Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019 Ran by SergioJG (15-12-2019 12:45:53) Running from C:\Users\SergioJG\Desktop Windows 10 Pro Version 1709 16299.15 (X64) (2019-01-16 22:48:23) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-3252720332-746923214-1690960025-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3252720332-746923214-1690960025-503 - Limited - Disabled) Invitado (S-1-5-21-3252720332-746923214-1690960025-501 - Limited - Disabled) SergioJG (S-1-5-21-3252720332-746923214-1690960025-1001 - Administrator - Enabled) => C:\Users\SergioJG WDAGUtilityAccount (S-1-5-21-3252720332-746923214-1690960025-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) "CZUR Scanner V4.6" (HKLM-x32\...\{1FDB6D08-4308-424B-A32D-5DE22747A0B2}_is1) (Version: 4.6 - "CZUR TECH CO., LTD") 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) ACDSee Photo Manager 2009 (HKLM-x32\...\{300578F9-9EFF-4B93-9AB1-C0E5707EF463}) (Version: 11.0.85 - ACD Systems International) Ad (HKLM\...\{58621D10-8DB7-42D2-9576-32104DBD17F0}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden Adobe (HKLM\...\{A6726233-096D-424F-A4B1-4244704738C1}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated) Adobe After Effects 2019 (HKLM-x32\...\AEFT_16_1_1) (Version: 16.1.1 - Adobe Systems Incorporated) Adobe Animate CC 2019 (HKLM-x32\...\FLPR_19_0) (Version: 19.0 - Adobe Systems Incorporated) Adobe Audition 2019 (HKLM-x32\...\AUDT_12_1) (Version: 12.1 - Adobe Systems Incorporated) Adobe Bridge 2019 (HKLM-x32\...\KBRG_9_1) (Version: 9.1 - Adobe Systems Incorporated) Adobe Character Animator 2019 (HKLM-x32\...\CHAR_2_1) (Version: 2.1 - Adobe Systems Incorporated) Adobe Connect (HKU\S-1-5-21-3252720332-746923214-1690960025-1001\...\Adobe Connect App) (Version: 2019.1.2.32 - Adobe Systems Inc.) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.8.2.476 - Adobe Systems Incorporated) Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.10 - Adobe Systems Incorporated) Adobe Dimension (HKLM-x32\...\ESHR_2_2_1) (Version: 2.2.1 - Adobe Systems Incorporated) Adobe Dreamweaver 2019 (HKLM-x32\...\DRWV_19_2) (Version: 19.2 - Adobe Systems Incorporated) Adobe Dreamweaver CC 2017 (HKLM-x32\...\DRWV_17_0_0) (Version: 17.0.0 - Adobe Systems Incorporated) Adobe Fireworks CS6 (HKLM-x32\...\{CA7C485C-7A89-11E1-B2C8-CD54B377BC52}) (Version: 12.0.0 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.303 - Adobe) Adobe Illustrator 2019 (HKLM-x32\...\ILST_23_0_3) (Version: 23.0.3 - Adobe Systems Incorporated) Adobe InCopy 2019 (HKLM-x32\...\AICY_14_0_2) (Version: 14.0.2 - Adobe Systems Incorporated) Adobe InDesign 2019 (HKLM-x32\...\IDSN_14_0_2) (Version: 14.0.2 - Adobe Systems Incorporated) Adobe InDesign CC 2018 (HKLM-x32\...\IDSN_13_0) (Version: 13.0 - Adobe Systems Incorporated) Adobe Lightroom Classic (HKLM-x32\...\LTRM_8_3_1) (Version: 8.3.1 - Adobe Systems Incorporated) Adobe Media Encoder 2019 (HKLM-x32\...\AME_13_1) (Version: 13.1 - Adobe Systems Incorporated) Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated) Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated) Adobe Prelude 2019 (HKLM-x32\...\PRLD_8_1) (Version: 8.1 - Adobe Systems Incorporated) Adobe Premiere Pro 2019 (HKLM-x32\...\PPRO_13_1_2) (Version: 13.1.2 - Adobe Systems Incorporated) Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.5.205 - Adobe, Inc.) Advanced Diary v3.0.2 (HKLM-x32\...\Advanced Diary_is1) (Version: - CSoftLab) Amazon Kindle (HKU\S-1-5-21-3252720332-746923214-1690960025-1001\...\Amazon Kindle) (Version: 1.17.0.44170 - Amazon) AOMEI Partition Assistant Standard Edition 8.5 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.) Atom (HKU\S-1-5-21-3252720332-746923214-1690960025-1001\...\atom) (Version: 1.40.1 - GitHub Inc.) Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team) AutoFirma (HKLM-x32\...\AutoFirma) (Version: 1.6.5 - Gobierno de España) Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software) Backup and Sync from Google (HKLM\...\{93EBD8BA-7A14-4636-8F1F-E929ADF2C3A9}) (Version: 3.47.7654.0300 - Google, Inc.) Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1807.0401 - Micro-Star International Co., Ltd.) Hidden Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1807.0401 - Micro-Star International Co., Ltd.) Battle Princess Madelyn (HKLM\...\DARKSiDERS - Battle Princess Madelyn) (Version: - DARKSiDERS) blueMSX (HKLM-x32\...\{05C02EE9-9F0A-4052-A4DA-8621F729B1F5}) (Version: 2.8.2 - Team blueMSX) BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.120.0.1081 - BlueStack Systems, Inc.) BootRacer 7.10 (HKLM-x32\...\{50EB4E13-A810-411E-8F1F-C22FE7841DA2}_is1) (Version: 7.10 - Greatis Software) BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden Brother iPrint&Scan (HKLM-x32\...\{613ce488-8460-4831-ad3a-dd0b4c39fdaf}) (Version: 4.3.2.0 - Brother Industries, Ltd.) Brother iPrint&Scan (HKLM-x32\...\{A7B27ABE-950F-48B4-B74F-F3F87C9E9BCD}) (Version: 4.3.2.0 - Brother Industries, Ltd.) Hidden Brother Printer Driver (HKLM-x32\...\{6D33FF09-043C-45A6-A3E5-5DDBF686AC4E}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden CATCount 4 (HKLM-x32\...\CATCount 4_is1) (Version: 4.0.0.12 - Advanced International Translations) CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform) Classic Menu for Office (HKLM\...\{632D9592-38FC-4561-80A0-A2B4725DCF70}) (Version: 9.25 - Addin Technology Inc.) Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft) ComicRack v0.9.178 (HKLM\...\ComicRack) (Version: v0.9.178 - cYo Soft) dBpoweramp DSP Effects (HKLM-x32\...\dBpoweramp DSP Effects) (Version: - ) dBpoweramp Music Converter (HKLM-x32\...\dBpoweramp Music Converter) (Version: - ) Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform) Direct Folders (HKLM-x32\...\DirectFoldersAppID_is1) (Version: 3.8 - Code Sector) Discord (HKU\S-1-5-21-3252720332-746923214-1690960025-1001\...\Discord) (Version: 0.0.305 - Discord Inc.) Disk-Manager (HKLM-x32\...\{7E9321C3-67B7-47CB-AAEC-B00A10B223F6}) (Version: 0.15 - Lex Lechz) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 425.31 - NVIDIA Corporation) Hidden DisplayFusion 9.5 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 9.5.0.0 - Binary Fortress Software) DizionariZANICHELLI (HKLM-x32\...\{868BD59A-AAE1-4BB6-B6CB-78A0AB56B85D}) (Version: 1.13.0 - Zanichelli Editore S.p.A.) Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1804.1201 - Micro-Star International Co., Ltd.) Hidden Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1804.1201 - Micro-Star International Co., Ltd.) Dropbox (HKLM-x32\...\Dropbox) (Version: 86.4.146 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden EarthDesk 7 (HKLM-x32\...\EarthDesk) (Version: 7.2.1.5442 - Xeric Design, Ltd.) Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden FastStone Capture 9.0 (HKLM-x32\...\FastStone Capture) (Version: 9.0 - FastStone Soft) Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden FileZilla Client 3.45.1 (HKLM-x32\...\FileZilla Client) (Version: 3.45.1 - Tim Kosse) Firesage MBRWizard (HKLM-x32\...\{D7EFD462-26AF-4A6C-96BE-B8484EA76BB7}) (Version: 4.0.151 - Firesage) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.79 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden HotPotatoes v 7.0.0.5 (HKLM-x32\...\hotpot7_is1) (Version: - HalfBaked) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Instalable DNIe (HKLM\...\{D2CE0562-13E0-4FC9-85F2-CA3D0392310E}) (Version: 14.0.2 - Cuerpo Nacional de Policía) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6618 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.0.1014 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000050-0210-1034-84C8-B8D95FA3C8C3}) (Version: 21.50.0.1 - Intel Corporation) Interactive Calendar v 2.1 (HKLM-x32\...\Interactive Calendar_is1) (Version: - CSoftLab) Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation) JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Killer Performance Suite (HKLM\...\{9D19C9E8-92C7-4825-AD7C-E0D25BE7A6ED}) (Version: 1.2.1268 - Rivet Networks) Kiwix 0.9 (HKLM-x32\...\Kiwix) (Version: 0.9 - Kiwix) K-Lite Mega Codec Pack 15.2.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.2.6 - KLCP) Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes) Meda MP3 Joiner 1.2 (HKLM-x32\...\Meda MP3 Joiner_is1) (Version: - MedaFan Technology) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{A106FA6F-E94C-44C9-8A0F-C34BD82C9FE6}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft Project Professional 2016 (HKLM\...\Office16.PRJPRO) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{8F72E2D4-1E48-4534-8DB8-1E8E012899C6}) (Version: 10.3.5500.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2014 (HKLM-x32\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation) Microsoft SQL Server 2014 Setup (English) (HKLM-x32\...\{C6E88BEF-D9C5-4664-BCC0-02522D4C2998}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation) Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.0.2000.8 - Microsoft Corporation) Mozilla Firefox 71.0 (x64 en-US) (HKLM\...\Mozilla Firefox 71.0 (x64 en-US)) (Version: 71.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0 - Mozilla) Mozilla Thunderbird 72.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 72.0 (x86 en-US)) (Version: 72.0 - Mozilla) MSI Remind Manager Service (HKLM-x32\...\{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1802.0501 - Micro-Star International Co., Ltd.) Hidden MSI Remind Manager Service (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1802.0501 - Micro-Star International Co., Ltd.) NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden NJStar Chinese WP (HKLM-x32\...\NJStar Chinese WP) (Version: 5.10 - NJStar Software Corp.) NJStar Japanese WP (HKLM-x32\...\NJStar Japanese WP) (Version: 5.23 - NJStar Software Corp.) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.8.1 - Notepad++ Team) NVIDIA Controlador de gráficos 431.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 431.60 - NVIDIA Corporation) NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) Octopath Traveler (HKLM-x32\...\Octopath Traveler_is1) (Version: - ) Office Tab 14.00 (HKLM-x32\...\{DE469D65-1DEB-4058-BF95-C642D733668D}_is1) (Version: 14.00 - ExtendOffice.com) Oracle VM VirtualBox 6.1.0 (HKLM\...\{B9B53CFE-C4E3-47FB-9BC0-8022F0AB6814}) (Version: 6.1.0 - Oracle Corporation) Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Panel de control de NVIDIA 431.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 431.60 - NVIDIA Corporation) Hidden PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - ) Projetex 3D (HKLM-x32\...\Projetex 3D_is1) (Version: 15.2.0.167 - Advanced International Translations) Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Scrivener (HKLM-x32\...\Scrivener 1990) (Version: 1990 - Literature and Latte) SDL MultiTerm 2017 SR1 - Remove suite of products (HKLM-x32\...\Multiterm2017) (Version: 14.1.2441 - SDL) SDL MultiTerm 2017 SR1 Convert (HKLM-x32\...\{BD0AD4D8-BC4E-4D10-8B50-38ED131040E1}) (Version: 14.1.2441 - SDL) SDL MultiTerm 2017 SR1 Core (HKLM-x32\...\{7FC60050-03C3-4FF2-8908-56CD251B69C9}) (Version: 14.1.2441 - SDL) SDL MultiTerm 2017 SR1 Desktop (HKLM-x32\...\{BDDF970A-95E4-4E05-A32E-42B6FC779F10}) (Version: 14.1.2441 - SDL) SDL MultiTerm 2017 SR1 Word Integration (HKLM-x32\...\{44EB7071-47A6-489B-AE87-752693F038B4}) (Version: 14.1.2441 - SDL) SDL Trados 2017 SR1 - Remove suite of products (HKLM-x32\...\TranslationStudio2017) (Version: 5.1.54688 - SDL) SDL Trados Legacy Compatibility Module (HKLM-x32\...\{7F8F4AF6-0CE2-46E9-BA14-C55F19968926}) (Version: 2.1.128 - SDL) SDL Trados Studio 2017 SR1 (HKLM-x32\...\{605BFDE5-1E73-4B01-B3D6-B1E6744E1ADB}) (Version: 5.1.54688 - SDL) SDL Trados Studio 2019 SR2 (HKLM-x32\...\{3B46F369-BC54-4018-B2D9-F72D816DDF9E}) (Version: 15.2.1041 - SDL) Hidden SDL Trados Studio 2019 SR2 (HKLM-x32\...\TranslationStudio2019) (Version: 15.2.0.1041 - SDL) SDL WorldServer Components 15.2 (HKLM-x32\...\{A3D0A5D7-16C9-43A0-A187-886332C05D6B}) (Version: 15.2.1041 - SDL) Hidden SDL WorldServer Components 5.1 (HKLM-x32\...\{977AA515-FD4D-47F6-80E4-C27CB97EA5FC}) (Version: 5.1.54688 - SDL) Sekiro Shadows Die Twice (HKLM-x32\...\Sekiro Shadows Die Twice_is1) (Version: - ) ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 13.0.1 - ShareX Team) Skype versión 8.55 (HKLM-x32\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.) Software para dispositivos de chipset Intel® (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden SQL Server 2014 Common Files (HKLM-x32\...\{BFB3B874-8033-4F5E-BE47-0AED2541E57C}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden SQL Server 2014 Common Files (HKLM-x32\...