Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01 Ran by F. Javier (23-07-2019 09:02:40) Running from C:\Users\jotak\Desktop Windows 10 Pro Version 1903 18362.175 (X64) (2019-06-22 09:12:54) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-4055168685-874566943-3237835349-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-4055168685-874566943-3237835349-503 - Limited - Disabled) defaultuser0 (S-1-5-21-4055168685-874566943-3237835349-1000 - Limited - Disabled) => C:\Users\defaultuser0 F. Javier (S-1-5-21-4055168685-874566943-3237835349-1001 - Administrator - Enabled) => C:\Users\jotak HomeGroupUser$ (S-1-5-21-4055168685-874566943-3237835349-1007 - Limited - Enabled) Invitado (S-1-5-21-4055168685-874566943-3237835349-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-4055168685-874566943-3237835349-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75} AS: Spybot - Search and Destroy (Disabled - Out of date) {A16C3F68-9280-E053-1818-342707FECF4D} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) Actualización de NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.116 - Adobe) Adobe Bridge CC 2019 (HKLM-x32\...\KBRG_9_0_2) (Version: 9.0.2 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.8.0.421 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated) Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_3) (Version: 20.0.3 - Adobe Systems Incorporated) AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam) ANT Drivers 0.1.2.0 (HKLM-x32\...\ANT Drivers_is1) (Version: 0.1.2.1 - ANT Drivers) calibre 64bit (HKLM\...\{E43B6117-96A7-475F-BF11-B28402192B36}) (Version: 3.46.0 - Kovid Goyal) Capicom 2.1.0.2 FNMT-RCM (HKLM-x32\...\{E06DBD80-CD9B-4A3F-BD83-ED1AA4CB1E3A}) (Version: 1.00.0000 - FNMT-RCM) Capture NX-D (HKLM\...\{2D088846-B670-47AF-91C3-76E0B3E887C3}) (Version: 1.5.2 - Nikon Corporation) Capture One 12.1 (HKLM\...\CaptureOne12_is1) (Version: 12.1.0.106 - Phase One A/S) CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.6795 - CDBurnerXP) Configurador_FNMT (HKLM-x32\...\{438D4C4C-B703-4971-9C3D-33FF8A010ADB}) (Version: 3.7 - FNMT-RCM) DaVinci Resolve (HKLM\...\{0DAEA224-8550-41F2-A3C6-9C70331097D0}) (Version: 16.0.0044 - Blackmagic Design) Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform) digiCamControl (HKLM-x32\...\{abd02c9e-a338-4ace-a233-363559548974}) (Version: 2.0.76.1 - ) Hidden Driver Easy 5.6.11 (HKLM\...\DriverEasy_is1) (Version: 5.6.11 - Easeware) FastStone Image Viewer 6.9 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.9 - FastStone Soft) Google Earth Pro (HKLM-x32\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden HOLUX ezTour for Logger v2.9 (HKLM-x32\...\HOLUX ezTour for Logger_HOLUX_DL) (Version: v2.9 - iTravel Tech, Inc.) huey 1.0.5 (HKLM-x32\...\huey_is1) (Version: - Pantone & GretagMacbeth) Imaging Edge (Remote/Viewer/Edit) (HKLM\...\{C4E8EE25-708E-4CEE-9481-104208AC056A}) (Version: 1.4.00.01241 - Sony Imaging Products & Solutions, Inc.) Instalable DNIe (HKLM\...\{D2CE0562-13E0-4FC9-85F2-CA3D0392310E}) (Version: 14.0.1 - Cuerpo Nacional de Policía) Instalable TC-FNMT (HKLM\...\{4CD2C8DB-B4DB-4C14-8B91-19C960523D36}) (Version: 7.0.1 - FNMT-RCM) Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation) JDownloader 2 (HKLM-x32\...\jdownloader2-1) (Version: 2.0 - AppWork GmbH) LibreOffice 6.2.4.2 (HKLM\...\{B8FF8670-C6F4-4868-9DB2-C23324C0E575}) (Version: 6.2.4.2 - The Document Foundation) Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes) Media Pro (HKLM-x32\...\{62F10A97-EBA2-461F-9BFE-0BAFC16E501A}) (Version: 1.4.5044.0 - Phase One) Microsoft Office PowerPoint Viewer 2003 (HKLM-x32\...\{90AF0C0A-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6458.0 - Microsoft Corporation) Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation) Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation) Mozilla Firefox 68.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 68.0.1 (x64 es-ES)) (Version: 68.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla) Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google) Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.3.0 - Nikon Corporation) Nikon Transfer 2 (HKLM-x32\...\{4D5EE11A-0D0A-4214-ABAC-72419F7BE24D}) (Version: 2.13.2 - Nikon Corporation) NRW CODEC (HKLM\...\{C73F5325-EE0D-44BE-8B30-6CFAFFC84A68}) (Version: 1.70.0000 - Nikon Corporation) NVIDIA Controlador de la controladora 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation) NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) ONconnect (HKLM-x32\...\ONconnect_is1) (Version: 3.208 - Geonaute) Panel de control de NVIDIA 430.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 430.86 - NVIDIA Corporation) Hidden Paquete de controladores de Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.) Paquete de controladores de Windows - Leaf Imaging Ltd. Image (12/03/2014 1.2.0.0) (HKLM\...