 GB) - (Type=0F Extended) Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================