Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019 Ran by Jordi (22-12-2019 09:39:09) Running from C:\Users\Jordi\Desktop Windows 10 Pro Version 1803 17134.345 (X64) (2018-08-21 00:36:48) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-2386650303-937493529-1628659523-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2386650303-937493529-1628659523-503 - Limited - Disabled) Invitado (S-1-5-21-2386650303-937493529-1628659523-501 - Limited - Disabled) Jordi (S-1-5-21-2386650303-937493529-1628659523-1001 - Administrator - Enabled) => C:\Users\Jordi WDAGUtilityAccount (S-1-5-21-2386650303-937493529-1628659523-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: ESET Security (Disabled - Out of date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET Security (Disabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 2C-Audio Aether (HKLM-x32\...\Aether) (Version: - 2C-Audio) 2C-Audio B2 (HKLM-x32\...\B2) (Version: - 2C-Audio) 2C-Audio Breeze (HKLM-x32\...\Breeze) (Version: - 2C-Audio) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) A.O.M. A.O.M. Total Bundle (HKLM\...\A.O.M. Total Bundle_is1) (Version: 1.9.4 - A.O.M.) Abbeyroadplugins EMI Brilliance Pack VST RTAS v1.0.6 (HKLM-x32\...\Abbeyroadplugins EMI Brilliance Pack VST RTAS_is1) (Version: - ) Abbeyroadplugins EMI RS 124 Compressor VST RTAS v1.0.1 (HKLM-x32\...\Abbeyroadplugins EMI RS 124 Compressor_is1) (Version: - ) Abbeyroadplugins EMI TG 12413 Limiter VST RTAS v2.0.1 (HKLM-x32\...\Abbeyroadplugins EMI TG 12413 Limiter VST RTAS_is1) (Version: - ) Abbeyroadplugins EMI TG Mastering Pack VST RTAS v1.0.2 (HKLM-x32\...\Abbeyroadplugins EMI TG Mastering Pack VST RTAS_is1) (Version: - ) Acon Digital DeVerberate (32 bit) 1.6.0 (HKLM-x32\...\{A0168B60-0FA2-45A7-8871-DD25B65E8B38}_is1) (Version: 1.6.0 - Acon AS) Acon Digital DeVerberate (64 bit) 1.6.0 (HKLM\...\{458357DE-C14B-4FDE-B614-7862427596C4}_is1) (Version: 1.6.0 - Acon AS) Acon Digital Equalize (32 bit) 2.0.3 (HKLM-x32\...\{1BA713B3-33E5-4837-943B-DD5039A0525C}_is1) (Version: 2.0.3 - Acon AS) Acon Digital Equalize (64 bit) 2.0.3 (HKLM\...\{D53CF917-35F6-4781-894B-1B1C11A56789}_is1) (Version: 2.0.3 - Acon AS) Actualización de NVIDIA 38.0.2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.2.0 - NVIDIA Corporation) Hidden Acustica Audio D361A (HKLM-x32\...\D361A Win x64) (Version: 1.3.609.0 - Acustica Audio) Acustica Audio D361A (HKLM-x32\...\D361A Win x86) (Version: 1.3.609.0 - Acustica Audio) Acustica Audio EQP1 (HKLM-x32\...\EQP1 Win x64) (Version: 1.3.606.0 - Acustica Audio) Acustica Audio EQP1 (HKLM-x32\...\EQP1 Win x86) (Version: 1.3.609.0 - Acustica Audio) Acustica Audio NEO (HKLM-x32\...\NEO Win x64) (Version: 1.3.606.0 - Acustica Audio) Acustica Audio NEO (HKLM-x32\...\NEO Win x86) (Version: 1.3.606.0 - Acustica Audio) Acustica Audio SILKEQ (HKLM-x32\...\SILKEQ Win x64) (Version: 1.3.693.0 - Acustica Audio) Acustica Audio SILKEQ (HKLM-x32\...\SILKEQ Win x86) (Version: 1.3.693.0 - Acustica Audio) Acustica Audio STRADIPAD (HKLM-x32\...\STRADIPAD Win x64) (Version: 1.3.609.0 - Acustica Audio) Acustica Audio STRADIPAD (HKLM-x32\...\STRADIPAD Win x86) (Version: 1.3.609.0 - Acustica Audio) Acustica Audio TRINITYEQ (HKLM-x32\...\TRINITYEQ Win x64) (Version: 1.3.687.0 - Acustica Audio) Acustica Audio TRINITYEQ (HKLM-x32\...\TRINITYEQ Win x86) (Version: 1.3.687.0 - Acustica Audio) AcusticaAudio Nebula3 (HKLM-x32\...\Nebula3) (Version: - ) Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated) AIR Music Technology Strike (HKLM-x32\...\AIR Music Technology Strike) (Version: 2.0.7 - AIR Music Technology) AIR Music Technology Structure (HKLM-x32\...\AIR Music Technology Structure) (Version: 2.0.7 - AIR Music Technology) Altiverb 7 Uninstaller (HKLM\...\{367662CA-394A-4095-9549-973FC3807B9B}_is1) (Version: 7.2 - Audio Ease BV) Ample Bass Acoustic II version 2.4.0 (HKLM-x32\...\{50ECCCA1-A49C-40CA-85A3-37A13EC3FBA6}_is1) (Version: 2.4.0 - Ample Sound Technology Co., Ltd.) Ample Bass J II Extension 1 (Pick) version 2.0.2 (HKLM-x32\...\{5527CC5B-2A8D-4042-9AEB-824E8EF8EFE2}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.) Ample Bass J II version 2.4.0 (HKLM-x32\...\{04C42F03-37A2-481A-8D1B-9F03164B23CA}_is1) (Version: 2.4.0 - Ample Sound Technology Co., Ltd.) Ample Bass P II version 2.6.5 (HKLM-x32\...\{1C181D3B-41B6-4714-AB59-91E18C5EE708}_is1) (Version: 2.6.5 - Ample Sound Technology Co., Ltd.) Ample Bass Upright II version 2.6.5 (HKLM-x32\...\{A966F883-EEA9-407F-B2DA-B84722E28700}_is1) (Version: 2.6.5 - Ample Sound Technology Co., Ltd.) Ample Ethno Ukulele version 1.5.5 (HKLM-x32\...\{F6D9F862-94D7-4DDD-AC3B-5F560312B508}_is1) (Version: 1.5.5 - Ample Sound Technology Co., Ltd.) Ample Guitar F II version 2.4.0 (HKLM-x32\...\{26ABCDDF-80B4-409D-B169-400C54E6E1C0}_is1) (Version: 2.4.0 - Ample Sound Technology Co., Ltd.) Ample Guitar G II Extension 1 (Both Pickup) version 2.0.2 (HKLM-x32\...\{CEFDB1D7-F4AE-42CD-A060-B923453056B0}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.) Ample Guitar G II version 2.5.5 (HKLM-x32\...\{C5C4DE66-ACC5-4431-892B-A581516DF4DD}_is1) (Version: 2.5.5 - Ample Sound Technology Co., Ltd.) Ample Guitar L II version 2.4.0 (HKLM-x32\...\{9563CAC5-81EB-43CF-8717-927ED1EB272A}_is1) (Version: 2.4.0 - Ample Sound Technology Co., Ltd.) Ample Guitar M II Extension 1 (Pick) version 2.1.0 (HKLM-x32\...\Ample Guitar M II Extension 1 (Pick)_is1) (Version: 2.1.0 - Ample Sound Technology Co., Ltd.) Ample Guitar M II version 2.5.5 (HKLM-x32\...\{DBBA77E4-611C-4633-AC13-96A6598AF746}_is1) (Version: 2.5.5 - Ample Sound Technology Co., Ltd.) Ample Guitar M version 3.1.0 (HKLM-x32\...\{8DFC907C-D57F-490A-8392-E729A463CD97}_is1) (Version: 3.1.0 - Ample Sound Technology Co., Ltd.) Ample Guitar P II Extension (Neck Pickup) version 2.0.2 (HKLM-x32\...\{3758B201-9310-4492-A8FA-003C2FD6BFA9}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.) Ample Guitar P II version 2.4.0 (HKLM-x32\...\{5F4EB709-CBDD-4B9D-A733-5CD7FA3FF6E2}_is1) (Version: 2.4.0 - Ample Sound Technology Co., Ltd.) Ample Guitar T II Extension 1 (Finger) version 2.1.0 (HKLM-x32\...\Ample Guitar T II Extension 1 (Finger)_is1) (Version: 2.1.0 - Ample Sound Technology Co., Ltd.) Ample Guitar T II version 2.4.0 (HKLM-x32\...\{548F88E8-79D2-441F-B87B-E71754257651}_is1) (Version: 2.4.0 - Ample Sound Technology Co., Ltd.) Ample Metal E II version 2.5.5 (HKLM-x32\...