\B758007C752D28F7C3542875CEEBDADCAE5941AE) (Version: 12/03/2014 1.2.0.0 - Leaf Imaging Ltd.) Paquete de controladores de Windows - Phase One / Mamiya V-Grip USB Driver (12/03/2014 1.2.0.0) (HKLM\...\3F504CC0B024052107934E093CC26DA720256A7A) (Version: 12/03/2014 1.2.0.0 - Phase One / Mamiya) Paquete de controladores de Windows - Phase One A/S (WinUSB) USBDevice (09/18/2017 1.14.0.0) (HKLM\...\5D536C8BAC29754ACD7E2AFB52D1C2B1EA169BE6) (Version: 09/18/2017 1.14.0.0 - Phase One A/S) Paquete de controladores de Windows - Phase One A/S (WinUSB) USBDevice (12/03/2014 1.13.0.0) (HKLM\...\7C6570ABBEB2F08EFBC23ED7925AE72DA6167BD8) (Version: 12/03/2014 1.13.0.0 - Phase One A/S) Paquete de controladores de Windows - Phase One A/S (WinUSB) USBDevice (12/14/2018 1.15.0.0) (HKLM\...\9398055CF8BEEF1D6FCF147047450F15A1C7AF2A) (Version: 12/14/2018 1.15.0.0 - Phase One A/S) Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation) Picture Control Utility 2 (HKLM\...\{46BEAB85-B86A-4AAB-B085-136ECA032CF4}) (Version: 2.4.2 - Nikon Corporation) ProShow Producer (HKLM-x32\...\ProShow Producer) (Version: - Photodex Corporation) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8648 - Realtek Semiconductor Corp.) Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.) Silicon Laboratories USBXpress Device (Driver Removal) (HKLM-x32\...\SIUSBXP&10C4&EA61) (Version: - Silicon Laboratories) Software para dispositivos de chipset Intel® (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden Sony RAW Driver (HKLM-x32\...\{166FCF01-AC98-4288-A01C-90BEB808C059}) (Version: 2.0.00.08130 - Sony Corporation) SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft) Tableta Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.15-3 - Wacom Technology Corp.) TomTom HOME (HKLM-x32\...\{0E778C56-3A87-497E-BEF0-EF0D3EE4871C}) (Version: 2.10.2 - Nombre de su organización) TomTom HOME (HKLM-x32\...\{C51F55EC-477D-4385-B951-BDEFA5DFC90B}) (Version: 2.11.6 - Nombre de su organización) ViewNX-i (HKLM\...\{C02E1F40-7EB2-4084-991B-EBFC7F586E26}) (Version: 1.3.2 - Nikon Corporation) Visor de Microsoft PowerPoint (HKLM-x32\...\{95140000-00AF-0C0A-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN) VueScan x64 (HKLM\...\VueScan x64) (Version: - ) Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.) WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.) Windows Driver Package - Dirección General de la Policía (UMPass) SmartCard (10/30/2018 1.0.2.7) (HKLM\...\EC0850ACBB539AD49EB5503A072981871981EB01) (Version: 10/30/2018 1.0.2.7 - Dirección General de la Policía) Windows Driver Package - Fábrica Nacional de Moneda y Timbre (UMPass) SmartCard (10/30/2018 1.0.0.10) (HKLM\...\0522550C0F8999BA218E62772864B89DF5FD04F0) (Version: 10/30/2018 1.0.0.10 - Fábrica Nacional de Moneda y Timbre) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) Packages: ========= Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-11-25] (Microsoft Corporation) Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-06-01] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad] Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-02-16] (Adobe Systems Incorporated) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4055168685-874566943-3237835349-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-05-23] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\jotak\Desktop\run_j2se.bat - Acceso directo.lnk -> D:\BT747_2.2.1_en_full(1)\run_j2se.bat () ==================== Loaded Modules (Whitelisted) ============== 2019-03-25 13:07 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] E:\Program Files\7-Zip\7-zip.dll 2017-12-10 09:46 - 2017-09-27 18:30 - 000489984 _____ (Newtonsoft) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\Newtonsoft.Json.dll 2017-12-10 09:46 - 2017-11-07 17:37 - 000088064 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppCollect.dll 2017-12-10 09:46 - 2017-11-07 17:37 - 000200192 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppCommon.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-4055168685-874566943-3237835349-1001\...\fnmt.es -> hxxp://fnmt.es IE trusted site: HKU\S-1-5-21-4055168685-874566943-3237835349-1001\...\fnmt.es -> hxxps://fnmt.es IE trusted site: HKU\S-1-5-21-4055168685-874566943-3237835349-1001\...\fnmt.gob.es -> hxxps://fnmt.gob.es IE trusted site: HKU\S-1-5-21-4055168685-874566943-3237835349-1001\...\fnmt.gob.es -> hxxp://fnmt.gob.es IE trusted site: HKU\S-1-5-21-4055168685-874566943-3237835349-1001\...\localhost -> localhost ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2019-07-19 19:31 - 2019-07-20 09:22 - 000000101 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 0.0.0.0 activation.phaseone.com 0.0.0.0 activation.phaseone.