Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-08-2019 Ran by FloppY (31-08-2019 13:46:35) Running from C:\Users\K541U\Desktop Windows 10 Home Version 1903 18362.329 (X64) (2019-08-29 08:00:16) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-857741356-1549155819-202260892-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-857741356-1549155819-202260892-503 - Limited - Disabled) el_is (S-1-5-21-857741356-1549155819-202260892-1002 - Limited - Disabled) FloppY (S-1-5-21-857741356-1549155819-202260892-1001 - Administrator - Enabled) => C:\Users\K541U Invitado (S-1-5-21-857741356-1549155819-202260892-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-857741356-1549155819-202260892-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: ESET Security (Disabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ESET Cortafuegos (Disabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-857741356-1549155819-202260892-1001\...\uTorrent) (Version: 3.5.5.45311 - BitTorrent Inc.) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) Actualización de NVIDIA 38.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.0.0 - NVIDIA Corporation) Hidden Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.125 - Adobe) Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.) AIMP (HKLM-x32\...\AIMP) (Version: v4.60.2146, 28.08.2019 - AIMP DevTeam) Analizador y SDK de MSXML 4.0 SP2 (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.8 - ASUSTeK COMPUTER INC.) ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.14 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.19.0004 - ASUS) ASUS Touchpad Handwriting (HKLM-x32\...\{F3ED910A-9041-49D0-9C70-BD9E1DC5B08E}) (Version: 1.0.3 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.8 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0050 - ASUS) AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.3.14 - ICEpower a/s) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 425.31 - NVIDIA Corporation) Hidden ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 12.2.23.0 - ESET, spol. s r.o.) EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden Intel Driver && Support Assistant (HKLM-x32\...\{1C86244D-6CBD-4067-BD27-1C263B7D5B35}) (Version: 19.4.18.9 - Intel) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation) Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4771 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.2.1002 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation) Intel® Driver & Support Assistant (HKLM-x32\...\{50936ff5-be94-4907-b8d2-68f8462c76db}) (Version: 19.7.30.2 - Intel) Intel® Driver & Support Assistant (HKLM-x32\...\{87709708-b034-4cec-b6ef-0d162873cf83}) (Version: 19.8.34.6 - Intel) Intel® Driver & Support Assistant (HKLM-x32\...\{cdfa55ef-79fd-483d-9278-fb714b90b601}) (Version: 19.4.18.9 - Intel) Intel® Driver & Support Assistant (HKLM-x32\...\{e46e0766-a9ed-4cf2-94c7-a684b0aa214f}) (Version: 19.8.34.6 - Intel) Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation) K-Lite Codec Pack 14.6.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.6.5 - KLCP) Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.11901.20218 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-857741356-1549155819-202260892-1001\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation) Motorsport Manager (HKLM-x32\...\Motorsport Manager_is1) (Version: - ) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 3.20.0.105 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.105 - NVIDIA Corporation) NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11901.20218 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20218 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20218 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.11901.20218 - Microsoft Corporation) Hidden OpenOffice 4.1.6 (HKLM-x32\...\{ABA77258-70D6-4A14-9AB7-3FA087C470DB}) (Version: 4.16.9790 - Apache Software Foundation) Panel de control de NVIDIA 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 425.31 - NVIDIA Corporation) Hidden PDF Architect 7 (HKLM-x32\...\PDF Architect 7) (Version: 7.0.21.1534 - pdfforge GmbH) PDF Architect 7 Create Module (HKLM\...\{92B93B1C-433D-4271-875C-B13AF5F714D7}) (Version: 7.0.23.3193 - pdfforge GmbH) Hidden PDF Architect 7 Edit Module (HKLM\...