\{F78A23CD-E9A0-46E3-88E2-CF2CC93AE7BA}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Services (HKLM-x32\...\{71E418D7-C0C5-455A-A248-1A3C3839EEEF}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Services (HKLM-x32\...\{A1ED7C85-A91A-4788-B0CC-86FA19C042E8}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Shared (HKLM-x32\...\{1D1E4532-6A52-471B-B006-EA04A2BBFCE9}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Shared (HKLM-x32\...\{AA2D8197-6678-4242-9222-3A03993E89B3}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.0.2000.8 - Microsoft Corporation) Sql Server Customer Experience Improvement Program (HKLM-x32\...\{894F30EB-3F0A-422F-9225-EB00DC9414EA}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) StopUpdates10 version 3.1.101 (HKLM-x32\...\{C186B659-50F8-4F40-9822-2B1163AAAEF2}_is1) (Version: 3.1.101 - Greatis Software) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Sync (HKLM\...\{96855E80-23DA-11E2-BDFB-09006188709B}) (Version: 2.0.1.13 - Sync) TeraCopy version 3.26 (HKLM\...\TeraCopy_is1) (Version: 3.26 - Code Sector) TLex Suite (HKLM-x32\...\TLexSuite) (Version: 11.1.0.2454 - TshwaneDJe) Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.67 - Samsung Electronics CO., LTD.) Update for Skype for Business 2016 (KB4018323) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{C611D846-95F7-482D-A1DD-35E805BC82A6}) (Version: - Microsoft) Update for Skype for Business 2016 (KB4018323) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{C611D846-95F7-482D-A1DD-35E805BC82A6}) (Version: - Microsoft) Update for Skype for Business 2016 (KB4018323) 64-Bit Edition (HKLM\...\{90160000-012B-0C0A-1000-0000000FF1CE}_Office16.PROPLUS_{C611D846-95F7-482D-A1DD-35E805BC82A6}) (Version: - Microsoft) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation) UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden WhatsApp (HKU\S-1-5-21-3252720332-746923214-1690960025-1001\...\WhatsApp) (Version: 0.3.9308 - WhatsApp) Windows Driver Package - Dirección General de la Policía (UMPass) SmartCard (04/08/2018 1.0.2.8) (HKLM\...\7B3391C6362BF89258FE123715A1CB82A8286DF6) (Version: 04/08/2018 1.0.2.8 - Dirección General de la Policía) WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH) WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH) XAMPP (HKLM-x32\...\xampp) (Version: 7.3.1-0 - Bitnami) Packages: ========= Adobe XD -> C:\Program Files\WindowsApps\Adobe.CC.XD_19.2.22.3_x64__adky2gkssdxte [2019-06-13] (Adobe Systems Incorporated) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3252720332-746923214-1690960025-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3252720332-746923214-1690960025-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3252720332-746923214-1690960025-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3252720332-746923214-1690960025-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3252720332-746923214-1690960025-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3252720332-746923214-1690960025-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3252720332-746923214-1690960025-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-3524DCC03F57} -> [Creative Cloud Files] => C:\Users\SergioJG\Creative Cloud Files [2019-03-31 19:57] CustomCLSID: HKU\S-1-5-21-3252720332-746923214-1690960025-1001_Classes\CLSID\{30BC1E37-60DF-4EE6-860E-4D8146E7EF25} -> [MEGA] => D:\Backup\MEGAsync [2019-09-15 15:13] CustomCLSID: HKU\S-1-5-21-3252720332-746923214-1690960025-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\SergioJG\Dropbox [2019-01-17 15:00] CustomCLSID: HKU\S-1-5-21-3252720332-746923214-1690960025-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ AAASyncNo] -> {CD0DD5EC-23D2-4AE0-A111-C7B89038E695} => C:\ProgramData\Sync.Com DLL\overlay.dll [2019-08-14] (Sync.com Inc. -> Sync.com Inc.) ShellIconOverlayIdentifiers: [ AAASyncProg] -> {9A1FA446-6778-4A02-883B-3100549CF193} => C:\ProgramData\Sync.Com DLL\overlay.dll [2019-08-14] (Sync.com Inc. -> Sync.com Inc.) ShellIconOverlayIdentifiers: [ AAASyncRoot] -> {B57A832B-F40A-4A9D-A0F5-49E7D17B8EE4} => C:\ProgramData\Sync.Com DLL\overlay.dll [2019-08-14] (Sync.com Inc. -> Sync.com Inc.) ShellIconOverlayIdentifiers: [ AAASyncSkip] -> {AFE40DBB-AB20-4979-B0D2-483B6866C8C9} => C:\ProgramData\Sync.Com DLL\overlay.dll [2019-08-14] (Sync.com Inc. -> Sync.com Inc.) ShellIconOverlayIdentifiers: [ AAASyncYes] -> {9C569020-57C0-4CE0-9605-8AD42F4B1C7F} => C:\ProgramData\Sync.Com DLL\overlay.dll [2019-08-14] (Sync.com Inc. -> Sync.com Inc.) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed] ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed] ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => D:\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-06-16] (Notepad++ -> ) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ContextMenuHandlers1: [SyncComContextShlExt] -> {0dcd9583-eb2f-4e08-a146-885c923c0833} => C:\ProgramData\Sync.Com DLL\rclick.dll [2019-08-14] (Sync.com Inc. -> Sync.com Inc.) ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> ) ContextMenuHandlers1-x32: [TranslationStudioShlExt2011] -> {F6C08E19-DCE1-45B5-A225-E94FADB585DD} => C:\Program Files (x86)\SDL\SDL Trados Studio\Studio15\TranslationStudioExt.dll [2019-07-30] (TODO: ) [File not signed] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> ) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> ) ContextMenuHandlers4: [SyncComContextShlExt] -> {0dcd9583-eb2f-4e08-a146-885c923c0833} => C:\ProgramData\Sync.Com DLL\rclick.dll [2019-08-14] (Sync.com Inc. -> Sync.com Inc.) ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> ) ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-07-17] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => D:\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed] ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> ) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed] HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\system32\huffyuv.dll [55296 2005-01-22] () [File not signed] HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed] HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed] HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed] HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [File not signed] HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed] HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed] HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [473088 2015-02-25] (hxxp://www.mp3dev.org/) [File not signed] HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed] ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= 2016-11-25 09:18 - 2016-11-25 09:18 - 000139264 _____ () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2017-03-22 16:21 - 2018-01-18 14:39 - 000519168 _____ () [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll 2016-10-04 13:25 - 2018-01-18 14:39 - 001720832 _____ () [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll 2019-12-15 12:18 - 2019-12-15 12:18 - 000114176 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\_ctypes.