Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019 Ran by Guillermo (04-07-2019 12:01:40) Running from C:\Users\Guillermo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\36PCWDS2 Windows 7 Home Premium Service Pack 1 (X64) (2014-06-17 14:52:59) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-3766905851-4103078425-132140337-500 - Administrator - Disabled) Guillermo (S-1-5-21-3766905851-4103078425-132140337-1000 - Administrator - Enabled) => C:\Users\Guillermo Invitado (S-1-5-21-3766905851-4103078425-132140337-501 - Limited - Disabled) UpdatusUser (S-1-5-21-3766905851-4103078425-132140337-1001 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) "Nero SoundTrax Help (HKLM-x32\...\{98a67610-a3b5-4098-a423-3708040026d3}) (Version: 4.2.5.0 - Nero AG) Hidden 64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden Actualización de NVIDIA 1.7.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.7.12 - NVIDIA Corporation) Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.6.0.248 - Adobe Systems Incorporated) Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.207 - Adobe) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.207 - Adobe) Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden Aimersoft Helper Compact 2.5.2 (HKLM-x32\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft) AllDup 4.2.0 (HKLM-x32\...\AllDup_is1) (Version: 4.2.0 - Michael Thummerer Software Design) Apple Application Support (32 bits) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Auslogics Duplicate File Finder (HKLM-x32\...\{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1) (Version: 7.0.24.0 - Auslogics Labs Pty Ltd) B110 (HKLM-x32\...\{9F9A2D22-7E30-4546-B817-10644FFB9935}) (Version: 140.0.283.000 - Hewlett-Packard) Hidden Backup and Sync from Google (HKLM\...\{510D7DF1-732A-4E0D-9FE7-0BCBB9481A2F}) (Version: 3.44.5504.6203 - Google, Inc.) bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden calibre 64bit (HKLM\...\{4C3B5AEC-2EBE-4BB9-A7E1-F61E3E244465}) (Version: 2.12.0 - Kovid Goyal) CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform) Centro de Mouse y Teclado de Microsoft (HKLM\...\{93FDA8B3-711F-45A7-B7E1-497452B34F5F}) (Version: 10.4.137.0 - Microsoft Corporation) Hidden Centro de Mouse y Teclado de Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 10.4.137.0 - Microsoft Corporation) Configurador_FNMT (HKLM-x32\...\{438D4C4C-B703-4971-9C3D-33FF8A010ADB}) (Version: 3.7 - FNMT-RCM) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform) DolbyFiles (HKLM-x32\...\{b1adf008-e898-4fe2-8a1f-690d9a06acaf}) (Version: 2.0 - Nero AG) Hidden Dropbox (HKLM-x32\...\Dropbox) (Version: 75.4.141 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden Duplicate Remover Free 1.9 (HKLM-x32\...\Duplicate Remover Free 1.9_is1) (Version: - ) DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen) eMule (HKLM-x32\...\eMule) (Version: - ) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Estudio para la mejora del producto HP ENVY 4500 series (HKLM\...\{7AB1C3CE-613B-4078-8FDA-DE70E8A917E7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) Free Video Flip and Rotate (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 2.2.37.627 - Digital Wave Ltd) G@TA 2018 (HKLM-x32\...\Programa de Ayuda G@TA 2018 - MODELOS 650 651_is1) (Version: Programa de Ayuda para la Gestión Telemática de Tributos Autonómicos G@TA 2018 650 651. - Comunidad de Madrid) Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC) Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google) Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard) HP ENVY 4500 series Ayuda (HKLM-x32\...\{083DCC02-5EB2-48B0-8BFF-F2D367F5AFB7}) (Version: 30.0.0 - Hewlett Packard) HP ENVY 4500 series Software básico del dispositivo (HKLM\...\{F1F56388-1766-41E4-BFBE-F23671D56574}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{C5B6133F-8943-44F2-AF72-778E2701481A}) (Version: 1.0.8.0 - Hewlett-Packard) HP Photo Creations (HKU\S-1-5-21-3766905851-4103078425-132140337-1000\...\HP Photo Creations) (Version: 1.0.0.19382 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPAppStudio (HKLM-x32\...\{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}) (Version: 140.0.95.000 - Hewlett-Packard) Hidden HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) iSkysoft Helper Compact 2.5.2 (HKLM-x32\...\{9BF12010-8799-41A5-A671-E9CFDE9E79F3}_is1) (Version: 2.5.2 - iSkysoft) iSkysoft iMedia Converter Deluxe(Build 10.1.4.147) (HKLM-x32\...\iMedia Converter Deluxe_is1) (Version: 10.1.4.147 - iSkysoft Software) iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.) Java 8 Update 191 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180191F0}) (Version: 8.0.1910.12 - Oracle Corporation) Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation) Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes) MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden Menu Templates - Starter Kit (HKLM-x32\...\{b78120a0-cf84-4366-a393-4d0a59bc546c}) (Version: 9.0.4.0 - Nero AG) Hidden Microsoft .NET Framework 2.0 fix Version 1.0.0.1 (HKLM-x32\...\{C12304D8-48C3-46C9-A62F-82FFAFC04170}_is1) (Version: 1.0.0.1 - Wondershare, Inc.) Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version: - Microsoft) Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version: - Microsoft) Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version: - Microsoft) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Language Pack - ESN (HKLM-x32\...\{6D972506-DC01-39BC-A5DD-06DA86E00031}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - ESN (HKLM-x32\...\{4A28444E-0532-3264-B07D-5AFE590E30BE}) (Version: 9.0.30729 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Templates - Starter Kit (HKLM-x32\...\{e498385e-1c51-459a-b45f-1721e37aa1a0}) (Version: 9.0.4.0 - Nero AG) Hidden Mozilla Firefox 45.0.2 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 es-ES)) (Version: 45.0.2 - Mozilla) Mozilla Firefox 63.0.3 (x64 es-ES) (HKLM\...\Mozilla Firefox 63.0.3 (x64 es-ES)) (Version: 63.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger) Nero 9 (HKLM-x32\...\{2fe09f91-4550-4832-9338-eb05db507b17}) (Version: - Nero AG) Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.221.000 - Hewlett-Packard) Hidden Network64 (HKLM\...\{CE47BA54-78AC-409F-9151-BDF5BE15A804}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden NVIDIA Controlador de gráficos 296.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.19 - NVIDIA Corporation) Panel de control de NVIDIA 296.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 296.19 - NVIDIA Corporation) Hidden ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) PS_AIO_07_B110_SW_Min (HKLM-x32\...\{F88E2E04-7EF5-488C-8E38-C94EB808458E}) (Version: 140.0.142.000 - Hewlett-Packard) Hidden QuickTransfer (HKLM-x32\...\{E517094C-06B6-419F-8FFD-EF4F57972130}) (Version: 140.0.98.000 - Hewlett-Packard) Hidden RadiAnt DICOM Viewer (64-bit) (HKLM-x32\...\RadiAnt64) (Version: 4.1.6.16895 - Medixant) Revisión para Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{6D972506-DC01-39BC-A5DD-06DA86E00031}.KB947789) (Version: 1 - Microsoft Corporation) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.) Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.80.000 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) SmartWebPrinting (HKLM-x32\...\{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}) (Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.214.000 - Hewlett-Packard) Hidden SoundTrax (HKLM-x32\...\{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}) (Version: 4.2.5.0 - Nero AG) Hidden Spotify (HKU\S-1-5-21-3766905851-4103078425-132140337-1000\...\Spotify) (Version: 1.1.6.113.gb388fe17 - Spotify AB) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.93332 - TeamViewer) Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden VideoPad, editor de vídeo (HKLM-x32\...\VideoPad) (Version: 6.26 - NCH Software) VisiPics V1.31 (HKLM-x32\...\VisiPics_is1) (Version: - Ozone) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN) WavePad, editor de audio (HKLM-x32\...\WavePad) (Version: 6.07 - NCH Software) WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.212.017 - Hewlett-Packard) Hidden WinDirStat 1.1.2 (HKU\S-1-5-21-3766905851-4103078425-132140337-1000\...\WinDirStat) (Version: - ) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH) Wondershare TunesGo ( Version 9.5.2 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 9.5.2 - Wondershare) Wondershare Video Converter Ultimate(Build 8.6.0.0) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 8.6.0.0 - Wondershare Software) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) HKU\S-1-5-21-3766905851-4103078425-132140337-1000\...\ChromeHTML: -> <==== ATTENTION CustomCLSID: HKU\S-1-5-21-3766905851-4103078425-132140337-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Guillermo\AppData\Local\Microsoft\OneDrive\18.212.1021.0008\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-3766905851-4103078425-132140337-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Guillermo\AppData\Local\Microsoft\OneDrive\18.212.1021.0008\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-3766905851-4103078425-132140337-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Guillermo\AppData\Local\Microsoft\OneDrive\18.212.1021.0008\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-3766905851-4103078425-132140337-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems) CustomCLSID: HKU\S-1-5-21-3766905851-4103078425-132140337-1000_Classes\CLSID\{F09690BD-582D-4439-B6ED-5C2545D2F424}\InprocServer32 -> C:\Windows\system32\kernel32.dll (Microsoft Windows -> Microsoft Corporation) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-25] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-25] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-25] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-04-01] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-04-01] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-04-01] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-04-01] (Adobe Systems Incorporated -> ) ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [2008-11-06] (Nero AG -> Nero AG) ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [FileAssociationHelper] -> {D5CF14A2-B3CA-49DC-8E3E-0BB233B26D09} => C:\Program Files\File Association Helper\FAHDll.dll [2014-01-28] (WinZip Computing LLC -> Nico Mak Computing) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-25] (Google LLC -> Google) ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> No File ContextMenuHandlers1: [iSkysoftVideoConverterFileOpreation] -> {BB35DE05-89D6-4D8F-95DE-A27DF8156D91} => -> No File ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed] ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => -> No File ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2015-02-27] () [File not signed] ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> No File ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-25] (Google LLC -> Google) ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2012-03-07] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-04-01] (Adobe Systems Incorporated -> ) ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers6: [Fast Explorer] -> {693BE9C0-BEC3-11D2-B4C1-C33BBD3AD64B} => C:\ProgramData\AllDup\FEShlExt.dll [2008-08-21] (Alex Yakovlev) [File not signed] ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> No File ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] Shortcut: C:\Users\Guillermo\Favorites\informatica\Sitio para descargas de NCH Software.lnk -> hxxp://www.nch.com.au/es/index.htm ==================== Loaded Modules (Whitelisted) ============== 2019-02-12 20:36 - 2016-07-21 11:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSCreateVC.dll 2019-02-12 20:36 - 2016-10-08 18:03 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\DAQExp.dll 2014-10-07 09:44 - 2016-07-21 11:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\CBSCreateVC.dll 2014-10-07 09:44 - 2016-10-08 17:59 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\DAQExp.dll 2019-07-04 11:34 - 2019-07-04 11:34 - 000113664 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\_ctypes.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000173568 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\_elementtree.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 001800192 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\_hashlib.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000032256 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\_multiprocessing.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000046080 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\_psutil_windows.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000047616 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\_socket.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 002230784 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\_ssl.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000026112 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\_yappi.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000080896 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\bz2.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 006277632 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\cello.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000014848 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\common.time34.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000007680 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\hashobjs_ext.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000301568 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\PIL._imaging.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000169472 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\pyexpat.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 001084416 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\pysqlite2._sqlite.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000548864 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\pythoncom27.dll 2019-07-04 11:34 - 2019-07-04 11:34 - 000137728 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\pywintypes27.dll 2019-07-04 11:34 - 2019-07-04 11:34 - 000010752 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\select.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000020992 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\thumbnails_ext.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000689664 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\unicodedata.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000118784 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\usb_ext.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000128512 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\win32api.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000438784 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\win32com.shell.shell.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000011776 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\win32crypt.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000023040 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\win32event.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000149504 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\win32file.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000223232 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\win32gui.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000048128 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\win32inet.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000029696 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\win32pdh.