\{EB25BD61-6A67-41F1-BC7E-1AD08E3A539A}_is1) (Version: 2.5.5 - Ample Sound Technology Co., Ltd.) Ample Metal Ray5 II version 2.6.0 (HKLM-x32\...\{3272F255-346F-4D4A-8E6D-9AD5D927D79A}_is1) (Version: 2.6.0 - Ample Sound Technology Co., Ltd.) AmpliTube 3.11.2 (HKLM-x32\...\AMP3112_is1) (Version: - IK Multimedia) AmpliTube 4 version 4.8.2 (HKLM\...\{21B0C8E0-7EB7-4832-B764-20A7DAE86E02}_is1) (Version: 4.8.2 - IK Multimedia) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ARIA Engine v1.9.3.3 (HKLM\...\ARIA Engine_is1) (Version: v1.9.3.3 - Plogue Art et Technologie, Inc) Arturia Pigments (HKLM\...\Pigments_is1) (Version: 1.1.2 - Arturia) Ashampoo Burning Studio 15 v.15.0.2 (HKLM-x32\...\{91B33C97-5B38-0A92-D04A-A0F26F3F87D4}_is1) (Version: 15.0.2 - Ashampoo GmbH & Co. KG) Audiority Effects Plugin Bundle (HKLM\...\Audiority Effects Plugin Bundle_is1) (Version: v10.1 - ProgSound & Team V.R) Band-in-a-Box DAW Plugin 1.14.2 (HKLM-x32\...\BIAB_Plugin_is1) (Version: - PG Music Inc.) Band-in-a-Box File Associations (HKLM-x32\...\BBAssociations_is1) (Version: - PG Music Inc.) Band-in-a-Box Server (HKLM-x32\...\BBServer_is1) (Version: - PG Music Inc.) BandLab Assistant 5.0.6 (HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\9b08bea4-021c-5f9d-a74e-ac0ceb51fb28) (Version: 5.0.6 - BandLab) BandLab Assistant 5.1.1 (HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\{9b08bea4-021c-5f9d-a74e-ac0ceb51fb28}) (Version: 5.1.1 - BandLab) BIAS Amp 2 (HKLM\...\BIAS AMP 2 Pack (64bit)_is1) (Version: 2.2.3.1303 - Positive Grid & Team V.R) BIAS FX Plugins Pack (64bit) (HKLM\...\BIAS FX Plugins Pack (64bit)_is1) (Version: 1.6.4.3553 - Positive Grid & Team V.R) Black Rooster Audio The ALL Bundle (HKLM\...\Black Rooster Audio The ALL Bundle_is1) (Version: 2.4.1 - Black Rooster Audio) Blue Cat's All Plug-Ins Pack (HKLM\...\Blue Cat's All Plug-Ins Pack_is1) (Version: 2018.10 - Blue Cat Audio & Team V.R) BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.32.75.1002 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Cakewalk Boutique FX Suite (HKLM\...\SONAR Boutique FX Suite_is1) (Version: 1.0 - Cakewalk, Inc.) Cakewalk by BandLab (HKLM\...\Cakewalk Core_is1) (Version: 25.09.0.70 - BandLab Singapore Pte Ltd.) Cakewalk CA-2A Leveling Amplifier (HKLM\...\CA-2A Leveling Amplifier_is1) (Version: 2.0.1.112 - Cakewalk) Cakewalk Drum Replacer (HKLM\...\Cakewalk Drum Replacer_is1) (Version: 1.2.0.14 - BandLab Singapore Pte Ltd.) Cakewalk Engineering FX Suite (HKLM\...\SONAR Engineering FX Suite_is1) (Version: 1.0 - Cakewalk, Inc.) Cakewalk LP EQ (HKLM\...\Cakewalk LP EQ_is1) (Version: 1.0 - Cakewalk, Inc.) Cakewalk L-Phase Multiband Compressor (HKLM\...\L-Phase Multiband Compressor_is1) (Version: 1.0.3.84 - Cakewalk) CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform) Celemony Melodyne 4 (HKLM\...\Melodyne 4_is1) (Version: 4.2.3.001 - Celemony) Celemony Melodyne Studio 4 (HKLM\...\Melodyne Studio 4_is1) (Version: 4.1.1.011 - Celemony) ComBear version 1.0.1 (HKLM\...\ComBear_is1) (Version: 1.0.1 - ) Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) CoyoteWT 1.3 (HKLM-x32\...\CoyoteWT_is1) (Version: - Coyote Electronics Inc.) CPUID CPU-Z 1.90 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.90 - CPUID, Inc.) Custom Shop version 1.8.0 (HKLM-x32\...\{21BAD046-50EC-49E2-BE7B-F9729704F2C3}_is1) (Version: 1.8.0 - IK Multimedia) Cytomic The Glue (HKLM\...\The Glue_is1) (Version: 1.3.19 - Cytomic) Darbuka 1.0.0 (HKLM-x32\...\Darbuka_is1) (Version: - Wizoo Sound Design GmbH) dBpoweramp (HKLM-x32\...\dBpoweramp) (Version: Release 16.4 - Illustrate) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 418.91 - NVIDIA Corporation) Hidden DMG Audio bundle (HKLM\...\DMGAudio Bundle_is1) (Version: 2018 - DMGAudio) EaseUS Todo Backup Free 11.5 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 11.5 - CHENGDU YIWO Tech Development Co., Ltd) Elevayta Extra Boy v4.91d VST (HKLM-x32\...\Elevayta Extra Boy v4.91d VST) (Version: - ) eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.11.3.1242 - Steinberg Media Technologies GmbH) ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 11.2.49.0 - ESET, spol. s r.o.) Eventide Anthology XI (HKLM\...\Anthology XI_is1) (Version: 1.0.1 - Eventide) EZdrummer (HKLM-x32\...\{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}) (Version: 1.3.2 - Toontrack) EZdrummer 2 64-bit (HKLM\...\{B9217824-0EBE-49C7-98A0-A76CC46BBB7D}) (Version: 2.0.0 - Toontrack) EZDrummer 64-bit (HKLM\...\{80E801DB-5288-4447-AAC2-27F329B61C6E}) (Version: 1.3.2 - Toontrack) EZkeys Complete Bundle 1.2.4 (HKLM\...\Toontrack EZkeys Complete-r4e_is1) (Version: 1.2.4 - Toontrack Music AB) EZXAmericana (HKLM-x32\...\{7DB4839F-DFA6-49D2-907F-740CE65B2D10}) (Version: 1.0.0 - Toontrack) EZXClaustrophobic (HKLM-x32\...\{8094F7AE-CA21-4AF2-A256-BC918CE0E796}) (Version: 1.0 - Toontrack) EZXCocktail (HKLM-x32\...\{147567F0-8575-4BE0-B5B3-62706C67FA5A}) (Version: 1.0 - Toontrack) EZXDfh (HKLM-x32\...\{DB1299AF-9EE0-422B-959E-F4171B2AE0F7}) (Version: 1.0 - Toontrack) EZXElectronic (HKLM-x32\...\{238539DC-253F-401B-90F4-A928A98BC866}) (Version: 1.0.0 - Toontrack) EZXFunkmasters (HKLM-x32\...\{BB5A44CB-3045-43E2-BEB0-B64E477D4633}) (Version: 1.0.0 - Toontrack) EZXJazz (HKLM-x32\...\{EED8D44F-CEBB-4298-8D0E-E01AF6AC0663}) (Version: 1.0.0 - Toontrack) EZXMetalHeads (HKLM-x32\...\{F4F365AB-BD66-4775-A36A-E3D8055873FD}) (Version: 1.0.0 - Toontrack) EZXMetalMachine (HKLM-x32\...\{88A1D1DA-4327-4CAF-BA74-00D85D9353E8}) (Version: 1.0.0 - Toontrack) EZXNashville (HKLM-x32\...\{82DF9225-13EC-41BD-BE31-AAB121B38166}) (Version: 1.0 - Toontrack) EZXPercussion (HKLM-x32\...\{2CC4BC82-41CF-43D3-B533-7283AA8BB86F}) (Version: 1.0 - Toontrack) EZXPop (HKLM-x32\...\{BAB8A154-19A1-4673-9E9D-CB5E08BFD28C}) (Version: 1.0.0 - Toontrack) EZXTheClassic part1 (HKLM-x32\...\{C350D087-2ED2-40AB-BE41-75108D89D66C}) (Version: 1.0.0 - Toontrack) EZXTheClassic part2 (HKLM-x32\...\{6F642D8C-FFC7-48D8-B4E5-77249FE56C7B}) (Version: 1.0.0 - Toontrack) FabFilter Pro-L (HKLM\...\Pro-L_is1) (Version: 1.2.4 - FabFilter) FabFilter Total Bundle (HKLM\...\Total Bundle_is1) (Version: 2018.02.22 - FabFilter) Finale (HKLM\...\{6D47FD1D-8E36-4DD1-8D5F-4DB0A6049ED3}) (Version: 26.1.0.397 - MakeMusic) Finale (HKLM\...\{A3136718-4D78-4CB1-AA03-B4BB03ED2FE1}) (Version: 26.0.1.655 - MakeMusic) Finale (HKLM\...\{D260E3AD-F03E-41C4-BD6B-F4FCC634EFD7}) (Version: 25.4.0.144 - MakeMusic) Flux Full Pack 2.2 (HKLM\...