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000173056 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\_elementtree.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 001808896 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\_hashlib.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000032256 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\_multiprocessing.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000046080 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\_psutil_windows.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000047616 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\_socket.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 002241024 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\_ssl.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000026112 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\_yappi.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000080896 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\bz2.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000016384 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\common.time34.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000007680 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\hashobjs_ext.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000301568 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\PIL._imaging.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000169472 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\pyexpat.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 001084416 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\pysqlite2._sqlite.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000548864 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\pythoncom27.dll 2019-12-15 12:18 - 2019-12-15 12:18 - 000137728 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\pywintypes27.dll 2019-12-15 12:18 - 2019-12-15 12:18 - 000010752 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\select.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000020992 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\thumbnails_ext.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000689664 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\unicodedata.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000119808 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\usb_ext.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000128512 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\win32api.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000438784 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\win32com.shell.shell.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000011776 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\win32crypt.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000023040 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\win32event.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000149504 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\win32file.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000223232 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\win32gui.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000048128 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\win32inet.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000029696 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\win32pdh.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000027648 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\win32pipe.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000044032 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\win32process.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000020480 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\win32profile.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000136192 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\win32security.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000026624 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\win32ts.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000034816 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\windows.conditional.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000038400 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\windows.connectivity.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000071680 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\windows.device_monitor.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000109056 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\windows.volumes.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000020480 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\windows.winwrap.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 001325056 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\wx._controls_.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 001489408 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\wx._core_.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 001007104 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\wx._gdi_.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000103424 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\wx._html2.