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000027648 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\win32pipe.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000044032 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\win32process.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000020480 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\win32profile.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000136192 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\win32security.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000026624 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\win32ts.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000034304 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\windows.conditional.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000038400 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\windows.connectivity.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000073216 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\windows.device_monitor.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000110592 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\windows.volumes.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000020480 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\windows.winwrap.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 001325056 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\wx._controls_.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 001489408 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\wx._core_.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 001007104 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\wx._gdi_.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000103424 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\wx._html2.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 000916992 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\wx._misc_.pyd 2019-07-04 11:34 - 2019-07-04 11:34 - 001039872 _____ () [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\wx._windows_.pyd 2016-04-24 09:23 - 2015-02-27 14:38 - 000721263 _____ () [File not signed] C:\Windows\SysWOW64\WSCM64.dll 2014-06-17 18:49 - 2009-09-30 18:48 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll 2010-10-22 13:08 - 2010-10-22 13:08 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll 2014-06-21 20:27 - 2009-10-21 15:39 - 000138752 _____ (Hewlett-Packard Company) [File not signed] C:\Windows\System32\hpf3l101.dll 2014-06-21 20:33 - 2009-10-21 15:38 - 000254464 _____ (Hewlett-Packard Corporation) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\hpfpp101.dll 2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll 2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll 2014-06-17 18:49 - 2009-09-30 18:48 - 000077824 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\DTMessageLib.dll 2014-06-17 18:49 - 2009-09-30 18:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll 2014-11-09 11:53 - 2014-11-09 11:53 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL 2019-07-04 11:34 - 2019-07-04 11:34 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\python27.dll 2016-11-16 15:58 - 2016-11-16 15:58 - 000250368 _____ (Windows (R) Codename Longhorn DDK provider) [File not signed] C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll 2019-02-12 20:36 - 2016-10-08 18:04 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSProducstInfo.dll 2014-10-07 09:44 - 2016-10-08 18:00 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\CBSProducstInfo.dll 2019-07-04 11:34 - 2019-07-04 11:34 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\wxbase30u_net_vc90_x64.dll 2019-07-04 11:34 - 2019-07-04 11:34 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\wxbase30u_vc90_x64.dll 2019-07-04 11:34 - 2019-07-04 11:34 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\wxmsw30u_adv_vc90_x64.dll 2019-07-04 11:34 - 2019-07-04 11:34 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\wxmsw30u_core_vc90_x64.dll 2019-07-04 11:34 - 2019-07-04 11:34 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\wxmsw30u_html_vc90_x64.dll 2019-07-04 11:34 - 2019-07-04 11:34 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Guillermo\AppData\Local\Temp\_MEI24122\wxmsw30u_webview_vc90_x64.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:054B9966 [141] AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [116] AlternateDataStreams: C:\ProgramData\TEMP:AFB5119F [131] AlternateDataStreams: C:\ProgramData\TEMP:DDCCB2FA [286] AlternateDataStreams: C:\ProgramData\TEMP:FCA8C9CD [137] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-3766905851-4103078425-132140337-1000\...\fnmt.es -> hxxp://fnmt.es IE trusted site: HKU\S-1-5-21-3766905851-4103078425-132140337-1000\...\fnmt.es -> hxxps://fnmt.es IE trusted site: HKU\S-1-5-21-3766905851-4103078425-132140337-1000\...\fnmt.gob.es -> hxxps://fnmt.gob.es IE trusted site: HKU\S-1-5-21-3766905851-4103078425-132140337-1000\...