\{E3032061-5B97-47A6-BEDA-A025BD37B07F}) (Version: 7.0.23.3193 - pdfforge GmbH) Hidden PDF Architect 7 View Module (HKLM\...\{FBD5D60A-B8C5-4626-A68F-6100E9BDB156}) (Version: 7.0.23.3193 - pdfforge GmbH) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.5.0 - pdfforge GmbH) REALTEK Bluetooth Filter Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AD}) (Version: 1.4.887.082616 - REALTEK Semiconductor Corp.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.27056 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8564 - Realtek Semiconductor Corp.) Realtek PCI-E Wireless LAN Driver (HKLM-x32\...\InstallShield_{70714FB7-4084-4202-A599-2D5935DECB67}) (Version: Drv_3.00.0008 - REALTEK Semiconductor Corp.) Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.) Servicio Xperia Companion (HKLM\...\{034C1685-55DC-4C0F-A802-970803148AE0}) (Version: 2.4.3.0 - Sony) Hidden swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Telegram Desktop version 1.8.2 (HKU\S-1-5-21-857741356-1549155819-202260892-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.8.2 - Telegram FZ-LLC) UNIFUTBOL V8 (HKLM-x32\...\{F59874AD-BE78-42DD-8245-989B71706B00}) (Version: 8.2 - UNIFUTBOL) Update Detector 5.47.0.45 (HKLM-x32\...\Update Detector) (Version: 5.47.0.45 - Glarysoft Ltd) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - LunarG, Inc.) Hidden Windows Driver Package - ASUS (AsusPTPDrv) HIDClass (09/23/2016 11.0.0.14) (HKLM\...\F95583A62AB902A3FC263F668380483F9E0113CD) (Version: 09/23/2016 11.0.0.14 - ASUS) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.2 - ASUSTeK COMPUTER INC.) WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) Xperia Companion (HKLM-x32\...\{C32507B2-D80A-45DD-8D31-31858292C91C}) (Version: 2.4.3.0 - Sony) Hidden Xperia Companion (HKLM-x32\...\{f7c475f1-4d2f-48c3-b5d1-6ffc35a6828a}) (Version: 2.4.3.0 - Sony) Packages: ========= Adobe Photoshop Express: Editor de imágenes, Ajustes, Filtros, Efectos, Bordes -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.0.316.0_x64__ynb6jyjzte8ga [2019-05-26] (Adobe Inc.) Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.19.5.0_x86__kgqvnymyfvs32 [2019-08-20] (king.com) Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-13] (Microsoft Corporation) [MS Ad] Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.3340.0_x64__rz1tebttyb220 [2019-08-31] (Dolby Laboratories) LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-02-12] (LinkedIn) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-11] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-11] (Microsoft Corporation) [MS Ad] Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-29] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-08-28] (Microsoft Studios) [MS Ad] MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-21] (Microsoft Corporation) [MS Ad] MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_2.0.22.0_x64__qmba6cd70vzyy [2019-08-16] (ASUSTeK COMPUTER INC.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-857741356-1549155819-202260892-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-08-30] (Artem Izmaylov -> AIMP DevTeam) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-26] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers1: [PDFArchitect7_ManagerExt] -> {21989F59-B260-4302-90C3-E51740E03639} => C:\Program Files\PDF Architect 7\context-menu.dll -> No File ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:/Program Files/PDFCreator/PDFCreatorShell.DLL -> No File ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-26] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-08-30] (Artem Izmaylov -> AIMP DevTeam) ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2a96639878ff96cd\igfxDTCM.dll [2017-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-26] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-10-13 08:17 - 2016-10-13 08:17 - 000125440 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2016-10-13 08:17 - 2016-10-13 08:17 - 000033280 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2016-10-13 08:17 - 2016-10-13 08:17 - 000029184 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll 2017-11-18 14:00 - 2017-11-18 14:00 - 000113664 _____ (.NET Foundation) [File not signed] C:\WINDOWS\Temp\{66DCF541-EB2D-44AD-B49C-19CB3F737C1C}\.ba\mbahost.dll 2017-11-18 14:00 - 2017-11-18 14:00 - 000113664 _____ (.NET Foundation) [File not signed] C:\WINDOWS\Temp\{6D182001-F92B-4030-8853-40A6FAE4FB2F}\.ba\mbahost.dll 2016-10-13 08:17 - 2016-10-13 08:17 - 001676288 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ApplyLUT.dll 2016-10-13 08:17 - 2016-10-13 08:17 - 000178176 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\GenLUT.dll 2016-10-13 08:17 - 2016-10-13 08:17 - 000165888 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll 2019-04-29 22:03 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-857741356-1549155819-202260892-1001\...