Here's Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
Ran by Rodrigo Torres (2016-01-29 01:24:55)
Running from D:\FRST64
Windows 7 Home Basic Service Pack 1 (X64) (2012-04-13 01:16:54)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-3232866778-1889148444-3693148987-500 - Administrator - Disabled)
Invitado (S-1-5-21-3232866778-1889148444-3693148987-501 - Limited - Disabled)
Rodrigo Torres (S-1-5-21-3232866778-1889148444-3693148987-1000 - Administrator - Enabled) => C:\Users\Rodrigo Torres
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Actualizador OFF PWCZ Descent 1.2 (HKLM-x32\...\Actualizador OFF PWCZ Descent) (Version: 1.2 - ComunidadZero)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Aion (HKLM-x32\...\{B9291CA2-6FA5-44EA-8EE0-923EB32ADAAB}) (Version: 4.0.0.3 - NC Interactive, LLC)
Akamai NetSession Interface (HKU\S-1-5-21-3232866778-1889148444-3693148987-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 11.1.2245 - AVAST Software)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Exact Audio Copy 1.0beta6 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta6 - Andre Wiethoff)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Free FLV to MP4 Converter 1.0 (HKLM-x32\...\{EE698DD0-BA36-405C-8F34-B0C64C562344}_is1) (Version: - PolySoft Solutions)
Google Chrome (HKU\S-1-5-21-3232866778-1889148444-3693148987-1000\...\Google Chrome) (Version: 48.0.2564.97 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
HP Deskjet 2050 J510 series Ayuda (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 11.4.4 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.4.4 - )
Malwarebytes Anti-Malware versión 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110C0A-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiniLyrics (HKLM-x32\...\MiniLyrics) (Version: 7.6.39 - Crintsoft)
Motorola Mobile Drivers Installation 5.1.0 (HKLM\...\{581F6FB0-46E6-42DA-98CC-ABB001386520}) (Version: 5.1.0 - Motorola Inc.)
Mp3tag v2.72 (HKLM-x32\...\Mp3tag) (Version: v2.72 - Florian Heidenreich)
Operation7 (HKLM-x32\...\Operation7) (Version: 1506 - Axeso5)
Paquete de compatibilidad para 2007 Office system (HKLM-x32\...\{90120000-0020-0C0A-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.2.13009.198 - raidcall.com.ru)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Software básico del dispositivo HP Deskjet 2050 J510 series (HKLM\...\{851CF2C8-6666-46E0-9B52-EDF7283CEB40}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
Switch, convertidor de audio (HKLM-x32\...\Switch) (Version: 4.69 - NCH Software)
SYLTEditor (HKLM-x32\...\SYLTEditor) (Version: - )
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
XnView 1.98.8 (HKLM-x32\...\XnView_is1) (Version: 1.98.8 - Gougelet Pierre-e)
Youtube Downloader HD v. 2.9.9.11 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3232866778-1889148444-3693148987-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Rodrigo Torres\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3232866778-1889148444-3693148987-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Rodrigo Torres\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3232866778-1889148444-3693148987-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Rodrigo Torres\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {097D8173-9382-418F-8609-869CC04058C1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {17A04067-51F7-4B38-8796-0F5CEE56F2D7} - System32\Tasks\{9556EABC-38BC-4D5D-9951-57293B067C16} => pcalua.exe -a D:\L2Latino_Instalador_H5.exe -d D:\
Task: {1EEB2122-C0E0-45B8-AC51-92700A4670F7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3232866778-1889148444-3693148987-1000UA => C:\Users\Rodrigo Torres\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-23] (Facebook Inc.)