\fnmt.gob.es -> hxxp://fnmt.gob.es ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2019-07-04 00:28 - 000000104 _____ C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Windows Live\Shared;C:\Users\Guillermo\AppData\Local\Smartbar\Application;C:\Program Files\Calibre2;C:\Program Files (x86)\Skype\Phone HKU\S-1-5-21-3766905851-4103078425-132140337-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Guillermo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{E968355C-689F-45ED-92D8-0101A2C0E048}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{7B7F0566-4699-4E76-BE95-844C66F14DDE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{36E991C8-F7BF-4ABD-9A8E-6FE285087017}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{F696EB3D-627F-4B5F-91F9-74C58A3D94DC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{9D8740A4-E21D-49D1-B9F8-7A697A50B949}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{88B2D50F-42CF-42FA-9FA1-127F2B104EDA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{446D8885-3D8F-4E09-BD56-475C06D8D98D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{B3DB12F9-E00E-41CB-A2A5-CEC72148793B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{A6C8D84D-6029-4FAD-B52B-7392F83420C0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard) FirewallRules: [{DDAF5FBB-D693-4780-9AE4-E792F93185C8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{1A1A9019-7398-4335-9206-0B6867479F74}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{BBEF9A82-D139-4145-9127-67B35FDF17A5}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard) FirewallRules: [{AF98C856-5ABF-42EF-95EA-EC14555C6642}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{840369E9-A0C5-4FFE-97C5-E5FAE8051AEE}] => (Allow) LPort=2869 FirewallRules: [{8F9AFC46-1B27-435D-8B9E-96D460F747CF}] => (Allow) LPort=1900 FirewallRules: [{43340EB4-D7F1-4D42-B53E-C8B98D7C8F22}] => (Allow) C:\Users\Guillermo\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{2C1628EE-38C9-432A-A0E9-8D45405CFCFE}] => (Allow) C:\Users\Guillermo\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [TCP Query User{5BA70EA0-2A9E-4C3E-822D-282458AE993F}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [File not signed] FirewallRules: [UDP Query User{656C50D5-0A79-424A-8F02-3F269C5BE0B4}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [File not signed] FirewallRules: [{F8F8E7AF-E934-498E-A7E2-E11E1D52A012}] => (Block) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [File not signed] FirewallRules: [{AF115A81-C270-4CAD-A062-EFA39F50CFBB}] => (Block) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [File not signed] FirewallRules: [{5D2A30BF-D48D-4AA8-91DF-06AFE84DDF8C}] => (Allow) C:\Users\Guillermo\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{7250719B-0DBE-4437-9A04-E3CBA2B2F4EC}] => (Allow) C:\Users\Guillermo\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{E2A78209-ED6F-4E9F-897D-0F37F82CED58}] => (Allow) C:\Users\Guillermo\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{13AAE0BE-6F57-49A5-8C47-AD29A87C6D41}] => (Allow) C:\Users\Guillermo\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{B477E7C8-4C50-475C-863B-B9005AFF597A}] => (Allow) C:\Users\Guillermo\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{F4638069-63BA-4EC6-8376-801E95A776C4}] => (Allow) C:\Users\Guillermo\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [TCP Query User{E5A0C7C1-87A1-4B9E-9FF9-FDFF7697266C}C:\program files\calibre2\calibre.exe] => (Allow) C:\program files\calibre2\calibre.exe () [File not signed] FirewallRules: [UDP Query User{C32DC41E-4C8F-4CE5-A4A3-12C55867F6AC}C:\program files\calibre2\calibre.exe] => (Allow) C:\program files\calibre2\calibre.exe () [File not signed] FirewallRules: [{A19D2594-162C-422A-9BCB-AA2AD8B81C5C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{DD8BBA06-C0A2-4E6F-8466-B5FF40673FE5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{EB8ED7D1-296C-48F2-BD5E-22C0E52CC193}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe No File FirewallRules: [UDP Query User{581D45F9-636B-44D1-88C5-9A518833FAE0}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe No File FirewallRules: [{6D5600F2-3825-4BA6-85D7-9A7437136B25}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed] FirewallRules: [{BF9967DC-1E91-49BF-A7AB-4BB0F83E5614}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed] FirewallRules: [{7F056C75-FDC7-448F-B589-F952E761A610}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP) FirewallRules: [{6B0DB83A-B743-451B-8FAD-BB90BB2DC152}] => (Allow) LPort=5357 FirewallRules: [{7AA57C57-06F2-41DE-8878-9C772028E2FD}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP) FirewallRules: [TCP Query User{17C5A678-D4D7-4555-8220-F1E7FD09550C}C:\users\guillermo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\guillermo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{8EFF9D78-5079-4A0B-AD6A-AC4805E079A6}C:\users\guillermo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\guillermo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{10106E6C-0965-463F-BA19-6EB77E7C0D1F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{87B68099-8EB6-4058-BF0D-421B0AEED824}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{1004C553-2BB3-4601-AA8B-F89E10D799B3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{56820CFA-F3DE-4D15-A853-EB8E030908C0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{9539F782-5334-42B1-9B8B-3D2B3AD989C6}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [TCP