Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-09-2019 Ran by PC (11-09-2019 07:49:38) Running from C:\Users\PC\Downloads Windows 10 Pro Version 1803 17134.1006 (X64) (2018-06-16 16:41:08) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-3997577931-3068925019-3166496077-500 - Administrator - Disabled) ASPNET (S-1-5-21-3997577931-3068925019-3166496077-1004 - Limited - Enabled) DefaultAccount (S-1-5-21-3997577931-3068925019-3166496077-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3997577931-3068925019-3166496077-1003 - Limited - Enabled) Invitado (S-1-5-21-3997577931-3068925019-3166496077-501 - Limited - Disabled) PC (S-1-5-21-3997577931-3068925019-3166496077-1001 - Administrator - Enabled) => C:\Users\PC WDAGUtilityAccount (S-1-5-21-3997577931-3068925019-3166496077-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) A360 Desktop (HKLM\...\{B65CD59E-A771-4354-AA4B-C3E01B496BCD}) (Version: 8.2.3.1800 - Autodesk) ACA & MEP 2018 Object Enabler (HKLM\...\{28B89EEF-1004-0000-5102-CF3F3A09B77D}) (Version: 8.0.40.0 - Autodesk) Hidden ACAD Private (HKLM\...\{28B89EEF-1001-0000-3102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden ACOS5-CryptoMate Admin Client Kit (HKLM\...\{AB8C7801-6519-4216-805D-C5CBA8E66F4B}) (Version: 4.0.4.2 - Advanced Card Systems Ltd.) ACS Unified PC/SC Driver 4.0.0.0 (HKLM\...\{8A89A9DD-9ED4-4532-AE8A-863B291D9472}) (Version: 4.0.0.0 - Advanced Card Systems Ltd.) Actualización de NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.255 - Adobe) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.255 - Adobe) Adobe Flash Plugins (HKLM\...\Adobe Flash Player) (Version: 24.0.0.186 - oszone.net) AIMP (HKLM-x32\...\AIMP) (Version: v4.12.1878, 25.12.2016 - AIMP DevTeam) Akamai NetSession Interface (HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\Akamai) (Version: - Akamai Technologies, Inc) Aplicación de escritorio de Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.7.232 - Autodesk) Aplicaciones destacadas de Autodesk 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk) Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version: - Ubisoft) aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) AutoCAD 2018 - Español (Spanish) (HKLM\...\{28B89EEF-1001-040A-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden AutoCAD 2018 Language Pack - Español (Spanish) (HKLM\...\{28B89EEF-1001-040A-1102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden AutoCAD 2018 (HKLM\...\{28B89EEF-1001-0000-0102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden Autodesk 3ds Max 2018 (HKLM\...\{52B37EC7-D836-0410-0764-3C24BCED2010}) (Version: 20.0.0.966 - Autodesk) Hidden Autodesk 3ds Max 2018 (HKLM\...\Autodesk 3ds Max 2018) (Version: 20.0.0.966 - Autodesk) Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk) Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk) Autodesk AutoCAD 2018 - Español (Spanish) (HKLM\...\AutoCAD 2018 - Español (Spanish)) (Version: 22.0.49.0 - Autodesk) Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk) Autodesk Backburner 2018.0 (HKLM-x32\...\{0038F5AA-8482-4BB2-8A28-3FEA1D58D78A}) (Version: 18.0.0.0 - Autodesk) Autodesk Civil View for 3ds Max 2018 64-bit (HKLM\...\{51C8EDF7-FFDA-430A-8B5E-1895FF14ACB7}) (Version: 20.0.0.0 - Autodesk) Autodesk Inventor Server Engine for 3ds Max 2018 (HKLM\...\{1984E20A-184B-4073-87F4-6755F3EE5769}) (Version: 20.0 - Autodesk) Autodesk License Service (x64) - 5.1.4 (HKLM\...\{3609A8D9-FC0C-4C9B-9F58-0B1D1A4FE556}) (Version: 5.1.4.0 - Autodesk) Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk) Autodesk Material Library Medium Resolution Image Library 2018 (HKLM-x32\...\{6EC5DA32-D02D-47D4-A3C4-988C1BC1A5FE}) (Version: 16.11.1.0 - Autodesk) Autodesk ReCap (HKLM\...\{6ED27C84-0000-1033-0102-D4DAEFFC23C2}) (Version: 4.0.0.28 - Autodesk) Hidden Autodesk ReCap (HKLM\...\Autodesk ReCap 360) (Version: 4.0.0.28 - Autodesk) Autodesk Revit Interoperability for 3ds Max 2018 (HKLM\...\{0BB716E0-1800-0610-0000-097DC2F354DF}) (Version: 18.0.0.412 - Autodesk) Hidden Autodesk Revit Interoperability for 3ds Max 2018 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2018) (Version: 18.0.0.412 - Autodesk) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.7.2388 - AVAST Software) Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 76.0.1659.101 - AVAST Software) Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.5.245.0 - AVAST Software) Hidden Blackboard Collaborate Launcher (HKLM-x32\...\{51D4C008-F059-4447-BEC7-2DFECD932E35}) (Version: 1.6.5.0 - Blackboard) Blender (HKLM\...\{B1DF3793-1651-4AE5-9CA0-E845DD8B526B}) (Version: 2.79.0 - Blender Foundation) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform) CertiTool (HKLM-x32\...\{09F0D33A-B600-468C-AC90-FE17C7D2A433}) (Version: 7.0.2 - Certicamara S.A.) Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}) (Version: 15.2.686 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{9464C064-AAC7-4416-BFE4-4C3C0232FC71}) (Version: 17.0.491 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Capture (x64) (HKLM\...\{2C91CB9D-323D-43E5-A433-229B71CFB773}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (x64) (HKLM\...\{BD036E95-A9CD-4DED-B744-95AB1DCAFF0C}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (x64) (HKLM\...