Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015 Ran by margarito (2015-11-08 16:22:26) Running from C:\Users\margarito\Desktop Windows 8.1 (X64) (2015-07-27 01:18:54) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3706478320-2513481521-3289856772-500 - Administrator - Disabled) Guest (S-1-5-21-3706478320-2513481521-3289856772-501 - Limited - Disabled) margarito (S-1-5-21-3706478320-2513481521-3289856772-1001 - Administrator - Enabled) => C:\Users\margarito rocio_000 (S-1-5-21-3706478320-2513481521-3289856772-1002 - Limited - Enabled) => C:\Users\rocio_000 ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Trend Micro Internet Security (Disabled - Up to date) {8242D66F-41BD-4049-C2E6-E578E73B62A0} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Trend Micro Internet Security (Disabled - Up to date) {3923378B-6787-4FC7-F856-DE0A9CBC281D} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated) Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{5CA55DFC-2008-460F-B7A7-FB92100C4494}) (Version: 20.4.10117.43857 - Alcor Micro Corp.) Alcor Micro USB Card Reader Driver (x32 Version: 20.4.10117.43857 - Alcor Micro Corp.) Hidden ASUS FlipLock (HKLM\...\{9BF8EF7C-4AA1-4CA7-93DB-8F543EB35F4E}) (Version: 1.0.5 - ASUS) ASUS GIFTBOX Desktop (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 1.1.6 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.19 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS) CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform) Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.) Dragon Assistant Application en-US version 1.5.7 (HKLM-x32\...\{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1) (Version: 1.5.7 - Nuance Communications, Inc.) Dragon Assistant Core Recognition Service version 1.1.10 (HKLM-x32\...\{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1) (Version: 1.1.10 - Nuance Communications, Inc.) Dragon Assistant Language Data en-US version 1.1.3 (HKLM-x32\...\{4C0C1E4E-D3B1-4496-98EC-DA14D45EC855}_is1) (Version: 1.1.3 - Nuance Communications, Inc.) Dragon Assistant version 1.5.7 (HKLM-x32\...\{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1) (Version: 1.5.7 - Nuance Communications, Inc.) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) e-Sword (HKLM-x32\...\{463178C4-E707-41EE-BE8A-080C62BF526D}) (Version: 10.04.0000 - Rick Meyers) Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation) HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.245 - SurfRight B.V.) Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.0 - Intel Corporation) Malwarebytes Anti-Malware versión 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) MCShield ::Anti-Malware Tool:: (HKLM-x32\...\MCShield) (Version: 3.0.5.28 - MyCity) Mediatek Bluetooth (HKLM\...\{878D7C14-18BD-7A70-9292-C0B3CE374125}) (Version: 11.0.754.0 - Mediatek) Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4763.1003 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden Opera Stable 33.0.1990.58 (HKLM-x32\...\Opera 33.0.1990.58) (Version: 33.0.1990.58 - Opera Software) Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 5.0.47.0 - Ralink) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7266 - Realtek Semiconductor Corp.) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation) Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.) ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.07.0057 - ST Microelectronics) Trend Micro Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 10.0 - Trend Micro Inc.) Trend Micro Password Manager (HKLM\...\3A0FB4E3-2C0D-4572-A24D-67F1CAABDDP35_is1) (Version: 3.5.0.1261 - Trend Micro Inc.) Trend Micro Titanium (Version: 10.0 - Trend Micro Inc.) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent) Windows Driver Package - ASUS (ATP) Mouse (07/02/2014 1.0.0.228) (HKLM\...\7504488B89E0121B0737D63957491C9CD2633065) (Version: 07/02/2014 1.0.0.228 - ASUS) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS) Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.18.19 - Zemana Ltd.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3706478320-2513481521-3289856772-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Restore Points ========================= 16-10-2015 18:29:45 Windows Update 27-10-2015 16:25:21 Scheduled Checkpoint 07-11-2015 11:50:55 Scheduled Checkpoint ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0CFC3BF0-C567-43F1-924A-6CD03A8E554B} - System32\Tasks\{8BDDE9A1-29CB-4A26-B7D2-A29AAE842AEF} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.6.0.105/en/abandoninstall?page=tsProgressBar Task: {1ADE276F-F513-42B1-A246-7458BBBE26BA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd) Task: {1CC47C23-A8D3-4FFF-9111-504EA419470A} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS) Task: {2DB6D882-9237-4204-A137-944A9D460BB5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-10-14] (Microsoft Corporation) Task: {34E138C0-DF66-4A00-B250-59D6E31D6BF2} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.) Task: {385F6444-D112-4833-B097-44EC22670864} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.) Task: {38A1A3EB-5DDB-44FF-9967-D1DD600B184B} - System32\Tasks\{F9D14F55-5131-44B9-9DE2-C9FA02F1F1ED} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.6.0.105/en/abandoninstall?page=tsProgressBar Task: {47122376-9B2B-4D75-913F-61B5367B91E7} - System32\Tasks\Opera scheduled Autoupdate 1441551916 => C:\Program Files (x86)\Opera\launcher.exe [2015-10-30] (Opera Software) Task: {52B65675-FEDC-4A0F-B83E-82C5166FDF9D} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.) Task: {5472473A-BAB9-43AE-9B67-E54677970F6F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-27] (Microsoft Corporation) Task: {5E4E1978-9BF4-4A91-BD73-7C1937761E3A} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] () Task: {610391EB-A0AB-445C-9B5F-8AE556CB1A21} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.) Task: {647CCAEB-ADAB-40D0-AEC8-132DF9B18EAD} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.) Task: {6643B7A7-E9CF-40E3-A094-5045D4233CC1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-27] (Microsoft Corporation) Task: {81389923-B196-4E90-9BB6-A4CB9206EC77} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-26] (Realtek Semiconductor) Task: {8BACF406-1E0B-40D2-983B-0229098BE45A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation) Task: {90452889-390A-4AD4-ACCB-0E43B7A6F733} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-07-29] (AsusTek) Task: {C343F0EF-DC88-443C-8DEB-80428B719C57} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-06-04] (Realtek Semiconductor) Task: {C477CA0B-3643-4633-9BD9-F16908C6A431} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation) Task: {D197A774-E7B9-4D78-B5CA-A1D5047E8A6E} - System32\Tasks\Opera scheduled Autoupdate 1439743809 => C:\Users\rocio_000\AppData\Local\Programs\Opera\launcher.exe [2015-10-30] (Opera Software) Task: {D976D4E5-DCC7-4282-B8B9-6EC6FDA3D1DB} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe [2015-10-17] (Adobe Systems Incorporated) Task: {E74A65E3-943C-40AF-9681-11FF96AA9E78} - System32\Tasks\{FADAFCD0-8C17-4AD3-BF75-99B9862518AC} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.6.0.105/en/abandoninstall?page=tsProgressBar Task: {EA5D8735-F5EA-4286-A5CC-C26FEEB6E1D3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated) Task: {EB83FF35-2DA3-42A1-89C3-BF73A9A99A32} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.) Task: {EF2ADD8F-2D6C-427A-9DA1-C6C25FE2E4DB} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-10-27] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (Whitelisted) ============== 2015-07-26 18:51 - 2015-03-31 04:08 - 00026408 _____ () C:\Program Files\Trend Micro\AMSP\boost_system-vc110-mt-1_57.dll 2015-07-26 18:51 - 2015-03-31 04:08 - 00058320 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc110-mt-1_57.dll 2015-07-26 18:51 - 2015-03-31 04:09 - 00686608 _____ () C:\Program Files\Trend Micro\AMSP\sqlite3.dll 2015-07-26 18:51 - 2015-03-31 04:08 - 00110320 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc110-mt-1_57.dll 2015-07-26 18:51 - 2015-03-31 04:08 - 00036160 _____ () C:\Program Files\Trend Micro\AMSP\boost_chrono-vc110-mt-1_57.dll 2015-07-26 18:51 - 2015-03-31 04:09 - 01314920 _____ () C:\Program Files\Trend Micro\AMSP\libprotobuf.dll 2015-07-26 18:47 - 2015-07-16 11:31 - 00168544 _____ () C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll 2015-08-25 06:56 - 2015-10-07 19:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2015-07-26 18:52 - 2015-07-16 11:31 - 00089088 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_thread-vc110-mt-1_52.dll 2015-07-26 18:52 - 2015-07-16 11:31 - 00018944 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_system-vc110-mt-1_52.dll 2015-07-26 18:52 - 2015-07-16 11:31 - 00049664 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_date_time-vc110-mt-1_52.dll 2015-07-26 18:52 - 2015-07-16 11:31 - 00761856 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_regex-vc110-mt-1_52.dll 2015-07-26 18:51 - 2014-08-01 19:17 - 00048128 _____ () C:\Program Files\Trend Micro\TMIDS\boost_date_time-vc110-mt-1_49.dll 2015-10-27 15:27 - 2015-09-01 09:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2015-09-06 08:25 - 2015-10-24 08:20 - 00118640 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll 2014-11-07 18:43 - 2014-02-12 17:19 - 00243200 _____ () C:\Program Files (x86)\ST Microelectronics\ST_ACCEL\FFP_DT.dll 2015-07-26 18:47 - 2015-07-16 11:31 - 00065520 _____ () C:\Program Files\Trend Micro\Titanium\plugin\fcMsgDispatcher.dll 2015-07-26 18:51 - 2015-08-27 10:56 - 46393608 _____ () C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe 2014-11-07 18:48 - 2013-05-02 12:26 - 00387984 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\fl_core.dll 2014-11-07 18:48 - 2013-05-02 12:26 - 01165712 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_asr.dll 2014-11-07 18:48 - 2013-05-02 12:26 - 00199056 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_base.dll 2014-11-07 18:48 - 2013-05-02 12:26 - 01132944 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_pron.dll 2014-11-07 18:48 - 2013-05-02 12:26 - 00035216 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_platform.dll 2014-11-07 18:48 - 2013-05-02 12:26 - 00229264 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\sdxg.dll 2014-11-07 18:48 - 2013-05-02 12:25 - 00027648 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\WASAPIResamplingStreamCOMServer.dll 2015-11-08 09:13 - 2015-11-08 09:13 - 01282048 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Devices\bf5509cf3a0d2e3afbd0c33e9153ecbd\Windows.Devices.ni.dll 2015-08-01 18:59 - 2015-08-01 18:59 - 00228864 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\f7e726805e56676bd7b8662a3d842b0e\Windows.Foundation.ni.dll 2014-07-08 15:17 - 2014-07-08 15:17 - 00009216 _____ () C:\Program Files\ASUS\ASUS FlipLock\WMIProc.dll 2014-11-07 18:30 - 2013-10-23 14:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll 2015-11-05 08:47 - 2015-11-05 08:46 - 60735608 _____ () C:\Program Files (x86)\Opera\33.0.1990.58\opera.dll 2015-11-05 08:47 - 2015-11-05 08:45 - 01919608 _____ () C:\Program Files (x86)\Opera\33.0.1990.58\libglesv2.dll 2015-11-05 08:47 - 2015-11-05 08:45 - 00081528 _____ () C:\Program Files (x86)\Opera\33.0.1990.58\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-3706478320-2513481521-3289856772-1001\...