Query User{AF309671-FABC-4338-9E77-C00719F6B247}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe No File FirewallRules: [UDP Query User{FAC378A3-FEE2-42F4-A05B-96496ECA889C}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe No File FirewallRules: [TCP Query User{C4149BE0-AEC0-4F68-A2F0-229E006498FF}C:\users\guillermo\appdata\local\microsoft\windows\temporary internet files\content.ie5\1ne9zzet\ffinstonline.exe] => (Allow) C:\users\guillermo\appdata\local\microsoft\windows\temporary internet files\content.ie5\1ne9zzet\ffinstonline.exe No File FirewallRules: [UDP Query User{FBA89492-0CC7-452C-8306-AFABA47D2EDD}C:\users\guillermo\appdata\local\microsoft\windows\temporary internet files\content.ie5\1ne9zzet\ffinstonline.exe] => (Allow) C:\users\guillermo\appdata\local\microsoft\windows\temporary internet files\content.ie5\1ne9zzet\ffinstonline.exe No File FirewallRules: [TCP Query User{31ADA0E8-87E8-4A47-BA7E-AC59C9CBD006}C:\program files (x86)\formatfactory\ffmodules\package\ptinstonline.exe] => (Block) C:\program files (x86)\formatfactory\ffmodules\package\ptinstonline.exe No File FirewallRules: [UDP Query User{06148DB3-1CC3-4238-871A-10C775DC24C7}C:\program files (x86)\formatfactory\ffmodules\package\ptinstonline.exe] => (Block) C:\program files (x86)\formatfactory\ffmodules\package\ptinstonline.exe No File FirewallRules: [TCP Query User{5B475F9E-9DCC-4C33-9314-34CA9F7EF574}C:\users\guillermo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\guillermo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{17730ACB-D65C-48F0-AAE5-0A1636926D24}C:\users\guillermo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\guillermo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{4852AEED-76FA-4B7A-A837-7646704DCA2F}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe No File FirewallRules: [UDP Query User{F0CFEF06-6C5C-422F-8B54-6C57F49A55F6}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe No File FirewallRules: [TCP Query User{D54886C2-EFA3-42D3-A479-21A1D34B5457}C:\program files\calibre2\calibre.exe] => (Block) C:\program files\calibre2\calibre.exe () [File not signed] FirewallRules: [UDP Query User{19698B47-E36F-42BE-8229-58439AD2CE6A}C:\program files\calibre2\calibre.exe] => (Block) C:\program files\calibre2\calibre.exe () [File not signed] FirewallRules: [{C4699D5C-0D46-4C6F-B259-858A12458FFB}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed] FirewallRules: [{E0AE8E17-CB7F-4044-A497-016A1CAED2F7}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed] FirewallRules: [{BB13C718-CB3B-4D64-87F5-E9A0B4C42623}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{812EDB24-BE09-48A5-A99B-3CE4928E1CBD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{DB64A808-BFB3-491F-B0E5-93CD5A56C170}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{E1A5C8FE-3D9A-4F28-9594-647CE17977D0}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{A6732A4D-233D-4064-89FD-DFF995E16159}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{D52839AA-6AD0-4D0F-8401-0E1454EE9D16}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [TCP Query User{C63C14D7-0F4C-4FF7-8863-E014DCA7BA9C}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe No File FirewallRules: [UDP Query User{89BAE0B2-AA1B-44D6-A731-06DA80D178D1}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe No File FirewallRules: [{B60A9070-526C-4009-B6A3-267D52E065FD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{0818AB5C-3B81-4B7B-A6D6-995D75C3C7C3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{5A6E91E8-3A0C-43CB-879C-E427B215A98B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{1EB3065F-59F7-4426-AF9C-CC6ADD1091A5}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) ==================== Restore Points ========================= 25-06-2019 21:45:54 Installed Disk Drill 2.0.0.339 26-06-2019 09:01:29 Removed Disk Drill 2.0.0.339 04-07-2019 01:38:05 Punto de control programado ==================== Faulty Device Manager Devices ============= Name: BAPIDRV Description: BAPIDRV Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: BAPIDRV Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Adaptador de tunelización Teredo de Microsoft Description: Adaptador de tunelización Teredo de Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Buttons and OSDs ACPI driver gen2 Description: Buttons and OSDs ACPI driver gen2 Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: ACPI Service: ACPIService Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. ==================== Event log errors: ========================= Application errors: ================== Error: (07/04/2019 11:33:08 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema. Error: (07/03/2019 11:32:02 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema. Error: (07/03/2019 09:28:44 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema. Error: (07/01/2019 02:29:51 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: El programa IEXPLORE.EXE, versión 11.0.9600.18838, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades. Identificador de proceso: 1bd0 Hora de inicio: 01d52fa36b81b862 Hora de finalización: 0 Ruta de acceso de la aplicación: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Identificador