\localhost -> localhost ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2018-04-12 01:38 - 2019-02-12 20:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts 2019-02-22 22:04 - 2019-07-04 12:53 - 000000519 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-857741356-1549155819-202260892-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\K541U\Downloads\DESCARGAS OPERA\364bc2929dace5ede923476ada961e2b.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{78F69DB3-A37D-440B-959C-AF0CBF41ABBC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{B6FB1AF3-8047-4FF0-9916-31A7220F791D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{13ABDDBB-A402-452A-848B-B645BB9B2B1C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{0C2C82F9-897C-4157-9DFA-D873EFB01432}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{65F43AC8-ABBA-4EE3-B990-6F0107BC4424}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{CA042BBF-39A8-457F-B977-9039B848E5EC}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{2B05233D-6D85-4C10-A94D-951B4EEE71D1}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{4766CEBA-BF56-480B-88A5-A01ACE3940C9}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{69067DE2-5D4A-42EF-BCD7-E2CF77F1540B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D026BD1F-9E06-4343-A02A-02DDBB9A22B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A147F471-CE26-4283-96B9-657510BC30B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{8524E030-C26A-4717-92BD-A4B2A38CFC9D}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{E0FC0289-5A9D-448E-B7B9-B9064C789B15}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{10E9A7B6-C9CF-4E98-80C5-8F94F805CA41}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{B99FD002-84A5-4CFE-84A9-73CBDDEDA424}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{22642B24-A235-4DF4-A3AA-1AADE1ADF102}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{108DB58C-16AB-422B-A289-BCDA531CC08D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{CE102763-E34C-4075-B376-007C96AA1388}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe (Sony Mobile Communications AB -> Sony) FirewallRules: [{CEA77CDA-29F2-4769-BECE-239F5779196E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{205B4555-E976-4D24-BED6-E34E6B5E2F10}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Restore Points ========================= 29-08-2019 13:08:50 Windows Update 30-08-2019 21:48:51 Intel® Driver & Support Assistant ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/31/2019 01:24:21 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido. . Operación: Ejecutando operación asincrónica Contexto: Estado actual: DoSnapshotSet Error: (08/31/2019 01:11:23 PM) (Source: Intel(R) SUR QC SAM) (EventID: 3) (User: ) Description: Traceback (most recent call last): File "win32serviceutil.py", line 835, in SvcRun File "updtr/service.py", line 239, in SvcDoRun File "updtr/service.py", line 264, in run File "updtr/core/entities/win_certs_store_bundle.py", line 41, in get_filename_for_windows_ca_bundle File "updtr/core/entities/win_certs_store_bundle.py", line 33, in _create_bundle_from_win_store IOError: (2, 'No such file or directory', 'C:\\ProgramData\\Intel\\SUR\\QUEENCREEK\\Updater\\AppData\\root_ca_certs.pem') Error: (08/30/2019 11:42:03 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: El programa Intel-Driver-and-Support-Assistant-Installer (1).exe (versión 19.8.34.6) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento. Id. de proceso: 2b18 Hora de Inicio: 01d55f6bd7101277 Hora de finalización: 4294967295 Ruta de la aplicación: C:\Users\K541U\AppData\Local\Temp\{E0F553D1-6D02-4980-BAE7-38469B0A6F63}\.cr\Intel-Driver-and-Support-Assistant-Installer (1).exe Id. de informe: 16b2d6c5-39cf-4649-9d70-7081adf7a0ea Nombre completo del paquete con errores: Id. de