\Full Pack 2.2_is1) (Version: 3.5.29.46238 - Flux) Flux IRCAM Tools 1.1 (HKLM\...\IRCAM Tools 1.1_is1) (Version: 3.5.29.46238 - Flux) FXpansion BFD3 (HKLM-x32\...\FXpansion BFD3) (Version: 3.2.3 - FXpansion Audio UK Ltd) Garritan ARIA Player v1.872 (HKLM\...\__ARIA_1012___is1) (Version: v1.872 - Garritan) Garritan Instruments for Finale (HKLM\...\__ARIA_1013___is1) (Version: v2.0.0.4 - Garritan) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 5.30 - Janos Mathe) Hetman Partition Recovery 2.8 (HKLM-x32\...\Hetman Partition Recovery) (Version: - ) IK Multimedia Authorization Manager version 1.0.22 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.22 - IK Multimedia) IrcamLab TS-1.0.11 (HKLM\...\{CCFC564A-FCC0-4E5D-9789-E254F0DB6502}_is1) (Version: 1.0.11 - IRCAM) iZotope RX 3 (HKLM-x32\...\iZotope RX 3_is1) (Version: 3.02 - iZotope, Inc.) iZotope Vocal Doubler (HKLM-x32\...\Vocal Doubler) (Version: 1.00 - iZotope, Inc.) JW Bus Glue version 1.0.0 (HKLM\...\JW Bus Glue_is1) (Version: 1.0.0 - ) Kontakt Library Fix 2 (HKLM-x32\...\{8E55338D-4503-474F-A732-00BCBBFC5173}) (Version: 2.00.0000 - UbyXsofT) LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.) Latigo 1.0.0 (HKLM-x32\...\Latigo_is1) (Version: - Wizoo Sound Design GmbH) LEVELS version 1.0 (HKLM\...\{07939B10-B999-4B4D-AC62-FA8891F93151}_is1) (Version: 1.0 - 29 Palms Ltd) Lexicon MPX Native Reverb (HKLM\...\MPX Native Reverb_is1) (Version: 1.0.6 - Lexicon) Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes) Massey VST Demos (Remove only) (HKLM-x32\...\Massey VST Demos) (Version: - ) M-Audio FireWire Driver 6.0.1 (x64) (HKLM\...\{3C33BA1B-D447-41CF-A228-84DD499F6F61}) (Version: 6.0.1 - M-Audio) MeldaProduction Audio Plugins 13 (HKLM-x32\...\MeldaProduction Audio Plugins 13) (Version: - MeldaProduction) Microsoft Office Professional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.4266.1003 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Prerequisites (x64) (HKLM\...\{04BEC103-A388-41EE-BB49-1235FAAF883D}) (Version: 11.0.61030 - Blue Cat Audio) Microsoft Visual C++ 2012 Prerequisites (x86) (HKLM-x32\...\{2F65108E-8DF7-47B9-8ECC-49BD3BC47AAB}) (Version: 11.0.61030 - Blue Cat Audio) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27027 (HKLM-x32\...\{fd9b6070-d13e-45dc-819b-41806bf45b6b}) (Version: 14.16.27027.1 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27027 (HKLM-x32\...\{39e28474-b67b-4209-af1b-e9ad0a83d8ca}) (Version: 14.16.27027.1 - Microsoft Corporation) MJUC version 1.2.0 (HKLM\...\MJUC_is1) (Version: 1.2.0 - ) MMFonts (HKLM-x32\...\{7564F180-CD44-4721-88FB-F88E7782D604}) (Version: 1.1.1.1 - MakeMusic, Inc.) Mozilla Firefox 71.0 (x64 es-ES) (HKLM\...\Mozilla Firefox 71.0 (x64 es-ES)) (Version: 71.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.2 - Mozilla) MusicLab RealStrat 5 (HKLM\...\RealStrat 5_is1) (Version: 5.0.0.7420 - MusicLab) Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.1.0.20 - Native Instruments) Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.7.3.37 - Native Instruments) Native Instruments Noire (HKLM-x32\...\Native Instruments Noire) (Version: 1.0.0.8 - Native Instruments) Native Instruments Session Guitarist - Picked Acoustic (HKLM-x32\...\Native Instruments Session Guitarist - Picked Acoustic) (Version: 1.1.0.8 - Native Instruments) Native Instruments Session Horns Pro (HKLM-x32\...\Native Instruments Session Horns Pro) (Version: 1.4.0.2 - Native Instruments) Native Instruments Symphony Series String Ensemble (HKLM-x32\...\Native Instruments Symphony Series String Ensemble) (Version: 1.4.0.1 - Native Instruments) Neuratron PhotoScore && NotateMe Ultimate Demo (HKLM-x32\...\Neuratron PhotoScore && NotateMe Ultimate Demo) (Version: 8.8.6 - Neuratron Ltd) NF VST 32-bit Installer (HKLM-x32\...\NF VST 32-bit Installer1.0.3) (Version: 1.0.3 - Nomad Factory) NF VST 64-bit Installer (HKLM-x32\...\NF VST 64-bit Installer1.0.3) (Version: 1.0.3 - Nomad Factory) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden NVIDIA Controlador de audio HD 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation) NVIDIA Controlador de gráficos 431.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 431.60 - NVIDIA Corporation) NVIDIA GeForce Experience 3.20.1.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.1.57 - NVIDIA Corporation) NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Overloud Mark Studio 2 (HKLM\...\Mark Studio 2_is1) (Version: 2.0.14 - Overloud) Overture 5 (HKLM\...\{9F52D96D-E0CD-4466-A4BF-D054F5719758}) (Version: 5.5.4.2 - Sonic Scores) Ozone Imager (HKLM-x32\...\Ozone Imager) (Version: 1.00 - iZotope, Inc.) PACE License Support Win64 (HKLM\...\{531FDE0F-E243-4053-A424-CAA59DE84676}) (Version: 5.0.0.2401 - PACE Anti-Piracy, Inc.) Hidden PACE License Support Win64 (HKLM-x32\...\InstallShield_{531FDE0F-E243-4053-A424-CAA59DE84676}) (Version: 5.0.0.2401 - PACE Anti-Piracy, Inc.) Panel de control de NVIDIA 431.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 431.60 - NVIDIA Corporation) Hidden Pdf995 (HKLM-x32\...\Pdf995) (Version: - ) PG Music DirectX Plugins (64-bit) 2.0.0.0 (HKLM\...\PG_DX_Plugins_64_is1) (Version: - PG Music Inc.) PG Music DirectX Plugins 2.0.0.0 (HKLM-x32\...\PG_DX_Plugins_is1) (Version: - PG Music Inc.) Plogue sforzando v1.933 (HKLM\...\__ARIA_1014___is1) (Version: v1.933 - Plogue) Project CARS 2 Deluxe Edition MULTi12 - ElAmigos versión 6.0.0.0 (HKLM-x32\...\{F173EF88-7CE1-4B8E-AA28-3219DE599195}_is1) (Version: 6.0.0.0 - Bandai Namco Entertainment) PSP Xenon (HKLM-x32\...\PSP Xenon) (Version: 1.5.1 - PSPaudioware.com) QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - ) Registration Bonus Styles (HKLM-x32\...\BB_is1) (Version: - PG Music Inc.) SampleTank 3 version 3.7.2 (HKLM\...\{4A5CE684-33A5-4EE6-AB22-4B92D92D37D8}_is1) (Version: 3.7.2 - IK Multimedia) Sibelius (HKLM\...\{9A99A7EA-856E-42FE-AECC-8C6A335D5E2E}) (Version: 19.5.0.1469 - Avid Technology) Sibelius OpenType Fonts (HKLM-x32\...\{603AEE7A-6967-4CDB-8528-0CAC729A004B}) (Version: 18.6.0 - Avid) Slowhand (HKLM-x32\...\{76FCAEE9-805A-4AC1-B4FB-37551274A0AA}) (Version: 1.3.03 - mmdesign) SONAR Demo Projects (HKLM\...\SONAR Demo Projects_is1) (Version: 1.0 - Cakewalk, Inc.) SONAR Help & Documentation (HKLM\...\SONAR Help & Documentation_is1) (Version: 1.0 - Cakewalk, Inc.) SONAR Platinum (HKLM\...\SONAR Platinum_is1) (Version: 23.10 - Cakewalk, Inc.) Sonic Reality Infinite Player (HKLM\...