\{5162E418-BB43-4C8F-ACD6-069645EF98C3}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - ES (x64) (HKLM\...\{65168D5C-A6DD-4C1B-BF5C-860A39CDD05E}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (x64) (HKLM\...\{D10A5CFA-FE33-4F06-AE37-554604F00A52}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (x64) (HKLM\...\{5406029B-67AD-4F8E-9F2D-F1959CD9CD86}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (x64) (HKLM\...\{EF44BCCD-13F9-4974-862C-CCFAF43EE082}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (x64) (HKLM\...\{13179AB2-69FD-459B-800F-81865A501AD4}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (HKLM\...\{1A73168F-5983-46A6-AAAB-FD83BC231E02}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (x64) (HKLM\...\{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (x64) (HKLM\...\{5672E0DC-7489-4EAC-8CFD-E01B3868FCB5}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (HKLM\...\{966996DC-D67C-40E3-8BD4-31FA0F093571}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (x64) (HKLM\...\{D63404AC-C2F1-4B3D-96EA-9727AC9D994C}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.7.1.0340 - Disc Soft Ltd) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.16 - NVIDIA Corporation) Hidden Dropbox (HKLM-x32\...\Dropbox) (Version: 80.4.126 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden Estudio para la mejora del producto HP Deskjet 2540 series (HKLM\...\{ACC8C418-E83E-4997-975D-4C267A6BC112}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) FARO LS 1.1.600.6 (64bit) (HKLM-x32\...\{510A08AF-1649-4844-94E5-EAC43A023685}) (Version: 6.0.6.5 - FARO Scanner Production) FreeCAD 0.16 - A free open source CAD system (HKLM\...\FreeCAD 0.16) (Version: 0.16.6712 - Juergen Riegel) GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC) Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden Harzing's Publish or Perish 6.28.6197.6663 (HKLM\...\{EEBA0E63-2BF1-48E7-840A-E0D4C4C6DB86}) (Version: 6.28.6197.6663 - Tarma Software Research Ltd) HiSuite (HKLM-x32\...\Hi Suite) (Version: 8.0.1.300 - ) HP Deskjet 2540 series Ayuda (HKLM-x32\...\{97B017B2-40F3-4308-91EA-F3A881859248}) (Version: 30.0.0 - Hewlett Packard) HP Deskjet 2540 series Software básico del dispositivo (HKLM\...\{2FE8E982-BB5C-4660-81AF-B9DD389A5F58}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) JSignPdf 1.6.1 (HKLM-x32\...\JSignPdf_is1) (Version: 1.6.1 - Josef Cacek) KeyShot 6 64 bit (HKLM-x32\...\KeyShot 6_64) (Version: 6.1 64 bit - Luxion ApS) Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes) MAXtoA for 3ds Max 2018 (HKLM\...\{3F079052-16F4-45CB-9543-75110485F2D9}) (Version: 1.0.836.0 - Solid Angle) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 1.1 Spanish Language Pack (HKLM-x32\...\{83169D43-4660-4347-BC95-E9D6E6BE65CE}) (Version: 1.1.4322 - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version: - Microsoft) Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version: - Microsoft) Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version: - Microsoft) Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version: - Microsoft) Microsoft OneDrive (HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0007 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) Mozilla Firefox 67.0.4 (x64 es-ES) (HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\Mozilla Firefox 67.0.4 (x64 es-ES)) (Version: 67.0.4 - Mozilla) Mozilla Firefox 68.0.2 (x64 es-ES) (HKLM\...\Mozilla Firefox 68.0.2 (x64 es-ES)) (Version: 68.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0 - Mozilla) netfabb Basic version 6.4 (HKLM\...\{7BB85DFB-F509-476F-95FF-F75457C60214}}_is1) (Version: 6.4 - ) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden NVIDIA Controlador de 3D Vision 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 416.16 - NVIDIA Corporation) NVIDIA Controlador de audio HD 1.3.37.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.5 - NVIDIA Corporation) NVIDIA Controlador de gráficos 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.16 - NVIDIA Corporation) NVIDIA Controlador de la controladora 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation) NVIDIA mental ray and IRay feature plugins for 3ds Max 2018 (HKLM\...\{C76BBD60-09DB-43B3-B5B0-BF00C80B500C}) (Version: 19.0.0.0 - Autodesk) NVIDIA Software del sistema PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation) Opera Stable 63.0.3368.71 (HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\Opera 63.0.3368.71) (Version: 63.0.3368.71 - Opera Software) Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden Panel de control de NVIDIA 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.16 - NVIDIA Corporation) Hidden Paquete de controladores de Windows - Adafruit Industries LLC (usbser) Ports (02/25/2016 6.2.2600.0) (HKLM\...\1245A5961AC9D2C18ADF9EEC931D77E059B7F74E) (Version: 02/25/2016 6.2.2600.0 - Adafruit Industries LLC) Paquete de controladores de Windows - Advanced Card Systems Ltd. Unified PC/SC Driver (10/10/2013 4.0.0.0) (HKLM\...\017E462195A49B92E61A2EE9F52F341D2A5D6C3B) (Version: 10/10/2013 4.0.0.0 - Advanced Card Systems Ltd.) Paquete de controladores de Windows - Arduino LLC (www.arduino.cc) Arduino USB Driver (11/24/2015 1.2.3.0) (HKLM\...\8B585560B248755A6C5A24D5C0F50FA998310883) (Version: 11/24/2015 1.2.3.0 - Arduino LLC (www.arduino.cc)) Paquete de controladores de Windows - Arduino LLC (www.arduino.cc) Genuino USB Driver (01/07/2016 1.0.3.0) (HKLM\...