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 000916992 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\wx._misc_.pyd 2019-12-15 12:18 - 2019-12-15 12:18 - 001039872 _____ () [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\wx._windows_.pyd 2019-05-04 11:51 - 2008-01-11 05:19 - 000022016 _____ () [File not signed] C:\Windows\System32\ssp2ml6.dll 2019-05-04 11:29 - 2015-03-12 03:43 - 000022528 _____ () [File not signed] C:\Windows\System32\us013lm.dll 2017-02-15 07:57 - 2017-02-15 07:57 - 000975360 _____ (Firebird Project) [File not signed] D:\_Portables\Essential PIM Pro - ver 8.56 - portable\gds32.dll 2019-08-09 15:55 - 2019-08-09 15:55 - 006942208 _____ (FreeImage) [File not signed] C:\Users\SergioJG\AppData\Local\Programs\Sync\FreeImage.dll 2014-12-04 06:18 - 2014-12-04 06:18 - 000420864 _____ (IBM Corporation and others) [File not signed] D:\_Portables\Essential PIM Pro - ver 8.56 - portable\icudt30.dll 2014-12-04 06:18 - 2014-12-04 06:18 - 000323584 _____ (IBM Corporation and others) [File not signed] D:\_Portables\Essential PIM Pro - ver 8.56 - portable\icuuc30.dll 2019-07-14 21:03 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll 2018-07-15 13:15 - 2018-07-15 13:15 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll 2018-07-15 13:15 - 2018-07-15 13:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll 2018-07-15 13:15 - 2018-07-15 13:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Windows\system32\StartMenuHelper64.dll 2013-10-05 00:38 - 2013-10-05 00:38 - 000386560 _____ (Microsoft Corporation) [File not signed] D:\_Portables\Essential PIM Pro - ver 8.56 - portable\MSVCR120.dll 2015-06-11 19:35 - 2015-06-11 19:35 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\WinIo64.dll 2019-12-15 12:18 - 2019-12-15 12:18 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\python27.dll 2016-09-22 18:16 - 2016-09-22 18:16 - 000490496 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\_Portables\Essential PIM Pro - ver 8.56 - portable\libeay32.dll 2016-09-22 18:16 - 2016-09-22 18:16 - 000101376 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\_Portables\Essential PIM Pro - ver 8.56 - portable\ssleay32.dll 2019-05-04 11:29 - 2015-08-20 02:14 - 000043520 _____ (Windows (R) Codename Longhorn DDK provider) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\us013pc.dll 2019-12-15 12:18 - 2019-12-15 12:18 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\wxbase30u_net_vc90_x64.dll 2019-12-15 12:18 - 2019-12-15 12:18 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\wxbase30u_vc90_x64.dll 2019-12-15 12:18 - 2019-12-15 12:18 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\wxmsw30u_adv_vc90_x64.dll 2019-12-15 12:18 - 2019-12-15 12:18 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\wxmsw30u_core_vc90_x64.dll 2019-12-15 12:18 - 2019-12-15 12:18 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\wxmsw30u_html_vc90_x64.dll 2019-12-15 12:18 - 2019-12-15 12:18 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\SergioJG\AppData\Local\Temp\_MEI103122\wxmsw30u_webview_vc90_x64.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows:CM_36faabd924501fcd2f743302621d89eb425ec11f74fef19a5e0fe69c3f0b5201 [18] AlternateDataStreams: C:\Windows:CM_e0501b65315a77c6cde279a3a8d62a1a6c48bf2c2e353a3654218165115f1673 [74] AlternateDataStreams: C:\ProgramData\TEMP:728B799F [390] AlternateDataStreams: C:\ProgramData\TEMP:D8999815 [144] ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HG51 AMC => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HG52 AMC => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HG51 AMC => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HG52 AMC => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2019-09-08 18:56 - 2019-09-30 20:13 - 000012854 _____ C:\Windows\system32\drivers\etc\hosts 0.0.0.0 0.0.0.0 # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 alpha.telemetry.microsft.com # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 alpha.telemetry.microsoft.com # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 asimov-win.settings.data.microsoft.com.akadns.net # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 ceuswatcab01.blob.core.windows.net # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 ceuswatcab02.blob.core.windows.net # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 choice.microsoft.com # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 choice.microsoft.com.nsatc.net # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 db5.settings-win.data.microsoft.com.akadns.net # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 db5.vortex.data.microsoft.com.akadns.net # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 db5-eap.settings-win.data.microsoft.com.akadns.net # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 df.telemetry.microsoft.com # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 diagnostics.support.microsoft.com # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 eaus2watcab01.blob.core.windows.net # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 eaus2watcab02.blob.core.windows.net # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 eu.vortex-win.data.microsft.com # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 eu.vortex-win.data.microsoft.com # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 feedback.microsoft-hohm.com # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 feedback.search.microsoft.com # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 feedback.windows.com # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 geo.settings-win.data.microsoft.com.akadns.net # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 geo.vortex.data.microsoft.com.akadns.net # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 oca.telemetry.microsft.com # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 oca.telemetry.microsoft.com # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 oca.telemetry.microsoft.com.nsatc.net # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 onesettings-bn2.metron.live.com.nsatc.net # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 onesettings-cy2.metron.live.com.nsatc.net # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 onesettings-db5.metron.live.com.nsatc.net # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 onesettings-hk2.metron.live.com.nsatc.net # Entry added with W10Privacy (www.winprivacy.de)! 0.0.0.0 reports.wes.df.telemetry.microsoft.com # Entry added with W10Privacy (www.winprivacy.de)! There are 107 more lines. ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\AutoFirma\AutoFirma;C:\Program Files (x86)\Microsoft SQL Server\Client SDK\ODBC\110\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\DTS\Binn\ HKU\S-1-5-21-3252720332-746923214-1690960025-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\SergioJG\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper HKU\S-1-5-80-2131736399-613074484-1153127-428109235-341365916\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\Run32: => "CanonQuickMenu" HKU\S-1-5-21-3252720332-746923214-1690960025-1001\...\StartupApproved\StartupFolder: => "QuickAccessPopup.lnk" HKU\S-1-5-21-3252720332-746923214-1690960025-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk" HKU\S-1-5-21-3252720332-746923214-1690960025-1001\...\StartupApproved\StartupFolder: => "Interactive Calendar.lnk" HKU\S-1-5-21-3252720332-746923214-1690960025-1001\...\StartupApproved\StartupFolder: => "Direct Folders.lnk" HKU\S-1-5-21-3252720332-746923214-1690960025-1001\...\StartupApproved\Run: => "DontSleep" HKU\S-1-5-21-3252720332-746923214-1690960025-1001\...\StartupApproved\Run: => "Skype for Desktop" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{4809D324-9419-46FB-8C3C-E0F701D07F91}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{143636F3-D971-455E-9B56-3340A3AF8B4C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{A875F240-F633-44CD-96B1-2A50BCA10F37}] => (Allow) D:\_Portables\uTorrentPortable - ver 2.2.1 build 25302\App\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.) FirewallRules: [{7A86E860-08D6-4D0A-B961-E270F0223596}] => (Allow) D:\_Portables\uTorrentPortable - ver 2.2.1 build 25302\App\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.) FirewallRules: [{60E6D465-398E-4850-BE86-7EF7620A2377}] => (Block) C:\windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [{2765E0F4-2918-4A46-B9C9-43CDD8FCBA2B}] => (Block) C:\windows\systemapps\microsoft.windows.cortana_cw5n1h2txyewy\searchui.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{D25F5258-A6AD-413C-9113-3D5AFC089F31}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{7B151DED-D436-449C-BCED-E32C95CD9C3F}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C6D05121-9E1A-4F55-A803-49118B12C1D1}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5E66D56E-7BC2-4802-8618-D022A99AA22E}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F6B02A51-FC31-4E33-BF7B-D3E39A689580}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{4A18C018-0934-46E7-94B3-859748D462B1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{0C3CE6DE-CF3F-4247-91B7-57353D8554FE}] => (Allow) D:\Steam_Juegos\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe (Starbreeze Studios AB) [File not signed] FirewallRules: [{155ADCD1-B801-4152-A5BE-06CEE167E994}] => (Allow) D:\Steam_Juegos\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe (Starbreeze Studios AB) [File not signed] FirewallRules: [{52057467-0D21-4F93-88DA-ABF2D6DAE5D6}] => (Allow) D:\Steam_Juegos\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe (Starbreeze) [File not signed] FirewallRules: [{2037B938-A828-4B2F-8A53-242F73D62F6E}] => (Allow) D:\Steam_Juegos\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe (Starbreeze) [File not signed] FirewallRules: [{3AE17DD1-DAA0-4F15-A844-C30A42BF1348}] => (Allow) D:\Steam_Juegos\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe (WB Games, Inc.) [File not signed] FirewallRules: [{8DCFD29A-AE84-42DC-A38D-F4F0E9B22269}] => (Allow) D:\Steam_Juegos\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe (WB Games, Inc.) [File not signed] FirewallRules: [{231D9A00-59EC-4EEC-9119-7E6721071DE5}] => (Allow) D:\Steam_Juegos\steamapps\common\Cuphead\Cuphead.exe () [File not signed] FirewallRules: [{FE004009-91ED-4FC1-96E8-13AFFBBF14AD}] => (Allow) D:\Steam_Juegos\steamapps\common\Cuphead\Cuphead.exe () [File not signed] FirewallRules: [{CD282FBA-8978-4513-952E-EAEC86502E92}] => (Allow) D:\Steam_Juegos\steamapps\common\Salt and Sanctuary\salt.exe (Microsoft) [File not signed] FirewallRules: [{CAB967A2-EF77-4C81-A0D2-CD6F7CF5319A}] => (Allow) D:\Steam_Juegos\steamapps\common\Salt and Sanctuary\salt.exe (Microsoft) [File not signed] FirewallRules: [{5641B598-177D-4DB6-86E2-53446EA06535}] => (Allow) D:\Steam_Juegos\steamapps\common\faultms1\faultms1.exe (Sekai Project, Inc. -> ) FirewallRules: [{35AAA787-AEB3-43B1-92F5-8C859CA65A6A}] => (Allow) D:\Steam_Juegos\steamapps\common\faultms1\faultms1.exe (Sekai Project, Inc. -> ) FirewallRules: [{0388A122-B8E6-4C4A-BBD8-59DA0F5DFF61}] => (Allow) D:\Steam_Juegos\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe (Crytek GmbH) [File not signed] FirewallRules: [{4077975A-CBF5-4CA3-A41B-063C352CBA7A}] => (Allow) D:\Steam_Juegos\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe (Crytek GmbH) [File not signed] FirewallRules: [{CC707626-E142-47EB-B2C4-406C97BA5946}] => (Allow) D:\Steam_Juegos\steamapps\common\Super Win the Game\SuperGame.exe () [File not signed] FirewallRules: [{5965DA7C-5E05-4347-A384-F0EE73D7ED92}] => (Allow) D:\Steam_Juegos\steamapps\common\Super Win the Game\SuperGame.exe () [File not signed] FirewallRules: [{E7A33B15-EEC5-4942-B638-B5B1390EE354}] => (Allow) D:\Steam_Juegos\steamapps\common\Axiom Verge\AxiomVerge.exe (Axiom Verge) [File not signed] FirewallRules: [{C2BACE22-9D80-494B-B501-3B61CEF18EB0}] => (Allow) D:\Steam_Juegos\steamapps\common\Axiom Verge\AxiomVerge.exe (Axiom Verge) [File not signed] FirewallRules: [{9AA44829-6917-4F01-B2F4-C79E4CE1EF6F}] => (Allow) D:\Steam_Juegos\steamapps\common\Oceanhorn\Oceanhorn.exe () [File not signed] FirewallRules: [{3BF79768-428B-4706-A44A-40C210D53C5E}] => (Allow) D:\Steam_Juegos\steamapps\common\Oceanhorn\Oceanhorn.exe () [File not signed] FirewallRules: [{E9DE1C3A-3A48-46F6-990F-E1D19A7B7922}] => (Allow) D:\Steam_Juegos\steamapps\common\faultms2a\faultms2a.exe (Sekai Project, Inc. -> ) FirewallRules: [{F801E997-01F7-44DE-BF0B-D1DDF06B5DC8}] => (Allow) D:\Steam_Juegos\steamapps\common\faultms2a\faultms2a.exe (Sekai Project, Inc. -> ) FirewallRules: [{45430DD0-D6A6-4DF1-B21B-BE19066CACC6}] => (Allow) D:\Steam_Juegos\steamapps\common\Mirage Arcane Warfare\TBL-Win64-Shipping.exe () [File not signed] FirewallRules: [{6365E74E-F9F6-445F-84EF-A37F5CD9C3E0}] => (Allow) D:\Steam_Juegos\steamapps\common\Mirage Arcane Warfare\TBL-Win64-Shipping.exe () [File not signed] FirewallRules: [{4D663017-82A7-46A9-A12F-4D6F672E8D46}] => (Allow) D:\Steam_Juegos\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed] FirewallRules: [{89C08CF6-540E-41B7-AE34-0D131D413351}] => (Allow) D:\Steam_Juegos\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed] FirewallRules: [{0F0297D8-48D6-42C5-8073-55ACD4FD03E1}] => (Allow) D:\Steam_Juegos\steamapps\common\Momodora RUtM\MomodoraRUtM.exe ( ) [File not signed] FirewallRules: [{26596612-E15C-4752-ADB9-2369A42220EA}] => (Allow) D:\Steam_Juegos\steamapps\common\Momodora RUtM\MomodoraRUtM.exe ( ) [File not signed] FirewallRules: [{EBCB4898-0FD5-4B10-B869-87BAEB4528C8}] => (Allow) D:\Steam_Juegos\steamapps\common\QuantumBreak\dx11\QuantumBreak.exe () [File not signed] FirewallRules: [{9E92201F-5221-4A20-918D-CEC65E00B5B7}] => (Allow) D:\Steam_Juegos\steamapps\common\QuantumBreak\dx11\QuantumBreak.exe () [File not signed] FirewallRules: [TCP Query User{65F30D31-662C-4771-9164-2870716A79E4}D:\_portables\emule - ver 0.50a - portable\emule0.50a\emule.exe] => (Allow) D:\_portables\emule - ver 0.50a - portable\emule0.50a\emule.exe (hxxp://www.emule-project.net) [File not signed] FirewallRules: [UDP Query User{38028476-E8BF-40F9-9C85-03BB42A48DF8}D:\_portables\emule - ver 0.50a - portable\emule0.50a\emule.exe] => (Allow) D:\_portables\emule - ver 0.50a - portable\emule0.50a\emule.exe (hxxp://www.emule-project.net) [File not signed] FirewallRules: [TCP Query User{147CAAFC-C21C-4FFD-B45E-CFB7FC7A086E}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Adobe Systems Incorporated -> Joyent, Inc) FirewallRules: [UDP Query User{97F16332-2219-4D05-AC51-4CEE944AE10B}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Adobe Systems Incorporated -> Joyent, Inc) FirewallRules: [TCP Query User{197C6297-9451-4D70-BD01-C15D28F63C89}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{F76EFDE2-14DA-429A-B273-A12F95633354}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{5D21AEDF-7D61-4363-AB1D-DC53F23B5CCA}] => (Block) C:\Windows\explorer.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{7661A295-2B3E-4F3A-986D-A76707EEBE6D}] => (Allow) C:\Windows\System32\SUPDSvc.exe (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) FirewallRules: [{453C575E-3FEE-4FDD-846D-C17094E86F90}] => (Allow) C:\Windows\System32\SUPDSvc.exe (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) FirewallRules: [{3484860B-915F-465D-AE60-EA6A754571A6}] => (Allow) D:\Steam_Juegos\steamapps\common\The Tenth Line\ttl.exe () [File not signed] FirewallRules: [{C6871377-C94C-4B0A-A9CC-6E5105B446FE}] => (Allow) D:\Steam_Juegos\steamapps\common\The Tenth Line\ttl.exe () [File not signed] FirewallRules: [{1E1AF55C-9799-4B86-AA51-DC8E72B20F96}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) FirewallRules: [{57A491C3-5781-419B-9FA6-5B053BCB70FB}] => (Allow) D:\Emuladores\NOX - ver 6.3.0.6 - Android emulator\Nox\bin\Nox.exe No File FirewallRules: [{E573CC6C-4E77-4C29-B1B6-0CDC291D988F}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe No File FirewallRules: [{C8E4EF06-F917-49A4-A804-89520CE16B5C}] => (Allow) G:\Install\wlan_wiz\.\wlan_assistant\waw.exe No File FirewallRules: [{8DC71236-0CD4-4D18-832A-10F85EF61779}] => (Allow) LPort=54950 FirewallRules: [{BFDB4BB0-9B00-4364-921B-0579439411EA}] => (Allow) LPort=54955 FirewallRules: [{3042CE71-AE88-4BA1-B098-BB232B2E9E3E}] => (Block) C:\Windows\systemapps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Microsoft.AAD.BrokerPlugin.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{A5A65373-362D-4D0B-B760-D01C1AFEFBE0}] => (Block) C:\Windows\systemapps\Microsoft.AccountsControl_cw5n1h2txyewy\AccountsControlHost.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{8C7F8808-BE13-4370-813A-33988FE67852}] => (Block) C:\Windows\systemapps\Microsoft.BioEnrollment_cw5n1h2txyewy\BioEnrollmentHost.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{DB26AA5A-B04C-4A86-9797-8A924E6C5D6C}] => (Block) C:\Windows\systemapps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{BE396FA1-2B41-4432-9D01-7EE6A0A04327}] => (Block) C:\Windows\systemapps\Microsoft.Windows.AssignedAccessLockApp_cw5n1h2txyewy\AssignedAccessLockApp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{975024AA-6969-425B-BB84-18D9CF5C1D57}] => (Block) C:\Windows\systemapps\Microsoft.XboxGameCallableUI_cw5n1h2txyewy\XBox.TCUI.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{0EC8DFBC-4918-44E1-882D-4BA11368774C}] => (Block) C:\Windows\systemapps\ParentalControls_cw5n1h2txyewy\WpcUapApp.exe (Microsoft Windows -> ) FirewallRules: [{C985477F-DBD4-499F-857F-08B277632B69}] => (Block) C:\windows\system32\backgroundtaskhost.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{547E1BFE-28FE-4673-9B4E-B3F35A772305}] => (Block) C:\windows\system32\taskhostw.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{BC323E60-6529-41B2-8DE4-889EA7ACD64E}] => (Block) C:\windows\system32\settingsynchost.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{D6C6660C-7985-47A8-9588-1FC6B2CE3F0D}] => (Block) C:\windows\system32\compattelrunner.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{7B72FA3D-F471-426E-98E0-657277B5BB82}] => (Block) C:\windows\system32\dmclient.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{DBC8EA87-EEBD-4D8F-8EE1-2024141534FE}] => (Block) C:\windows\system32\msfeedssync.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{97F43396-B466-491B-87A2-8A821BCA8F35}] => (Block) C:\windows\system32\sihclient.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{17AA3C55-9BCA-4DEA-9489-028E310B89F4}] => (Block) C:\windows\system32\wermgr.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{9D5EA3B9-2F18-4D1D-9E9B-40457C530626}] => (Block) C:\windows\system32\wsqmcons.