\trendmicro.com -> hxxps://pwm.trendmicro.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3706478320-2513481521-3289856772-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\margarito\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img10.jpg DNS Servers: 200.94.160.248 - 200.94.160.246 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3706478320-2513481521-3289856772-1001\...\StartupApproved\Run: => "CCleaner Monitoring" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{CDEF66B8-5ED7-4CA9-A001-4728EB4B600B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{D90108F7-D5D8-4399-A6FE-EF34ACE83F16}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{4CBA33DD-9BAB-41F6-9D59-F2D78059FE49}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{A61DEA20-06F3-4981-AF2F-2CCD3DA2F4BE}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{1C96305B-9051-42BF-9162-0227DBEB4064}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{D94B4B8A-8039-4EC5-BA71-168870E099F6}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [TCP Query User{62246817-59E8-4632-AED8-C712C4BC7E80}C:\users\rocio_000\desktop\jre\bin\javaw.exe] => (Allow) C:\users\rocio_000\desktop\jre\bin\javaw.exe FirewallRules: [UDP Query User{1BBC2E1F-C76D-49EF-ABF2-D49FC9CC3AB5}C:\users\rocio_000\desktop\jre\bin\javaw.exe] => (Allow) C:\users\rocio_000\desktop\jre\bin\javaw.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/08/2015 08:09:58 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (11/07/2015 09:48:10 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (11/06/2015 08:39:02 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (11/05/2015 09:08:37 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (11/04/2015 09:45:59 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (11/04/2015 02:27:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: margarito) Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (11/04/2015 02:27:36 PM) (Source: EventSystem) (EventID: 4621) (User: ) Description: 80070005EventSystem.EventSubscription{46C896DE-CF99-4E3B-935A-4AF7DD2C7F60}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}DestinationReachableNoQOCInfo Error: (11/04/2015 02:27:35 PM) (Source: EventSystem) (EventID: 4621) (User: ) Description: 80070005EventSystem.EventSubscription{C0A964FC-23D1-46C5-8E2B-8DEAE8C65A9F}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}DestinationReachable Error: (11/04/2015 02:27:35 PM) (Source: EventSystem) (EventID: 4621) (User: ) Description: 80070005EventSystem.EventSubscription{DC296FCF-5AB5-4AC5-9D60-F80AB6A4D7D1}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}ConnectionLost Error: (11/04/2015 02:27:34 PM) (Source: EventSystem) (EventID: 4621) (User: ) Description: 80070005EventSystem.EventSubscription{0C1C205B-D3DD-4429-82B4-17645FE8F6FA}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}ConnectionMadeNoQOCInfo System errors: ============= Error: (11/08/2015 04:22:27 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY) Description: A corruption was discovered in the file system structure on volume OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2000000000033. The name of the file is "". Error: (11/08/2015 12:07:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (11/08/2015 09:49:05 AM) (Source: DCOM) (EventID: 10010) (User: MARGARITO) Description: {D63B10C5-BB46-4990-A94F-E40B9D520160} Error: (11/08/2015 08:31:26 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (11/07/2015 07:48:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (11/07/2015 04:42:17 PM) (Source: DCOM) (EventID: 10010) (User: margarito) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (11/07/2015 04:42:17 PM) (Source: DCOM) (EventID: 10010) (User: margarito) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (11/07/2015 04:42:13 PM) (Source: DCOM) (EventID: 10010) (User: margarito) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (11/07/2015 04:42:13 PM) (Source: DCOM) (EventID: 10010) (User: margarito) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (11/07/2015 04:42:13 PM) (Source: DCOM) (EventID: 10010) (User: margarito) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz Percentage of memory in use: 35% Total physical RAM: 5529.43 MB Available physical RAM: 3540.28 MB Total Virtual: 6361.43 MB Available Virtual: 3875.93 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:444.65 GB) (Free:400.57 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 81DE1150) Partition: GPT. ==================== End of Addition.txt ============================