\EC414D98E2986DCA1628FAED2163CD1C9A4ED7EC) (Version: 01/07/2016 1.0.3.0 - Arduino LLC (www.arduino.cc)) Paquete de controladores de Windows - Arduino Srl (www.arduino.org) Arduino USB Driver (03/19/2015 1.1.1.0) (HKLM\...\69E507459B453D69A453EFC9E461FAE1E073408A) (Version: 03/19/2015 1.1.1.0 - Arduino Srl (www.arduino.org)) Paquete de controladores de Windows - libusb-win32 (libusb0) libusb-win32 devices (04/21/2015 1.0.0.0) (HKLM\...\28E91B69CA377EB48D6E1B92C37F897036E8A818) (Version: 04/21/2015 1.0.0.0 - libusb-win32) Paquete de controladores de Windows - Linino (usbser) Ports (01/13/2014 1.0.0.0) (HKLM\...\A2C084AD4515675961A87E71B10E80E4FDCF7FAA) (Version: 01/13/2014 1.0.0.0 - Linino) Pepakura Designer 4 (HKLM-x32\...\pepakura_designer4en) (Version: - TamaSoftware) Phoenix FD for 3ds Max 2018 for x64 (HKLM\...\Phoenix FD for 3ds Max 2018 for x64) (Version: 3.04.00 - Chaos Software Ltd) Power Data Recovery 4.6.5 (HKLM-x32\...\Power Data Recovery_is1) (Version: - MT Solution Ltd.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8010 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) Remo Recover 4.0 (HKLM\...\{A573D759-F894-448D-A420-3A9C31879F88}_is1) (Version: 4.0.0.65 - Remo Software) Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.) Revo Uninstaller Pro 4.0.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.0.0 - VS Revo Group, Ltd.) Rhinoceros 5 (64-bit) (HKLM\...\{D7B0FC7F-827E-4664-9DC8-32AD32C875A7}) (Version: 5.5.30717.16015 - Robert McNeel & Associates) SafeNet Authentication Client 8.3 (HKLM\...\{648B71AE-68FC-45D4-B1A3-21BC86229A73}) (Version: 8.3.52.0 - SafeNet, Inc.) SketchUp 2016 (HKLM\...\{1EE5F772-57F4-4299-8029-68F8A815E896}) (Version: 16.0.19912 - Trimble Navigation Limited) Skype versión 8.28 (HKLM-x32\...\Skype_is1) (Version: 8.28 - Skype Technologies S.A.) Solid Edge ST9 (HKLM\...\{1E02E133-6790-460A-B9C7-9CEA71CB502A}) (Version: 109.00.00111 - Siemens) TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.2.8352 - TeamViewer) Televzr (HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\c6ba130a-455e-5073-9dbd-f9d1f65c1562) (Version: 1.9.1 - 3205 Inc) Ultimaker Cura 4.2 (HKLM-x32\...\Ultimaker Cura 4.2) (Version: 4.2.1 - Ultimaker) UmmyVideoDownloader (HKLM-x32\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.10.3.2 - ) <==== ATTENTION Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden UpdateAssistant (HKLM\...\{B8B01E04-5393-4902-98E6-0E2787F03C80}) (Version: 1.13.0.0 - Microsoft Corporation) Hidden Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft) USB Disk Security (HKLM-x32\...\USB Disk Security_is1) (Version: - Zbshareware Lab) uTorrent Web (HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\utweb) (Version: 0.21.0 - BitTorrent, Inc.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) V-Ray for 3dsmax 2018 for x64 (HKLM\...\V-Ray for 3dsmax 2018 for x64) (Version: 3.60.03 - Chaos Software Ltd) V-Ray for Rhinoceros 5 (HKLM\...\V-Ray for Rhinoceros 5) (Version: 3.40.01 - Chaos Software Ltd) V-Ray Online License Server (HKLM\...\V-Ray Online License Server) (Version: 4.3.1 - Chaos Software Ltd) V-Ray Swarm (HKLM\...\V-Ray Swarm) (Version: 1.3.5 - Chaos Software Ltd) Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden Packages: ========= Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-05-27] (Autodesk Inc.) Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad] HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-07-20] (HP Inc.) Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2019-07-29] (Keeper Security Inc) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad] Microsoft Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-10] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-08-27] (Microsoft Studios) [MS Ad] MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-10] (Microsoft Corporation) [MS Ad] Numilog eBook Reader -> C:\Program Files\WindowsApps\Numilog.NumilogeBookReader_1.0.0.56_x86__fn295wynkd18w [2018-03-17] (NUMILOG.COM) Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2017-10-21] (Plex) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\es-ES\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\PC\Dropbox [2018-02-04 10:23] ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-05] (AVAST Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-02] (Autodesk, Inc -> Autodesk, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => -> No File ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => -> No File ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => -> No File ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-02] (Autodesk, Inc -> Autodesk) ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-10-21] (Artem Izmaylov -> AIMP DevTeam) [File not signed] ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-05] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-01-30] (Disc Soft Ltd -> Disc Soft Ltd) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-05] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-01-30] (Disc Soft Ltd -> Disc Soft Ltd) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-10-21] (Artem Izmaylov -> AIMP DevTeam) [File not signed] ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-10-02] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-05] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2018-09-06] (VS Revo Group Ltd. -> VS Revo Group) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2018-02-16 19:39 - 2018-02-16 19:39 - 000174592 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\V-Ray Swarm\node_modules\ffi\build\Release\ffi_bindings.node 2018-02-16 19:39 - 2018-02-16 19:39 - 000163328 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\V-Ray Swarm\node_modules\ref\build\Release\binding.node 2018-02-16 19:39 - 2018-02-16 19:39 - 000204800 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\V-Ray Swarm\node_modules\v8-profiler\build\profiler\v5.6.5\node-v48-win32-x64\profiler.node 2018-02-16 19:38 - 2018-02-16 19:38 - 000144384 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\VRLService\OLS\node_modules\os-service\build\Release\service.node 2018-02-16 19:38 - 2018-02-16 19:38 - 000200704 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\VRLService\OLS\node_modules\vrloffline-win32\vrloffline.node 2017-10-21 09:13 - 2011-11-03 14:21 - 000034816 _____ () [File not signed] C:\Program Files (x86)\USB Disk Security\locales\spanish.dll 2012-06-28 12:44 - 2012-06-28 12:44 - 001289728 _____ () [File not signed] C:\WINDOWS\SYSTEM32\LIBEAY32.dll 2013-12-17 15:27 - 2013-12-17 15:27 - 001550336 _____ (Advanced Card Systems Ltd.) [File not signed] C:\WINDOWS\SYSTEM32\acospkcs11.dll 2017-10-21 09:13 - 2010-12-08 15:21 - 000753664 _____ (BCGSoft Co Ltd) [File not signed] C:\Program Files (x86)\USB Disk Security\BCGPStyle2010Blue150.dll 2017-10-21 09:13 - 2010-12-09 21:27 - 006062080 _____ (BCGSoft Ltd) [File not signed] C:\Program Files (x86)\USB Disk Security\BCGCBPRO1500u80.dll 2018-06-16 11:38 - 2018-06-16 11:38 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\Software\Classes\.scr: AutoCADScriptFile => ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\banrep.gov.co -> banrep.gov.co IE trusted site: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\cancilleria.gov.co -> cancilleria.gov.co IE trusted site: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\ccb.org.co -> ccb.org.co IE trusted site: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\certicamara.com -> certicamara.com IE trusted site: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\certifactura.com -> certifactura.com IE trusted site: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\certisubasta.com -> certisubasta.com IE trusted site: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\contraloriabogota.gov.co -> contraloriabogota.gov.co IE trusted site: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\contraloriagen.gov.co -> contraloriagen.gov.co IE trusted site: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\dian.gov.co -> dian.gov.co IE trusted site: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\dne.gov.co -> dne.gov.co IE trusted site: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\fiduprevisora.com.co -> fiduprevisora.com.co IE trusted site: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\fna.gov.co -> fna.gov.co IE trusted site: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\fonade.gov.co -> fonade.gov.co IE trusted site: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\fosyga.gov.co -> fosyga.gov.co IE trusted site: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\indumil.gov.co -> indumil.gov.co IE trusted site: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\mineducacion.gov.co -> mineducacion.gov.co IE trusted site: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\minhacienda.gov.co -> minhacienda.gov.co IE trusted site: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\minproteccionsocial.gov.co -> minproteccionsocial.gov.co IE trusted site: HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\...\mintransporte.gov.co -> mintransporte.gov.co There are 13 more sites. ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2017-03-18 16:03 - 2019-03-05 15:47 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts 2019-02-19 19:56 - 2019-04-08 06:49 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 92.168.137.1 DESKTOP-9RHR0DR.mshome.net # 2024 2 1 19 1 9 42 721 ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files (x86)\Autodesk\Backburner\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\SafeNet\Authentication\SAC\x64;C:\Program Files\SafeNet\Authentication\SAC\x32;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR HKU\S-1-5-21-3997577931-3068925019-3166496077-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: Media is not connected to internet. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [UDP Query User{A0B83B05-F505-4FE2-924C-598CF1FD7EBF}C:\program files\chaos group\v-ray\v-ray 3.4 for rhinoceros 5\vrayneui-win32-x64\vrayneui.exe] => (Allow) C:\program files\chaos group\v-ray\v-ray 3.4 for rhinoceros 5\vrayneui-win32-x64\vrayneui.exe (Chaos Software, Ltd) [File not signed] FirewallRules: [TCP Query User{302B86AC-599A-41D6-A926-EB1F27C8E04C}C:\program files\chaos group\v-ray\v-ray 3.4 for rhinoceros 5\vrayneui-win32-x64\vrayneui.exe] => (Allow) C:\program files\chaos group\v-ray\v-ray 3.4 for rhinoceros 5\vrayneui-win32-x64\vrayneui.exe (Chaos Software, Ltd) [File not signed] FirewallRules: [UDP Query User{279CC483-7EF6-47F2-B20C-447FA881D29C}C:\program files\rhinoceros 5 (64-bit)\system\rhino.exe] => (Allow) C:\program files\rhinoceros 5 (64-bit)\system\rhino.exe (Robert McNeel and Associates -> Robert McNeel & Associates) [File not signed] FirewallRules: [TCP Query User{A4C2B8CD-276E-4D22-B7BA-F8C8562B343A}C:\program files\rhinoceros 5 (64-bit)\system\rhino.exe] => (Allow) C:\program files\rhinoceros 5 (64-bit)\system\rhino.exe (Robert McNeel and Associates -> Robert McNeel & Associates) [File not signed] FirewallRules: [UDP Query User{10FEBA2E-F9C1-4D42-ABAC-D089165CC78D}C:\users\pc\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\pc\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.) FirewallRules: [TCP Query User{C7FC3CC6-6F7F-414D-8CAF-F9FFF35B6E07}C:\users\pc\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\pc\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.) FirewallRules: [{57F58EC8-768C-4A9B-B14C-9383F35897F7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{3C750474-96AB-4378-B012-0144D3AD60F4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{F089C9FB-AACD-4212-B1D6-6F31AC2FDC0B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{7917471F-11A2-40F2-80F0-6227F1CEF242}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{DE6FA7CE-8DDE-4586-8F77-5EE7B5A21329}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{E35C74D6-FB5F-4E74-B547-3A6F5F637317}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5641D4BF-F4E8-4ABC-BFC4-C306C8EC888D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{EA817439-D3D4-4C4A-B204-9E78BD9C00E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{9B9A961C-C9B2-433B-A060-7A71A2343308}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Disc Soft Ltd -> Disc Soft Ltd) FirewallRules: [{AD4FDB66-FD15-4347-82BA-C5C393E5E685}] => (Allow) C:\Program Files\KeyShot6\bin\keyshot6.exe (Luxion, Inc. -> Luxion) FirewallRules: [{3A150F9A-91A6-4C4B-8E2F-AB6055DB6C93}] => (Allow) C:\Program Files\KeyShot6\bin\keyshot_daemon.exe (Luxion, Inc. -> ) FirewallRules: [{2FD43B01-D78E-4AF0-9F1D-9F9730DE6865}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{6E0D4061-1A25-452D-896B-4A0C886C7E9C}] => (Allow) LPort=5357 FirewallRules: [{DA2C0A8D-2280-48B9-8835-E21BF434BD0E}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [TCP Query User{B938165B-AF8D-47B5-B55E-46ADDC568F89}C:\program files\rhinoceros 5 (64-bit)\system\rhino.exe] => (Allow) C:\program files\rhinoceros 5 (64-bit)\system\rhino.exe (Robert McNeel and Associates -> Robert McNeel & Associates) [File not signed] FirewallRules: [UDP Query User{E3778B63-FD19-46DF-87CF-BED86B59328E}C:\program files\rhinoceros 5 (64-bit)\system\rhino.exe] => (Allow) C:\program files\rhinoceros 5 (64-bit)\system\rhino.exe (Robert McNeel and Associates -> Robert McNeel & Associates) [File not signed] FirewallRules: [{02B07709-DD6D-4B06-98C3-7912B3256657}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for Rhinoceros 5\vrayneui-win32-x64\vrayneui.exe (Chaos Software, Ltd) [File not signed] FirewallRules: [{8B850650-2EFA-4561-A5F9-9FB9E57680DE}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for Rhinoceros 5\vrayneui-win32-x64\vrayneui.exe (Chaos Software, Ltd) [File not signed] FirewallRules: [{9E7DECEC-66ED-44ED-BEDE-96C785BDC61C}] => (Allow) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe (Chaos Software Ltd.) [File not signed] FirewallRules: [{799D5A34-6618-4B5A-8528-A354E65FD002}] => (Allow) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe (Chaos Software Ltd.) [File not signed] FirewallRules: [{92A9470C-B1C5-4581-ACFF-AC91FE4A50F4}] => (Allow) LPort=20208 FirewallRules: [{11F537BC-C97C-40D2-B4A1-5D099569E672}] => (Allow) LPort=20208 FirewallRules: [{D78E3451-AF59-4915-9E17-398C84A4870F}] => (Allow) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe (Chaos Software Ltd.) [File not signed] FirewallRules: [{555086C4-BE2B-4A8B-8C88-EA58FB2B4F6F}] => (Allow) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe (Chaos Software Ltd.) [File not signed] FirewallRules: [TCP Query User{0B38950E-2049-4987-ACE7-6A6237C2E2E3}C:\users\pc\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\pc\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.) FirewallRules: [UDP Query User{A234C13D-AAFF-41F2-BEC8-226E24915E5C}C:\users\pc\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\pc\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.) FirewallRules: [{8DA8B476-514F-4F7B-929A-42B0710049A6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8355CDA0-A5FF-4F9E-B274-58E27A9F4E87}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{51266452-2528-424C-90CD-C940A74C3B31}C:\users\pc\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_80\bin\javaw.exe] => (Allow) C:\users\pc\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_80\bin\javaw.exe FirewallRules: [UDP Query User{413290A4-A931-425A-BC32-785A5C48DCFE}C:\users\pc\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_80\bin\javaw.exe] => (Allow) C:\users\pc\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_80\bin\javaw.exe FirewallRules: [{837C1B45-9460-405F-81C9-C885EC050C5F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{D5968EB3-A680-4243-980A-3EB4F4CE7023}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{99753E23-C07B-46EE-9295-EB75A86D4263}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed] FirewallRules: [{A8F4F4C5-9893-4B5E-B0BB-33FE2E7A5C1A}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed] FirewallRules: [TCP Query User{36B6A359-237E-4D60-A2B1-66480F634B6D}C:\users\pc\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\pc\appdata\roaming\utorrent web\utweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed] FirewallRules: [UDP Query User{11887393-6796-4DE7-9002-C9DFFB746E43}C:\users\pc\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\pc\appdata\roaming\utorrent web\utweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed] FirewallRules: [{0E840191-0302-45DF-A968-D8BEDBD9ADED}] => (Allow) C:\Users\PC\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed] FirewallRules: [{8252AEE4-BF9C-437B-9D90-C1C6EED8731A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{89F38E3B-A2AF-4F91-8435-1769BCAD9591}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FCFADA7F-F6DE-42CF-94C7-7975190E3E79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{C95C2E7F-02F8-4B05-97E7-FB976D5BD0EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{BBB6A42B-2080-4B73-B0B5-C5FEC5F898CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{ABF96A0B-97E1-466D-ACC7-C3B843621553}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{0864F0B1-C497-46E8-8FE9-4C17D85518CD}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{A7CF7F12-481F-47D9-A7F0-660661310E2D}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Rogue\ACC.exe (UBISOFT ENTERTAINMENT INC. -> ) FirewallRules: [{57B76EAD-5C2F-4618-95E8-270E8C02B1E2}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Rogue\ACC.exe (UBISOFT ENTERTAINMENT INC. -> ) FirewallRules: [{22EAE0C9-FDC6-4DC8-8A78-0CBBC8721F38}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{C4AE02CD-A07F-4832-80D6-0209F9C2B40F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{A6DBE749-2BA7-442C-A35C-77E6544905C7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{D0629A0B-5F49-4449-8BCB-B8795F854012}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{854C7A0C-693E-4014-88C8-9F78C0BA0325}] => (Allow) C:\Users\PC\AppData\Local\Programs\Opera\62.0.3331.116\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{FBDBF558-CF7D-4257-8830-75E0F1DF742A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{618783D8-20DB-4A4F-8A74-38B1A9B8A722}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{28E8FA8E-65D9-4F5D-8261-F79EF49FD62A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{93B2D70D-3AB2-43BC-8CEA-E172A63F261D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [TCP Query User{9A62DBF0-6E78-419B-BDB3-C23CE1188D04}C:\program files\ultimaker cura 4.2\cura.exe] => (Allow) C:\program files\ultimaker cura 4.2\cura.exe () [File not signed] FirewallRules: [UDP Query User{BA7410F8-EAEE-4A09-BC37-FAA22375625E}C:\program files\ultimaker cura 4.2\cura.exe] => (Allow) C:\program files\ultimaker cura 4.2\cura.exe () [File not signed] FirewallRules: [TCP Query User{664AE3D3-635E-4D2C-A633-35929CB55E4F}C:\program files\ultimaker cura 4.2\cura.exe] => (Allow) C:\program files\ultimaker cura 4.2\cura.exe () [File not signed] FirewallRules: [UDP Query User{729C5C79-A5F4-4D14-B7F8-9D078E55CD88}C:\program files\ultimaker cura 4.2\cura.exe] => (Allow) C:\program files\ultimaker cura 4.2\cura.exe () [File not signed] FirewallRules: [{06EA4E90-44BF-48E6-BCCD-1FE8A0ECD39D}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) FirewallRules: [{66A427BE-A070-4014-B212-7A6EBC55E0E3}] => (Allow) C:\Users\PC\AppData\Local\Programs\Opera\63.0.3368.71\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{18F42EBA-ED7D-4D8C-8FEE-1E2C39B08D47}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{9FB1CECE-652D-4BFF-876B-65C75F5F5B4B}] => (Allow) C:\WINDOWS\system32\hasplms.exe (SafeNet, Inc. -> SafeNet Inc.) FirewallRules: [{C4E9157A-3EA7-413C-87B3-6AA313220951}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= 07-09-2019 21:22:41 Punto de control programado ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/11/2019 07:41:10 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Error de la activación de licencia (slui.exe) con el siguiente código: hr=0x8007232B Argumentos de línea de comandos: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (09/11/2019 07:38:14 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Error de la activación de licencia (slui.exe) con el siguiente código: hr=0x8007267C Argumentos de línea de comandos: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (09/11/2019 01:28:14 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Error de la activación de licencia (slui.exe) con el siguiente código: hr=0x8007232B Argumentos de línea de comandos: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (09/11/2019 01:28:09 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Error de la activación de licencia (slui.exe) con el siguiente código: hr=0x8007232B Argumentos de línea de comandos: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (09/11/2019 12:13:25 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Error de la activación de licencia (slui.exe) con el siguiente código: hr=0x8007267C Argumentos de línea de comandos: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (09/10/2019 10:39:33 PM) (Source: COM) (EventID: 