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\adb;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Users\jotak\AppData\Local\Microsoft\WindowsApps;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;E:\Program Files\Calibre2\;C:\Program Files\VDownloader HKU\S-1-5-21-4055168685-874566943-3237835349-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. HKLM\...\StartupApproved\StartupFolder: => "hueyTray.lnk" HKLM\...\StartupApproved\StartupFolder: => "GIGABYTE OC_GURU.lnk" HKLM\...\StartupApproved\Run: => "WindowsDefender" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp" HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2" HKLM\...\StartupApproved\Run32: => "SDTray" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0" HKU\S-1-5-21-4055168685-874566943-3237835349-1001\...\StartupApproved\Run: => "MiPhoneManager" HKU\S-1-5-21-4055168685-874566943-3237835349-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-4055168685-874566943-3237835349-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-4055168685-874566943-3237835349-1001\...\StartupApproved\Run: => "AdobeBridge" HKU\S-1-5-21-4055168685-874566943-3237835349-1001\...\StartupApproved\Run: => "Free Download Manager" HKU\S-1-5-21-4055168685-874566943-3237835349-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall" HKU\S-1-5-21-4055168685-874566943-3237835349-1001\...\StartupApproved\Run: => "HKCU" HKU\S-1-5-21-4055168685-874566943-3237835349-1001\...\StartupApproved\Run: => "TomTomHOME.exe" HKU\S-1-5-21-4055168685-874566943-3237835349-1001\...\StartupApproved\Run: => "" HKU\S-1-5-21-4055168685-874566943-3237835349-1001\...\StartupApproved\Run: => "Application Restart #1" HKU\S-1-5-21-4055168685-874566943-3237835349-1001\...\StartupApproved\Run: => "ONconnectService" HKU\S-1-5-21-4055168685-874566943-3237835349-1001\...\StartupApproved\Run: => "Application Restart #0" HKU\S-1-5-21-4055168685-874566943-3237835349-1001\...\StartupApproved\Run: => "vidnotifier.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{B1ABCD5B-78F6-44AD-A8E7-2CAD035E33CB}E:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) E:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> ) FirewallRules: [UDP Query User{4AFDCD7B-0D9B-4F62-A65B-5B68EC43988C}E:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) E:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> ) FirewallRules: [TCP Query User{6E6ADFFC-D89A-4B8C-ABB2-FFBE5613BEAF}E:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) E:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.) FirewallRules: [UDP Query User{01B4C547-51F7-45B1-B683-379202EA96E8}E:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) E:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.) FirewallRules: [TCP Query User{3496C1DA-423C-4937-B11E-B64CCC5BA1BA}E:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) E:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe () [File not signed] FirewallRules: [UDP Query User{95560A97-1439-48BD-9F2A-72928E3567AD}E:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) E:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe () [File not signed] FirewallRules: [TCP Query User{B8CA6E2F-3AEF-41D0-AF50-8CC17D9BFB42}E:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) E:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed] FirewallRules: [UDP Query User{EA30D5C1-3566-4D2D-A4FB-41155293F1B5}E:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) E:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed] FirewallRules: [{AF8D0C0F-E9ED-404C-95A2-8895CDFEE11C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{63725D81-878B-45BF-8A47-951C513801D3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Restore Points ========================= 03-07-2019 11:44:08 Installed DaVinci Resolve 06-07-2019 11:17:04 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 06-07-2019 11:17:12 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 10-07-2019 12:46:03 Installed DaVinci Resolve 15-07-2019 13:37:51 Removed SmartDefender 19-07-2019 19:18:48 Revo Uninstaller's restore point - Spybot - Search & Destroy ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/23/2019 09:00:48 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (10740,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (07/23/2019 08:52:26 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: Wacom_Tablet.exe, versión: 6.3.15.3, marca de tiempo: 0x5693e4c6 Nombre del módulo con errores: Wacom_Tablet.exe, versión: 6.3.15.3, marca de tiempo: 0x5693e4c6 Código de excepción: 0xc0000005 Desplazamiento de errores: 0x000000000004ba24 Identificador del proceso con errores: 0x275c Hora de inicio de la aplicación con errores: 0x01d541232f29a8a6 Ruta de acceso de la aplicación con errores: C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe Ruta de acceso del módulo con errores: C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe Identificador del informe: 4a2eb060-e5de-4936-be4d-220b0a7677d5 Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: Error: (07/22/2019 08:16:07 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (2320,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (07/22/2019 07:46:14 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (11624,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (07/22/2019 07:25:09 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (8348,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (07/22/2019 07:14:07 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (9068,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (07/22/2019 06:54:59 PM) (Source: .NET Runtime) (EventID: 1022) (User: ) Description: .NET Runtime version 4.0.30319.0 - Error al inicializar la infraestructura de asociación de la API de generación de perfiles. Este proceso no permitirá que se asocie un generador de perfiles. HRESULT: 0x80004005. Id. de proceso (decimal): 9972. Id. de mensaje: [0x2509]. Error: (07/22/2019 06:52:08 PM) (Source: .NET Runtime) (EventID: 1022) (User: ) Description: .NET Runtime version 4.0.30319.0 - Error al inicializar la infraestructura de asociación de la API de generación de perfiles. Este proceso no permitirá que se asocie un generador de perfiles. HRESULT: 0x80004005. Id. de proceso (decimal): 9052. Id. de mensaje: [0x2509]. System errors: ============= Error: (07/20/2019 08:14:30 PM) (Source: DCOM) (EventID: 10010) (User: PCJCALA) Description: El servidor Microsoft.Windows.ContentDeliveryManager_10.0.18362.1_neutral_neutral_cw5n1h2txyewy!App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca no se registró con DCOM dentro del tiempo de espera requerido. Error: (07/20/2019 08:14:26 PM) (Source: DCOM) (EventID: 10010) (User: PCJCALA) Description: El servidor {58598185-CF77-4407-B011-0C8282EF681F} no se registró con DCOM dentro del tiempo de espera requerido. Error: (07/20/2019 08:49:03 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: El cierre anterior del sistema a las 19:33:55 del ‎19/‎07/‎2019 resultó inesperado. Error: (07/20/2019 08:48:56 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY) Description: 3221225684Error irrecuperable al procesar los datos de restauración. Error: (07/19/2019 07:33:11 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: El servicio Malwarebytes Service no se cerró correctamente después de recibir un control de aviso de apagado. Error: (07/19/2019 07:30:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio Windows Search terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio. Error: (07/19/2019 07:30:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: El servicio Wondershare Driver Install Service se terminó de manera inesperada. Esto ha sucedido 1 veces. Error: (07/19/2019 07:30:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: El servicio TomTomHOMEService se terminó de manera inesperada. Esto ha sucedido 1 veces. CodeIntegrity: =================================== Date: 2019-07-15 11:04:42.443 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-07-15 11:04:42.441 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-07-15 11:04:42.440 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-07-15 11:04:42.439 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== BIOS: American Megatrends Inc. 2002 09/20/2016 Motherboard: ASUSTeK COMPUTER INC. B150-PRO Processor: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz Percentage of memory in use: 19% Total physical RAM: 16309.83 MB Available physical RAM: 13150.54 MB Total Virtual: 32693.83 MB Available Virtual: 29123.88 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:191.62 GB) (Free:106.4 GB) NTFS Drive d: () (Fixed) (Total:28.88 GB) (Free:28.72 GB) NTFS Drive e: (Programas) (Fixed) (Total:612.52 GB) (Free:586.36 GB) NTFS Drive f: (Descargas) (Fixed) (Total:318.99 GB) (Free:284.1 GB) NTFS Drive g: (Archivo) (Fixed) (Total:931.51 GB) (Free:570.7 GB) NTFS \\?\Volume{76ce85b5-0000-0000-0000-100000000000}\ () (Fixed) (Total:2.75 GB) (Free:2.23 GB) NTFS \\?\Volume{76ce85b5-0000-0000-0000-109830000000}\ () (Fixed) (Total:0.31 GB) (Free:0.09 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 76CE85B5) Partition 1: (Active) - (Size=2.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=191.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=320 MB) - (Type=27) Partition 4: (Not Active) - (Size=28.9 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 0012F025) Partition: GPT. ======================================================== Disk: 2 (Size: 931.5 GB) (Disk ID: 08D8C1B0) Partition: GPT. ==================== End of Addition.txt ============================