\{90b1bf8c-c01b-4e77-9b79-68bd9e9336c9}) (Version: 1.0.0.001 - Sonic Reality) Hidden Sonic Reality Infinite Player (HKLM-x32\...\Sonic Reality Infinite Player) (Version: - Sonic Reality) SOUND FORGE Pro 12.1 (x64) (HKLM\...\{60C7CECF-93D3-11E8-9B8E-408D5CC672F4}) (Version: 12.1.170 - MAGIX) SSD Sampler (HKLM-x32\...\SSD4) (Version: 1.1 - Yellow Matter Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Steinberg Content Updater (HKLM-x32\...\{23BAFE62-0AF0-4D71-98C2-47286139DC45}) (Version: 4.0.0 - Steinberg Media Technologies GmbH) Steinberg Download Assistant (HKLM-x32\...\Steinberg Download Assistant) (Version: 1.14.7 - Steinberg Media Technologies GmbH) Steinberg eLicenser Antitrial (HKLM\...\eLicenser Antitrial_is1) (Version: 1.16.1.3 - Steinberg & Team V.R) Steinberg Generic Lower Latency ASIO Driver 64bit (HKLM\...\{16D5A798-10BE-4FF3-BB71-54C012CD0D7D}) (Version: 1.0.11 - Steinberg Media Technologies GmbH) Steinberg Groove Agent 5 (HKLM\...\{3A97C8A6-8CC0-4AF2-B32B-DD0334338580}) (Version: 5.0.10 - Steinberg Media Technologies GmbH) Steinberg HALion 6 (HKLM\...\{B4A47381-CC40-4EAD-BE05-143396A70B34}) (Version: 6.1.0 - Steinberg Media Technologies GmbH) Steinberg HALion 6 Content (HKLM-x32\...\{E6049779-021E-40FD-8C4C-C2A21F9417B5}) (Version: 1.0.0 - Steinberg Media Technologies GmbH) Hidden Steinberg HALion Content (HKLM-x32\...\{7FAD0A52-EAA8-4197-BC9D-30E08EC879A5}) (Version: 4.6.3 - Steinberg Media Technologies GmbH) Steinberg HALion Content Registration (HKLM-x32\...\{D3BC09D3-55D7-424D-9B7B-5CAF1C6113FD}) (Version: 1.0.0 - Steinberg Media Technologies GmbH) Hidden Steinberg HALion Sonic 2 Content (HKLM-x32\...\{C50D4628-6064-443C-B154-5A5B780874C2}) (Version: 2.0.0 - Steinberg Media Technologies GmbH) Steinberg HALion Sonic 3 (HKLM\...\{7AA3E2A4-8568-41B0-BAB6-13CDB5047DE6}) (Version: 3.1.0 - Steinberg Media Technologies GmbH) Steinberg HALion Sonic Content (HKLM-x32\...\{1AA20A3E-B833-4309-9155-8A15D479D46F}) (Version: 1.6.3 - Steinberg Media Technologies GmbH) Steinberg Library Manager (HKLM\...\{AA78592A-F13C-4C8E-B849-7A398001FA7F}) (Version: 3.0.17 - Steinberg Media Technologies GmbH) Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH) Steinberg The Grand VSTi DXi v2.1.0 (HKLM-x32\...\Steinberg The Grand VSTi DXi_is1) (Version: - ) Steinberg Virtual Guitarist (HKLM-x32\...\Virtual Guitarist) (Version: - ) Steinberg Virtual Guitarist Electric Edition (HKLM-x32\...\Virtual Guitarist Electric Edition) (Version: - ) Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH) Superior Drummer 3 64-bit (HKLM\...\{534C9464-965B-4C8B-BE69-45AE8E10560E}) (Version: 3.0.3 - Toontrack) SWAM Cello (HKLM\...\{B14D58DE-C4EF-4ECD-9C10-BE60BB30D920}_is1) (Version: 2.0.1 - Audio Modeling & Team V.R) SWAM Clarinets (HKLM\...\{785AA5E4-EC05-4343-93BD-823858B06084}_is1) (Version: 2.8.1 - Audio Modeling & Team V.R) SWAM DoubleBass (HKLM\...\{EDEFFBE4-13DE-4F43-8D7A-359CE12D271D}_is1) (Version: 2.0.1 - Audio Modeling & Team V.R) SWAM DoubleReeds (HKLM\...\{375422E9-F52E-444A-90A6-0099FC9A38B7}_is1) (Version: 2.8.1 - Audio Modeling & Team V.R) SWAM Flutes (HKLM\...\SWAM Flutes_is1) (Version: 2.8.1 - Audio Modeling & Team V.R) SWAM Soprano Sax (HKLM\...\{CC1FF87D-C278-44F8-AAEB-951825BEBBC0}_is1) (Version: 2.7.0 - Audio Modeling & Team V.R) SWAM The Saxophones version 1.1.1 64bit (HKLM\...\{6A85AE8B-8674-4014-A976-6C7727B585E4}_is1) (Version: 1.1.1 64bit - Samplemodeling) SWAM Viola (HKLM\...\{4E364A28-92BE-4790-A0ED-7CEFCF47B9FA}_is1) (Version: 2.0.1 - Audio Modeling & Team V.R) teVirtualMIDI64 (HKLM\...\{300D1BB9-FA9E-40EA-ADD8-934D5066F6D5}) (Version: 1.2.11.41 - Tobias Erichsen) TGTools Pro 3.00rc3 (HKLM\...\TGTools Pro V3_is1) (Version: 3.00.13 - Super Flexible Software) The Witcher 3 Wild Hunt MULTi13 - ElAmigos versión 1.31 (HKLM-x32\...\{BF679CAD-FE6D-4CBE-9E99-D7193809207A}_is1) (Version: 1.31 - CD PROJEKT RED) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH) Two Worlds II Castle Defense (HKLM-x32\...\1207661843_is1) (Version: 2.1.0.9 - GOG.com) Two Worlds II Velvet Edition (HKLM-x32\...\1207661833_is1) (Version: 2.1.0.24 - GOG.com) UltraISO Premium V9.52 (HKLM-x32\...\UltraISO_is1) (Version: - ) Universal Control (HKLM\...\Universal Control) (Version: 3.1.1.54569 - PreSonus Audio Electronics, Inc) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{A6F2ADC4-12C4-41E8-B90B-3BE018F5787C}) (Version: 2.48.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden USB Flash Drive Format Tool 1.0 (HKLM\...\USB Flash Drive Format Tool_is1) (Version: - Rogosoft Corporation) USB Safely Remove 6.1 (HKLM-x32\...\USB Safely Remove_is1) (Version: - SafelyRemove.com) UsbFix Anti-Malware Premium (HKLM-x32\...\Usbfix) (Version: 11.0.2.3 - SOSVirus (SOSVirus.Net)) Valhalla DSP Valhalla Plate (HKLM\...\Valhalla Plate_is1) (Version: 1.5.0.25 - Valhalla DSP) Valhalla DSP Valhalla Room (HKLM\...\Valhalla Room_is1) (Version: 1.5.1 - Valhalla DSP) Valhalla DSP Valhalla Shimmer (HKLM\...\Valhalla Shimmer_is1) (Version: 1.0.4 - Valhalla DSP) Valhalla DSP Valhalla VintageVerb (HKLM\...\Valhalla VintageVerb_is1) (Version: 1.7.1 - Valhalla DSP) Virtual Floppy Software (remove only) (HKLM-x32\...\Virtual Floppy Software) (Version: - ) Voxengo bundle 2019.5 (HKLM\...\Voxengo bundle_is1) (Version: 2019.5 - Voxengo) Voxengo GlissEQ (HKLM\...\Voxengo GlissEQ_is1) (Version: 3.10 - Voxengo) Voxengo Sound Delay (HKLM\...\Voxengo Sound Delay_is1) (Version: 1.7 - Voxengo) W735EQ (HKLM-x32\...\W735EQ) (Version: - AITB) Wave Arts Tube Saturator (HKLM-x32\...\TubeSaturator) (Version: - ) Wave Arts Tube Saturator Vintage (HKLM-x32\...\Wave Arts Tube Saturator Vintage) (Version: 1.05 - Wave Arts) WaveLab 6 (HKLM-x32\...\WaveLabPro) (Version: 6.1.1.353 - Steinberg) Waves Complete (HKLM\...\Complete_is1) (Version: 2018.07.23 - Waves) WhatsApp (HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\WhatsApp) (Version: 0.3.9308 - WhatsApp) WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH) X Codec Pack (HKLM\...\X Codec Pack) (Version: 2.7.2 - X Codec Pack team) Xfer Serum 1.07b4 (HKLM\...\Xfer Serum_is1) (Version: - ) XLN Audio Addictive Drums 2 (HKLM\...\Addictive Drums 2_is1) (Version: 2.1.7 - XLN Audio) XLN Audio Addictive Keys (HKLM\...\Addictive Keys_is1) (Version: 1.1.8 - XLN Audio) Youlean Loudness Meter 2 (HKLM\...