10031) (User: ) Description: Se realizó una comprobación de directiva de anulación de serialización al anular la serialización de un objeto con serialización personalizada; se rechazó la clase {41FD88F7-F295-4D39-91AC-A85F3149A05B} Error: (09/10/2019 10:39:33 PM) (Source: COM) (EventID: 10031) (User: ) Description: Se realizó una comprobación de directiva de anulación de serialización al anular la serialización de un objeto con serialización personalizada; se rechazó la clase {41FD88F7-F295-4D39-91AC-A85F3149A05B} Error: (09/10/2019 08:37:41 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Error de la activación de licencia (slui.exe) con el siguiente código: hr=0x8007232B Argumentos de línea de comandos: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable System errors: ============= Error: (09/11/2019 07:40:02 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} y APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} al usuario NT AUTHORITY\NETWORK SERVICE con SID (S-1-5-20) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (09/11/2019 07:38:19 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9RHR0DR) Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} y APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} al usuario DESKTOP-9RHR0DR\PC con SID (S-1-5-21-3997577931-3068925019-3166496077-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (09/11/2019 07:38:01 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} y APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} al usuario NT AUTHORITY\LOCAL SERVICE con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (09/11/2019 07:38:01 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} y APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} al usuario NT AUTHORITY\LOCAL SERVICE con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (09/11/2019 07:38:01 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} y APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} al usuario NT AUTHORITY\LOCAL SERVICE con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (09/11/2019 07:38:01 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} y APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} al usuario NT AUTHORITY\LOCAL SERVICE con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (09/11/2019 07:37:54 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY) Description: El controlador de dispositivo para el Módulo de plataforma segura (TPM) encontró en el hardware de TPM un error irrecuperable que impide que se usen los servicios de TPM (como el cifrado de datos). Para obtener más ayuda, póngase en contacto con el fabricante del equipo. Error: (09/11/2019 07:37:34 AM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: El servicio Malwarebytes Service no se cerró correctamente después de recibir un control de aviso de apagado. Windows Defender: =================================== Date: 2018-09-05 09:11:21.998 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para obtener más información consulte lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nombre: HackTool:Win32/AutoKMS Id.: 2147685180 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Users\PC\Downloads\Nueva carpeta (54)\Solucion Errores Microsoft Office\Activador\Microsoft Toolkit.exe Origen de detección: Equipo local Tipo de detección: Concreto Fuente de detección: Protección en tiempo real Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: C:\Windows\System32\SearchProtocolHost.exe Versión de firma: AV: 1.275.777.0, AS: 1.275.777.0, NIS: 1.275.777.0 Versión de motor: AM: 1.1.15200.1, NIS: 1.1.15200.1 Date: 2018-09-05 09:11:15.085 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para obtener más información consulte lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nombre: HackTool:Win32/AutoKMS Id.: 2147685180 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Users\PC\Downloads\Nueva carpeta (54)\Solucion Errores Microsoft Office\Activador\Microsoft Toolkit.exe Origen de detección: Equipo local Tipo de detección: Concreto Fuente de detección: Protección en tiempo real Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: C:\Windows\System32\SearchProtocolHost.exe Versión de firma: AV: 1.275.777.0, AS: 1.275.777.0, NIS: 1.275.777.0 Versión de motor: AM: 1.1.15200.1, NIS: 1.1.15200.1 Date: 2018-09-05 09:10:40.311 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para obtener más información consulte lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nombre: HackTool:Win32/AutoKMS Id.: 2147685180 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Users\PC\Downloads\Nueva carpeta (54)\Solucion Errores Microsoft Office\Activador\Microsoft Toolkit.exe Origen de detección: Equipo local Tipo de detección: Concreto Fuente de detección: Sistema Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: Unknown Versión de firma: AV: 1.275.777.0, AS: 1.275.777.0, NIS: 1.275.777.0 Versión de motor: AM: 1.1.15200.1, NIS: 1.1.15200.1 Date: 2018-09-05 09:10:40.310 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para obtener más información consulte lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0 Nombre: HackTool:Win32/Keygen Id.: 2147593794 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_D:\PROGRAMAS\COREL X7\corel 64 bits\Keygen.exe