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{F5F0DCF5-B8CD-4252-8469-CC512E8B720A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{DB207CD2-079D-415C-AC7C-5FB964E176A8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{2AE2DF7A-2E17-432A-9595-1589838F4030}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{A269233E-2168-4529-AA5C-22EE21432B87}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{5A0933C9-5FB8-4027-AEE4-FBFCF8EDA89F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A87D9090-46A5-4BB7-A8A7-38500D456DBB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{D2DDAECF-CF19-40DE-8F83-A6EE792A94C4}] => (Allow) C:\ProgramData\AIT\Projetex 3D\Projetex Server\Services\Projetex3DFileServer.exe (Advanced International Translations -> Advanced International Translations) [File not signed] FirewallRules: [{C8FE0BBD-8F53-4C00-B3DC-EA69B9E76D00}] => (Allow) C:\Program Files (x86)\AIT\Projetex 3D\Projetex Workstation\Projetex.exe (Advanced International Translations -> Advanced International Translations) [File not signed] FirewallRules: [{2E68B470-949D-4CFB-B66A-163AF9F8C2A0}] => (Allow) C:\Program Files (x86)\AIT\Projetex 3D\Projetex Workstation\Projetex3DExplorer.exe (Advanced International Translations -> Advanced International Translations) [File not signed] FirewallRules: [{6DEE00E4-31BE-414C-A56E-CE3377B383E5}] => (Allow) C:\Program Files (x86)\AIT\Projetex 3D\Projetex Workstation\ProjetexFTPTransfer.exe (Advanced International Translations -> Advanced International Translations) [File not signed] FirewallRules: [{8E6FBBE1-7354-4E2B-8375-93490DD43791}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) FirewallRules: [{A306C4DF-2EF8-4832-B791-1311E1144A92}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) ==================== Restore Points ========================= 15-12-2019 12:41:10 ZHPcleaner ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (12/15/2019 12:17:27 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: ) Description: Wait Workflow Commands request from device. Error: (12/15/2019 12:17:27 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: ) Description: Start Broadcast Receiver Server... Error: (12/15/2019 12:17:27 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: ) Description: Start Server... Error: (12/15/2019 12:17:27 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: ) Description: Start Server... Error: (12/15/2019 12:17:27 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: ) Description: Host.AddressList[3]: 192.168.0.101 Error: (12/15/2019 12:17:27 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: ) Description: Host.AddressList[2]: 192.168.56.1 Error: (12/15/2019 12:17:27 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: ) Description: Host.AddressList[1]: fe80::20cc:7cd3:c7c:cac5%9 Error: (12/15/2019 12:17:27 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: ) Description: Host.AddressList[0]: fe80::d840:5bb4:7d81:ead9%18 System errors: ============= Error: (12/15/2019 12:45:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos establecido de forma predeterminada en el equipo no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} y APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (12/15/2019 12:45:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} y APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (12/15/2019 12:45:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos establecido de forma predeterminada en el equipo no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} y APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (12/15/2019 12:45:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} y APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (12/15/2019 12:43:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos establecido de forma predeterminada en el equipo no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} y APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (12/15/2019 12:43:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} y APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (12/15/2019 12:43:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos establecido de forma predeterminada en el equipo no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} y APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (12/15/2019 12:43:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} y APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. CodeIntegrity: =================================== Date: 2019-12-15 11:32:40.836 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Users\SergioJG\FileZilla FTP Client\fzshellext_64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-12-15 11:32:40.830 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Users\SergioJG\FileZilla FTP Client\fzshellext_64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-12-15 11:32:40.815 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-12-15 11:32:40.803 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-12-15 10:08:43.773 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2019-12-15 10:08:43.424 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2019-12-15 10:08:43.275 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2019-12-15 10:08:43.257 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. E1799IMS.324 03/23/2018 Motherboard: Micro-Star International Co., Ltd. MS-1799 Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz Percentage of memory in use: 47% Total physical RAM: 16301.7 MB Available physical RAM: 8481.23 MB Total Virtual: 22445.7 MB Available Virtual: 13944.78 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:237.13 GB) (Free:17.56 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: (Almacenamiento) (Fixed) (Total:931.51 GB) (Free:255.81 GB) NTFS Drive e: (Seagate Expansion Drive) (Fixed) (Total:4657.4 GB) (Free:3998.49 GB) NTFS Drive f: () (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS \\?\Volume{908330ad-0000-0000-0000-b0673b000000}\ () (Fixed) (Total:0.85 GB) (Free:0.34 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 908330AD) Partition 1: (Not Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Active) - (Size=237.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=872 MB) - (Type=27) ========================================================== Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 8A68BDCA) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ========================================================== Disk: 2 (Size: 4657.5 GB) (Disk ID: DAB6698D) Partition: GPT. ========================================================== Disk: 3 (MBR Code: Windows 7/8/10) (Size: 9314 GB) (Disk ID: 0CD5E9AA) Partition: GPT. ========================================================== Disk: 4 (MBR Code: Windows 7/8/10) (Size: 7452 GB) (Disk ID: 1FA806C0) Partition: GPT. ==================== End of Addition.txt =======================