\Loudness Meter 2_is1) (Version: 2.0.2 - Youlean) Packages: ========= Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.154.400.0_x86__kgqvnymyfvs32 [2019-12-10] (king.com) Complemento de teléfono de Microsoft -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-08-20] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad] Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-17] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad] MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad] MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-17] (Microsoft Corporation) [MS Ad] MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad] Teléfono Microsoft -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-10] (Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-12] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-12-25] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-12] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-12-25] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-17] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-12-25] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-07-17] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-12] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-17] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [1679360 2013-04-05] () [File not signed] ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Jordi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.2\Useful links\Download Codecs & Tools.lnk -> hxxp://www.codecs.com Shortcut: C:\Users\Jordi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.2\Useful links\Talk about Codecs.lnk -> hxxp://codecs.com/foru Shortcut: C:\Users\Jordi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.2\Useful links\X Codec Pack homepage.lnk -> hxxp://www.xpcodecpack.com ==================== Loaded Modules (Whitelisted) ============= 2019-10-17 17:11 - 2019-10-17 17:11 - 004904448 _____ () [File not signed] C:\Program Files\PreSonus\Universal Control\ipp.dll 2019-08-02 14:12 - 2019-08-02 14:12 - 018891264 _____ () [File not signed] C:\Program Files\PreSonus\Universal Control\SmaartFactory_x64.dll 2019-08-02 14:03 - 2019-08-02 14:03 - 001834496 _____ () [File not signed] C:\Program Files\PreSonus\Universal Control\vectorlib.dll 2018-08-22 14:50 - 2012-04-26 13:51 - 000040448 _____ () [File not signed] C:\WINDOWS\System32\pdf995mon64.dll 2019-06-03 14:46 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll 2019-10-17 17:23 - 2019-10-17 17:23 - 000059904 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\avdecc.dll 2019-10-17 17:14 - 2019-10-17 17:14 - 005623808 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\cclgui.dll 2019-10-17 17:17 - 2019-10-17 17:17 - 000696832 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\cclnet.dll 2019-10-17 17:15 - 2019-10-17 17:15 - 001127424 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\cclsecurity.dll 2019-10-17 17:13 - 2019-10-17 17:13 - 001281024 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\cclsystem.dll 2019-10-17 17:13 - 2019-10-17 17:13 - 000485376 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\ccltext.dll 2019-10-17 17:12 - 2019-10-17 17:12 - 000013824 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\cclwinrt.dll 2019-10-17 17:23 - 2019-10-17 17:23 - 000352768 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\atomdevice.dll 2019-10-17 17:21 - 2019-10-17 17:21 - 000484352 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\audioboxdevice.dll 2019-10-17 17:22 - 2019-10-17 17:22 - 000113664 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\faderportdevice.dll 2019-10-17 17:23 - 2019-10-17 17:23 - 000769024 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\firewiredevice.dll 2019-10-17 17:21 - 2019-10-17 17:21 - 002878464 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\quantumdevice.dll 2019-10-17 17:15 - 2019-10-17 17:15 - 000661504 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\Plugins\asioservice.dll 2019-10-17 17:25 - 2019-10-17 17:25 - 023194112 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\Plugins\studiolivepanel.dll 2019-10-17 17:23 - 2019-10-17 17:23 - 000637440 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\Plugins\ucnetmonitor.dll 2019-10-17 17:17 - 2019-10-17 17:17 - 000596480 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\Plugins\windowsmidi.dll 2019-10-17 17:17 - 2019-10-17 17:17 - 000228352 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\ucnet.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Config32:D_Time [5] AlternateDataStreams: C:\ProgramData\Config32:reg [47] ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-30 08:24 - 2019-12-03 11:13 - 000001011 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 www.r2rdownload.com 127.0.0.1 www.elephantafiles.com 127.0.0.1 www.r2rdownload.net 127.0.0.1 www.swamengine.com 127.0.0.1 www.overloud.com 0.0.0.0 www.meldaproduction.com ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2386650303-937493529-1628659523-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-2386650303-937493529-1628659523-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{2E44233E-209D-45D9-B864-2C4670C7CF37}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{7BFBA720-1D95-4525-B156-B8B3688E0258}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{14B72FE8-BD0B-468D-A504-9382BC214F0C}] => (Allow) C:\bb\BBHelper\BandinaBoxServer.exe (PG Music Inc. -> PG Music Inc.) FirewallRules: [{977D3449-66F7-4567-9E29-62B0FDBC7928}] => (Allow) C:\bb\BBHelper\BandinaBoxServer.exe (PG Music Inc. -> PG Music Inc.) FirewallRules: [{15E049BF-05D7-4781-8FB2-BCFAE6584F8F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{26393EFD-12C8-4695-BBDA-42B6BBF2BF4D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{708D9E67-DC6E-4070-8666-2996F3764F43}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{1ECB22BE-97F1-4A04-B6D0-65A951F3E41F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{DF709DB0-CA8A-4B1D-8F27-9F78B84ED58C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{1898CAEE-5CC5-4318-B62D-066CF0034900}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{7C45B844-9B4C-45A5-BD3C-9442F936E2EE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C70A6D82-2CF1-45C4-9AEA-37D851F9433B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{8853D3D5-91DE-4B0F-9C23-333D6DAFF569}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{9DE0C2D1-F5D2-47CA-954F-EECE56A76A13}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{AF23C4CA-EFC0-4495-A406-CB86B5DFAD6A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [TCP