Origen de detección: Equipo local Tipo de detección: Concreto Fuente de detección: Sistema Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: Unknown Versión de firma: AV: 1.275.777.0, AS: 1.275.777.0, NIS: 1.275.777.0 Versión de motor: AM: 1.1.15200.1, NIS: 1.1.15200.1 Date: 2018-09-05 09:06:55.089 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para obtener más información consulte lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nombre: HackTool:Win32/AutoKMS Id.: 2147685180 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Users\PC\Downloads\Nueva carpeta (54)\Solucion Errores Microsoft Office\Activador\Microsoft Toolkit.exe;process:_pid:11540,ProcessStart:131806292594847700;process:_pid:14468,ProcessStart:131806297774862556 Origen de detección: Equipo local Tipo de detección: Concreto Fuente de detección: Protección en tiempo real Usuario: DESKTOP-9RHR0DR\PC Nombre de proceso: C:\Users\PC\Downloads\Nueva carpeta (54)\Solucion Errores Microsoft Office\Activador\Microsoft Toolkit.exe Versión de firma: AV: 1.275.777.0, AS: 1.275.777.0, NIS: 1.275.777.0 Versión de motor: AM: 1.1.15200.1, NIS: 1.1.15200.1 Date: 2019-09-11 07:49:11.138 Description: Antivirus de Windows Defender encontró un error al intentar actualizar las firmas. Nueva versión de firma: Versión de firma anterior: 1.275.777.0 Origen de actualización: Centro de protección contra malware de Microsoft Tipo de firma: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\NETWORK SERVICE Versión de motor actual: Versión de motor anterior: 1.1.15200.1 Código de error: 0x80072ee7 Descripción del error: No se pudo resolver el nombre de servidor o su dirección Date: 2019-09-11 07:49:11.137 Description: Antivirus de Windows Defender encontró un error al intentar actualizar las firmas. Nueva versión de firma: Versión de firma anterior: 1.275.777.0 Origen de actualización: Centro de protección contra malware de Microsoft Tipo de firma: AntiSpyware Tipo de actualización: Completa Usuario: NT AUTHORITY\NETWORK SERVICE Versión de motor actual: Versión de motor anterior: 1.1.15200.1 Código de error: 0x80072ee7 Descripción del error: No se pudo resolver el nombre de servidor o su dirección Date: 2019-09-11 07:49:11.137 Description: Antivirus de Windows Defender encontró un error al intentar actualizar las firmas. Nueva versión de firma: Versión de firma anterior: 1.275.777.0 Origen de actualización: Centro de protección contra malware de Microsoft Tipo de firma: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\NETWORK SERVICE Versión de motor actual: Versión de motor anterior: 1.1.15200.1 Código de error: 0x80072ee7 Descripción del error: No se pudo resolver el nombre de servidor o su dirección Date: 2019-09-11 07:49:11.043 Description: Antivirus de Windows Defender encontró un error al intentar actualizar las firmas. Nueva versión de firma: Versión de firma anterior: 1.275.777.0 Origen de actualización: Servidor de Microsoft Update Tipo de firma: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión de motor actual: Versión de motor anterior: 1.1.15200.1 Código de error: 0x80240438 Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulta Ayuda y soporte técnico. Date: 2019-09-11 07:39:02.283 Description: Antivirus de Windows Defender encontró un error al intentar actualizar las firmas. Nueva versión de firma: Versión de firma anterior: 1.275.777.0 Origen de actualización: Centro de protección contra malware de Microsoft Tipo de firma: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\NETWORK SERVICE Versión de motor actual: Versión de motor anterior: 1.1.15200.1 Código de error: 0x80072ee7 Descripción del error: No se pudo resolver el nombre de servidor o su dirección CodeIntegrity: =================================== Date: 2019-09-11 07:50:19.333 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2019-09-11 07:50:19.332 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2019-09-11 07:49:04.327 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2019-09-11 07:49:04.326 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2019-09-11 07:48:39.324 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2019-09-11 07:48:39.323 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2019-09-11 07:48:32.320 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2019-09-11 07:48:32.319 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. Compumax V1.O 27/09/2017 Motherboard: Compumax Computer S.A.S DESKTOP Processor: Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz Percentage of memory in use: 68% Total physical RAM: 8144.77 MB Available physical RAM: 2538.12 MB Total Virtual: 29648.77 MB Available Virtual: 21945.63 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:237.51 GB) (Free:86 GB) NTFS Drive d: (Nuevo vol) (Fixed) (Total:931.51 GB) (Free:740.73 GB) NTFS \\?\Volume{9767af60-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS \\?\Volume{9767af60-0000-0000-0000-b07f3b000000}\ () (Fixed) (Total:0.48 GB) (Free:0.08 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: BC0D43A2) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 9767AF60) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=237.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=489 MB) - (Type=27) ==================== End of Addition.txt ============================