la aplicación relativa al paquete con errores: Tipo de bloqueo: Top level window is idle Error: (08/30/2019 11:42:01 PM) (Source: MsiInstaller) (EventID: 11714) (User: ISMAEL-PC) Description: Product: Intel Driver && Support Assistant -- Error 1714. The older version of Intel Driver && Support Assistant cannot be removed. Contact your technical support group. System Error 1612. Error: (08/30/2019 10:37:23 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY) Description: El tamaño del búfer necesario es mayor que el tamaño del búfer que se llevó a la función Collect del archivo DLL del contador extensible "C:\Windows\System32\perfts.dll" del servicio "LSM". El tamaño del búfer indicado era 31256 y el tamaño necesario es 36168. Error: (08/30/2019 09:52:09 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido. . Operación: Ejecutando operación asincrónica Contexto: Estado actual: DoSnapshotSet Error: (08/30/2019 09:49:08 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido. . Operación: Ejecutando operación asincrónica Contexto: Estado actual: DoSnapshotSet Error: (08/30/2019 09:49:07 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY) Description: Product: Intel Driver && Support Assistant -- Error 1714. The older version of Intel Driver && Support Assistant cannot be removed. Contact your technical support group. System Error 1612. System errors: ============= Error: (08/31/2019 01:27:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: El servicio Energy Server Service queencreek se cerró con el siguiente error: %%512 Error: (08/31/2019 02:44:58 AM) (Source: DCOM) (EventID: 10010) (User: ISMAEL-PC) Description: El servidor {3EB3C877-1F16-487C-9050-104DBCD66683} no se registró con DCOM dentro del tiempo de espera requerido. Error: (08/31/2019 02:44:58 AM) (Source: DCOM) (EventID: 10010) (User: ISMAEL-PC) Description: El servidor {F9717507-6651-4EDB-BFF7-AE615179BCCF} no se registró con DCOM dentro del tiempo de espera requerido. Error: (08/31/2019 02:44:47 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: El servidor {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} no se registró con DCOM dentro del tiempo de espera requerido. Error: (08/31/2019 02:44:47 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: El servidor {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} no se registró con DCOM dentro del tiempo de espera requerido. Error: (08/31/2019 02:37:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: El servicio Energy Server Service queencreek se cerró con el siguiente error: %%512 Error: (08/31/2019 02:06:31 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: El servicio Energy Server Service queencreek se cerró con el siguiente error: %%512 Error: (08/31/2019 01:35:59 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: El servicio Energy Server Service queencreek se cerró con el siguiente error: %%512 CodeIntegrity: =================================== Date: 2019-08-31 13:31:20.765 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements. Date: 2019-08-31 13:31:02.654 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements. Date: 2019-08-30 21:38:19.123 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements. Date: 2019-08-30 21:38:19.113 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements. Date: 2019-08-30 21:38:09.649 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements. Date: 2019-08-30 21:38:09.422 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements. Date: 2019-08-30 21:36:48.823 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements. Date: 2019-08-30 21:36:48.820 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. X541UJ.310 04/18/2019 Motherboard: ASUSTeK COMPUTER INC. X541UJ Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz Percentage of memory in use: 59% Total physical RAM: 8077.17 MB Available physical RAM: 3301.71 MB Total Virtual: 9997.17 MB Available Virtual: 4657.86 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:930.46 GB) (Free:729.51 GB) NTFS \\?\Volume{1f45ebdb-3590-4b12-be61-ee67fd55d162}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.35 GB) NTFS \\?\Volume{54edd475-1ec2-4311-b7fb-7d4d46bdcd3f}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 61F4C0D5) Partition: GPT. ==================== End of Addition.txt ============================