de informe: Error: (06/29/2019 10:00:39 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema. Error: (06/29/2019 09:48:28 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema. Error: (06/28/2019 02:27:04 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: Explorer.EXE, versión: 6.1.7601.23537, marca de tiempo: 0x57c44efe Nombre del módulo con errores: MSVCR90.dll, versión: 9.0.30729.6161, marca de tiempo: 0x4dace4e7 Código de excepción: 0xc0000005 Desplazamiento de errores: 0x000000000001e1ac Id. del proceso con errores: 0x73c Hora de inicio de la aplicación con errores: 0x01d52d37fb4203bb Ruta de acceso de la aplicación con errores: C:\Windows\Explorer.EXE Ruta de acceso del módulo con errores: C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll Id. del informe: 73edcce0-993b-11e9-9912-70f395223ce3 Error: (06/28/2019 01:24:42 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15491 System errors: ============= Error: (07/04/2019 11:32:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio Wondershare Driver Install Service no pudo iniciarse debido al siguiente error: El sistema no puede encontrar el archivo especificado. Error: (07/04/2019 11:32:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio NEWDRIVER no pudo iniciarse debido al siguiente error: El sistema no puede encontrar el archivo especificado. Error: (07/04/2019 11:32:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio Digital Wave Update Service no pudo iniciarse debido al siguiente error: El servicio no respondió a tiempo a la solicitud de inicio o de control. Error: (07/04/2019 11:32:17 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Digital Wave Update Service. Error: (07/04/2019 11:32:04 AM) (Source: BugCheck) (EventID: 1001) (User: ) Description: El equipo se reinició después de una comprobación de errores. La comprobación de errores fue: 0x000000d1 (0xfffffaec00000166, 0x0000000000000002, 0x0000000000000001, 0xfffff8800425e256). Se guardó un volcado en: C:\Windows\MEMORY.DMP. Id. de informe: 070419-29671-01. Error: (07/04/2019 11:31:43 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: El cierre anterior del sistema a las 11:30:28 del ‎04/‎07/‎2019 resultó inesperado. Error: (07/04/2019 10:52:09 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Se recibió la siguiente alerta irrecuperable: 40. Error: (07/04/2019 10:52:09 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Se recibió la siguiente alerta irrecuperable: 40. Windows Defender: =================================== Date: 2016-04-16 09:57:30.290 Description: El examen de Windows Defender se detuvo antes de completarse. Id. de examen:{297DD1E1-5AAD-43A8-9FDE-0410A62F8699} Tipo de examen:AntiSpyware Parámetros de examen:Examen rápido Usuario:NT AUTHORITY\Servicio de red Date: 2016-03-31 19:06:52.583 Description: Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas. Firmas intentadas:Actual Código de error:0x80070002 Descripción de error:El sistema no puede encontrar el archivo especificado. Versión de firma:0.0.0.0 Versión de motor:0.0.0.0 Date: 2016-03-17 10:15:27.752 Description: Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas. Firmas intentadas:Actual Código de error:0x80070002 Descripción de error:El sistema no puede encontrar el archivo especificado. Versión de firma:0.0.0.0 Versión de motor:0.0.0.0 Date: 2015-11-04 02:46:45.415 Description: Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas. Firmas intentadas:Actual Código de error:0x80070002 Descripción de error:El sistema no puede encontrar el archivo especificado. Versión de firma:0.0.0.0 Versión de motor:0.0.0.0 Date: 2015-10-24 12:26:00.946 Description: Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas. Firmas intentadas:Actual Código de error:0x80070002 Descripción de error:El sistema no puede encontrar el archivo especificado. Versión de firma:0.0.0.0 Versión de motor:0.0.0.0 CodeIntegrity: =================================== Date: 2016-08-31 03:17:57.459 Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema. Date: 2016-08-31 03:17:57.147 Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema. Date: 2016-08-30 03:35:20.428 Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema. Date: 2016-08-30 03:35:20.272 Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema. Date: 2016-08-29 08:59:53.774 Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema. Date: 2016-08-29 08:59:53.587 Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema. Date: 2016-08-08 22:02:22.816 Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema. Date: 2016-08-08 22:02:22.660 Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema. ==================== Memory info =========================== BIOS: American Megatrends Inc. 6.03 04/01/2010 Motherboard: PEGATRON CORPORATION 2A9A Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz Percentage of memory in use: 88% Total physical RAM: 3959.11 MB Available physical RAM: 453.91 MB Total Virtual: 7916.41 MB Available Virtual: 2777.91 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.41 GB) (Free:282.6 GB) NTFS \\?\Volume{0c5a4e71-f623-11e3-94c6-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2092A99E) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================