Query User{5E019860-A2F7-4A9F-A761-4B604FB65855}C:\program files\sound forge\sound forge pro 12.0\sfvstserver.exe] => (Allow) C:\program files\sound forge\sound forge pro 12.0\sfvstserver.exe (MAGIX Software GmbH -> MAGIX Software GmbH) FirewallRules: [UDP Query User{AA5B14DC-5733-4BE6-9DBA-B5AD9F198AAD}C:\program files\sound forge\sound forge pro 12.0\sfvstserver.exe] => (Allow) C:\program files\sound forge\sound forge pro 12.0\sfvstserver.exe (MAGIX Software GmbH -> MAGIX Software GmbH) FirewallRules: [{D0D2987F-D921-475D-8057-CCCAB3EBDE1D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{A1FFCFB9-941F-41C7-8508-9CEE481E4FE8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{D5DFDDB0-86D8-4FAD-84A5-E42127E15330}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe (Bethesda Softworks) [File not signed] FirewallRules: [{B48BFF59-EA6A-405F-9F00-A2BA7D63F36A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe (Bethesda Softworks) [File not signed] FirewallRules: [{68D0458A-ABD5-4E85-B81D-27B48D28ECF5}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) FirewallRules: [{F7A1FD76-BA87-47CF-987F-DCC221A9D087}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{8D6CE2C5-749B-42CD-866B-D6D5B36E5178}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{AB9758A6-B094-4229-8BF6-B7FECDDE8882}C:\program files\cakewalk\cakewalk core\cakewalk.exe] => (Allow) C:\program files\cakewalk\cakewalk core\cakewalk.exe (BandLab Singapore Pte Ltd. -> BandLab Singapore Pte Ltd.) FirewallRules: [UDP Query User{FEEF83B1-1C7D-43D2-A9AB-B609373DD058}C:\program files\cakewalk\cakewalk core\cakewalk.exe] => (Allow) C:\program files\cakewalk\cakewalk core\cakewalk.exe (BandLab Singapore Pte Ltd. -> BandLab Singapore Pte Ltd.) FirewallRules: [{EBEA068F-E80B-46E5-B5BA-0BACDC7A8EE5}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{19EC4903-20DD-4D00-A97E-59CAC11E9226}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) FirewallRules: [{A593A5B0-9C1E-4223-8EE3-2E628E6DAB5D}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) FirewallRules: [{865A2FA1-34C0-44E3-A450-D74BA538C69D}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) FirewallRules: [{7CB0539F-4697-4FF6-B6E9-6D96E2FA4E24}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) FirewallRules: [{F1868719-589E-4F7A-B4A9-7B4EB93B16CB}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) FirewallRules: [{03542AEE-A324-4BDD-95FA-E7832271B32D}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) FirewallRules: [TCP Query User{2264DF64-1ECB-4445-BDF9-FF93390B151B}C:\program files\cakewalk\shared utilities\vstscan.exe] => (Block) C:\program files\cakewalk\shared utilities\vstscan.exe (BandLab Singapore Pte Ltd. -> BandLab Singapore Pte Ltd.) FirewallRules: [UDP Query User{EF9F39FE-8373-40E8-8EBB-BE84DAE726EF}C:\program files\cakewalk\shared utilities\vstscan.exe] => (Block) C:\program files\cakewalk\shared utilities\vstscan.exe (BandLab Singapore Pte Ltd. -> BandLab Singapore Pte Ltd.) FirewallRules: [{5542B4F7-7D97-43EB-86A0-86814618ECA1}] => (Allow) C:\bb\Data\Installers\BBHelper\BandinaBoxServer.exe (PG Music Inc. -> PG Music Inc.) FirewallRules: [{15BA5611-0E47-46D1-8947-47EC18D36188}] => (Allow) C:\bb\Data\Installers\BBHelper\BandinaBoxServer.exe (PG Music Inc. -> PG Music Inc.) FirewallRules: [{3AEDC767-E52E-4C54-A4BB-003659A80465}] => (Allow) C:\Program Files\PreSonus\Universal Control\Universal Control.exe (PreSonus) [File not signed] FirewallRules: [{FCDCDA43-DD92-4EE5-BAB5-50CD95083DB5}] => (Allow) C No File FirewallRules: [TCP Query User{757F83F8-C892-4508-ACAA-B5A88EC86305}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH) FirewallRules: [UDP Query User{195FB5B9-9975-4C45-8919-95A8AFD6C24C}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH) FirewallRules: [TCP Query User{8D0371B9-471F-46B4-8D0C-01A92EBAF29B}C:\users\jordi\appdata\local\programs\bandlab-assistant\bandlab assistant.exe] => (Allow) C:\users\jordi\appdata\local\programs\bandlab-assistant\bandlab assistant.exe (BandLab Singapore Pte Ltd. -> BandLab) FirewallRules: [UDP Query User{2471692E-B69F-4247-98A2-D4DA7F5352C5}C:\users\jordi\appdata\local\programs\bandlab-assistant\bandlab assistant.exe] => (Allow) C:\users\jordi\appdata\local\programs\bandlab-assistant\bandlab assistant.exe (BandLab Singapore Pte Ltd. -> BandLab) FirewallRules: [{71755DE3-E0D0-4BB1-AA8A-59875298A8FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{C7D758CC-6B00-4609-84BB-9ABC79BFCA1D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{0D5307F1-0CB4-48B0-96DC-23DBC00829E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{E8E5D804-0093-47C5-A691-B70F5E283D01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{AD86511C-D950-406B-AE34-42E771063538}] => (Allow) C:\Program Files\Cakewalk\Shared Utilities\StartPage\CakewalkStartScreen.exe (BandLab Singapore Pte Ltd. -> BandLab Singapore Pte Ltd.) FirewallRules: [{1119E4BD-024D-4D8A-A176-17DAB4C56573}] => (Allow) C:\Program Files\Cakewalk\Shared Utilities\StartPage\CakewalkStartScreen.exe (BandLab Singapore Pte Ltd. -> BandLab Singapore Pte Ltd.) FirewallRules: [{D224346E-D1A9-48CF-9D03-5626574AB2EB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= 12-12-2019 13:57:25 Punto de control programado 15-12-2019 12:11:38 Installed Kontakt Library Fix. ==================== Faulty Device Manager Devices ============ Name: PHL 273V5 (NVIDIA High Definition Audio) Description: Extremo de audio Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e} Manufacturer: Microsoft Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ======================== Application errors: ================== Error: (12/22/2019 09:37:18 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Waves\SoundGrid Studio\SoundGrid Studio.exe". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Waves\SoundGrid Studio\Modules\Modules.MANIFEST" en la línea 8. La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado. La referencia es Modules,processorArchitecture="AMD64",type="win32",version="1.0.0.0". La definición es Modules,processorArchitecture="x86",type="win32",version="1.0.0.0". Use sxstrace.exe para obtener un diagnóstico detallado. Error: (12/22/2019 09:35:48 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Waves\SoundGrid Studio\SoundGrid Studio.exe". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Waves\SoundGrid Studio\Modules\Modules.MANIFEST" en la línea 8. La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado. La referencia es Modules,processorArchitecture="AMD64",type="win32",version="1.0.0.0". La definición es Modules,processorArchitecture="x86",type="win32",version="1.0.0.0". Use sxstrace.exe para obtener un diagnóstico detallado. Error: (12/22/2019 09:35:46 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" en la línea 1. La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado. La referencia es UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". La definición es UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Use sxstrace.exe para obtener un diagnóstico detallado. Error: (12/22/2019 09:33:43 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Waves\SoundGrid Studio\SoundGrid Studio.exe". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Waves\SoundGrid Studio\Modules\Modules.MANIFEST" en la línea 8. La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado. La referencia es Modules,processorArchitecture="AMD64",type="win32",version="1.0.0.0". La definición es Modules,processorArchitecture="x86",type="win32",version="1.0.0.0". Use sxstrace.exe para obtener un diagnóstico detallado. Error: (12/20/2019 09:51:23 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Waves\SoundGrid Studio\SoundGrid Studio.exe". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Waves\SoundGrid Studio\Modules\Modules.MANIFEST" en la línea 8. La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado. La referencia es Modules,processorArchitecture="AMD64",type="win32",version="1.0.0.0". La definición es Modules,processorArchitecture="x86",type="win32",version="1.0.0.0". Use sxstrace.exe para obtener un diagnóstico detallado. Error: (12/20/2019 08:27:35 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Waves\SoundGrid Studio\SoundGrid Studio.exe". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Waves\SoundGrid Studio\Modules\Modules.MANIFEST" en la línea 8. La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado. La referencia es Modules,processorArchitecture="AMD64",type="win32",version="1.0.0.0". La definición es Modules,processorArchitecture="x86",type="win32",version="1.0.0.0". Use sxstrace.exe para obtener un diagnóstico detallado. Error: (12/19/2019 09:24:06 AM) (Source: Perflib) (EventID: 1023) (User: ) Description: Windows no puede cargar el archivo DLL del contador extensible rdyboost. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error de Windows. Error: (12/19/2019 09:24:06 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Waves\SoundGrid Studio\SoundGrid Studio.exe". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Waves\SoundGrid Studio\Modules\Modules.MANIFEST" en la línea 8. La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado. La referencia es Modules,processorArchitecture="AMD64",type="win32",version="1.0.0.0". La definición es Modules,processorArchitecture="x86",type="win32",version="1.0.0.0". Use sxstrace.exe para obtener un diagnóstico detallado. System errors: ============= Error: (12/22/2019 09:34:11 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: El servicio RasMan depende del servicio SstpSvc, el cual no pudo iniciarse debido al siguiente error: La operación se completó correctamente. Error: (12/20/2019 08:35:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: Se ha bloqueado la descarga de este controlador Error: (12/20/2019 08:35:37 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Jordi\AppData\Local\Temp\ehdrv.sys Error: (12/20/2019 08:35:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: Se ha bloqueado la descarga de este controlador Error: (12/20/2019 08:35:36 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Jordi\AppData\Local\Temp\ehdrv.sys Error: (12/20/2019 08:35:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: Se ha bloqueado la descarga de este controlador Error: (12/20/2019 08:35:36 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Jordi\AppData\Local\Temp\ehdrv.sys Error: (12/20/2019 08:35:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: Se ha bloqueado la descarga de este controlador Windows Defender: =================================== Date: 2019-05-09 11:57:05.172 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para obtener más información consulte lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0 Nombre: HackTool:Win64/AutoKMS Id.: 2147723334 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe Origen de detección: Equipo local Tipo de detección: Concreto Fuente de detección: Protección en tiempo real Usuario: NT Authority\System Nombre de proceso: System Versión de firma: AV: 1.293.1102.0, AS: 1.293.1102.0, NIS: 1.293.1102.0 Versión de motor: AM: 1.1.15900.4, NIS: 1.1.15900.4 Date: 2019-05-09 11:57:05.104 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para obtener más información consulte lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0 Nombre: HackTool:Win64/AutoKMS Id.: 2147723334 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll Origen de detección: Equipo local Tipo de detección: Concreto Fuente de detección: Protección en tiempo real Usuario: NT Authority\System Nombre de proceso: System Versión de firma: AV: 1.293.1102.0, AS: 1.293.1102.0, NIS: 1.293.1102.0 Versión de motor: AM: 1.1.15900.4, NIS: 1.1.15900.4 Date: 2019-05-09 11:47:44.455 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para obtener más información consulte lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0 Nombre: HackTool:Win64/AutoKMS Id.: 2147723334 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe Origen de detección: Equipo local Tipo de detección: Concreto Fuente de detección: Sistema Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: Unknown Versión de firma: AV: 1.293.1102.0, AS: 1.293.1102.0, NIS: 1.293.1102.0 Versión de motor: AM: 1.1.15900.4, NIS: 1.1.15900.4 Date: 2019-05-09 11:47:40.892 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para obtener más información consulte lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0 Nombre: HackTool:Win64/AutoKMS Id.: 2147723334 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe Origen de detección: Equipo local Tipo de detección: Concreto Fuente de detección: Sistema Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: Unknown Versión de firma: AV: 1.293.1102.0, AS: 1.293.1102.0, NIS: 1.293.1102.0 Versión de motor: AM: 1.1.15900.4, NIS: 1.1.15900.4 Date: 2019-05-09 11:47:09.443 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para obtener más información consulte lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0 Nombre: HackTool:Win64/AutoKMS Id.: 2147723334 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Windows\SECOH-QAD.exe Origen de detección: Equipo local Tipo de detección: Concreto Fuente de detección: Protección en tiempo real Usuario: NT AUTHORITY\Servicio de red Nombre de proceso: C:\Windows\System32\svchost.exe Versión de firma: AV: 1.293.1102.0, AS: 1.293.1102.0, NIS: 1.293.1102.0 Versión de motor: AM: 1.1.15900.4, NIS: 1.1.15900.4 Date: 2019-05-09 11:57:09.174 Description: Antivirus de Windows Defender encontró un error al intentar actualizar las firmas. Nueva versión de firma: Versión de firma anterior: 1.293.1102.0 Origen de actualización: Servidor de Microsoft Update Tipo de firma: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión de motor actual: Versión de motor anterior: 1.1.15900.4 Código de error: 0x8024402c Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. Date: 2019-05-06 10:42:20.546 Description: Antivirus de Windows Defender encontró un error al intentar actualizar las firmas. Nueva versión de firma: Versión de firma anterior: 1.293.664.0 Origen de actualización: Centro de protección contra malware de Microsoft Tipo de firma: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\Servicio de red Versión de motor actual: Versión de motor anterior: 1.1.15900.4 Código de error: 0x80072ee7 Descripción del error: No se pudo resolver el nombre de servidor o su dirección Date: 2019-05-06 10:42:20.546 Description: Antivirus de Windows Defender encontró un error al intentar actualizar las firmas. Nueva versión de firma: Versión de firma anterior: 1.293.664.0 Origen de actualización: Centro de protección contra malware de Microsoft Tipo de firma: AntiSpyware Tipo de actualización: Completa Usuario: NT AUTHORITY\Servicio de red Versión de motor actual: Versión de motor anterior: 1.1.15900.4 Código de error: 0x80072ee7 Descripción del error: No se pudo resolver el nombre de servidor o su dirección Date: 2019-05-06 10:42:20.545 Description: Antivirus de Windows Defender encontró un error al intentar actualizar las firmas. Nueva versión de firma: Versión de firma anterior: 1.293.664.0 Origen de actualización: Centro de protección contra malware de Microsoft Tipo de firma: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\Servicio de red Versión de motor actual: Versión de motor anterior: 1.1.15900.4 Código de error: 0x80072ee7 Descripción del error: No se pudo resolver el nombre de servidor o su dirección Date: 2019-05-06 10:42:20.532 Description: Antivirus de Windows Defender encontró un error al intentar actualizar las firmas. Nueva versión de firma: Versión de firma anterior: 1.293.664.0 Origen de actualización: Centro de protección contra malware de Microsoft Tipo de firma: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\Servicio de red Versión de motor actual: Versión de motor anterior: 1.1.15900.4 Código de error: 0x80072ee7 Descripción del error: No se pudo resolver el nombre de servidor o su dirección CodeIntegrity: =================================== Date: 2019-12-22 09:38:43.494 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2019-12-22 09:38:43.493 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2019-12-22 09:37:07.214 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2019-12-22 09:37:07.213 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2019-12-22 09:36:42.983 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2019-12-22 09:36:42.982 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2019-12-22 09:36:40.784 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2019-12-22 09:36:40.783 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. P1.40 06/25/2012 Motherboard: ASRock X79 Extreme6 Processor: Intel(R) Core(TM) i7-3820 CPU @ 3.60GHz Percentage of memory in use: 11% Total physical RAM: 32720.16 MB Available physical RAM: 28800.09 MB Total Virtual: 37584.16 MB Available Virtual: 33271.5 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:464.84 GB) (Free:113.47 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive e: (LIBRERIA) (Fixed) (Total:1371.73 GB) (Free:198.25 GB) NTFS Drive f: (SAMPLERS) (Fixed) (Total:1422.79 GB) (Free:86.28 GB) NTFS Drive g: (LIBRERIA2) (Fixed) (Total:1863.01 GB) (Free:49.61 GB) NTFS Drive h: (HD H) (Fixed) (Total:1863.01 GB) (Free:78.14 GB) NTFS Drive i: (HD I) (Fixed) (Total:1863.01 GB) (Free:101.04 GB) NTFS Drive j: (HD J) (Fixed) (Total:1863.01 GB) (Free:102 GB) NTFS Drive k: (BACKUP2014) (Fixed) (Total:1863.01 GB) (Free:34.65 GB) NTFS Drive m: (HD M) (Fixed) (Total:931.51 GB) (Free:17.98 GB) NTFS Drive n: () (Removable) (Total:57.64 GB) (Free:55.17 GB) FAT32 \\?\Volume{796f39ee-0000-0000-0000-203674000000}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS \\?\Volume{796f39ee-0000-0000-0000-805474000000}\ () (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 149D2D86) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: C67C2563) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ========================================================== Disk: 2 (Size: 2794.5 GB) (Disk ID: 98543DF5) Partition: GPT. ========================================================== Disk: 3 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 796F39EE) Partition 1: (Active) - (Size=464.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=485 MB) - (Type=27) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ========================================================== Disk: 4 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 73484ACD) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ========================================================== Disk: 5 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 3A5DDB01) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ========================================================== Disk: 6 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: DB4E6622) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ========================================================== Disk: 7 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 22A0E9E7) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ========================================================== Disk: 8 (Size: 57.7 GB) (Disk ID: 69737369) No partition Table on disk 8. ==================== End of Addition.txt =======================