Task: {2AC5FCAD-0999-4E32-9480-07A1235021FD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {2FF18493-AB40-4EA5-8742-A9F6279925EE} - System32\Tasks\{D56A5949-2CE0-4BB8-AE5D-CEFAE54D6F43} => pcalua.exe -a "C:\Windows.old\Program Files (x86)\Samsung\BatteryLifeExtender\Drv\SABI2x86\KStartMem.exe" -d "C:\Windows.old\Program Files (x86)\Samsung\BatteryLifeExtender\Drv\SABI2x86"
Task: {334FF896-D8F4-4ED0-BEED-E59F405EF971} - System32\Tasks\{4FB70C69-D2F6-453A-B5E5-22AB78050ECD} => D:\Nueva carpeta\Dragon Nest\Dragon Nest Latino\dnlauncher.exe
Task: {3DEBE0FE-11F9-4B2C-97F4-BCD608F0B7BF} - System32\Tasks\{2DB087DA-A8A6-41CA-98FD-4E617BED8C5F} => G:\HideToolz\HideToolz.exe
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {6BBBD8E8-B81A-474B-A50D-C4A398C34585} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-16] (AVAST Software)
Task: {752C1633-E006-4623-8751-4E9A58881A53} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-08-24] ()
Task: {87734F59-53B3-4009-8809-4DE88B7DBB5D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-01-19] (AVAST Software)
Task: {8D2C836E-BA36-47C7-8E2D-CEABC059A533} - System32\Tasks\{62CC9F40-18AF-457C-B487-B735191A4706} => G:\HideToolz\HideToolz.exe
Task: {974A0CC5-E4CA-4489-8312-19EFC7E2C4A6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3232866778-1889148444-3693148987-1000UA => C:\Users\Rodrigo Torres\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {A0BAAB47-26D0-4603-8D71-DDCBADD3D926} - System32\Tasks\{36DC3C7F-0AA4-4C3C-A4C4-CD8039C351EE} => G:\HideToolz\HideToolz.exe
Task: {B4306FE7-1726-4DA4-B406-B65C0D5D95D8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3232866778-1889148444-3693148987-1000Core => C:\Users\Rodrigo Torres\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-23] (Facebook Inc.)
Task: {BF4BFD5A-A76B-4AE3-BDB2-E9D159599F9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-05] (Adobe Systems Incorporated)
Task: {CE736E5D-1F77-4036-A6F3-1F713F3F826A} - System32\Tasks\{AFF80C90-18F0-4BA8-B984-186DD97C31D8} => pcalua.exe -a D:\operation7_20121023.exe -d D:\
Task: {CF6C0EF3-EFD7-46D0-AAD1-C3F1AF3619A7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3232866778-1889148444-3693148987-1000Core => C:\Users\Rodrigo Torres\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {DD30D7D7-F47C-4F09-894A-7531EF942556} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-29] (Google Inc.)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {ED7DA2AB-7FD1-4432-91CC-A6AF37C10006} - System32\Tasks\{60F2D6B8-95F5-4B23-8543-00865D99C4B8} => pcalua.exe -a "C:\Windows.old\Program Files (x86)\Samsung\BatteryLifeExtender\StartUpSetup.exe" -d "C:\Windows.old\Program Files (x86)\Samsung\BatteryLifeExtender"
Task: {F92F2025-052C-4E82-ACBE-BA80152D0612} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-29] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3232866778-1889148444-3693148987-1000Core.job => C:\Users\Rodrigo Torres\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3232866778-1889148444-3693148987-1000UA.job => C:\Users\Rodrigo Torres\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3232866778-1889148444-3693148987-1000Core.job => C:\Users\Rodrigo Torres\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3232866778-1889148444-3693148987-1000UA.job => C:\Users\Rodrigo Torres\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Rodrigo Torres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://nav.brotlab.net?uid={668f90f19821404c9a21e5e19f162412}&r=eg
ShortcutWithArgument: C:\Users\Rodrigo Torres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://nav.brotlab.net?uid={668f90f19821404c9a21e5e19f162412}&r=eg
ShortcutWithArgument: C:\Users\Rodrigo Torres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Users\Rodrigo Torres\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://nav.brotlab.net?uid={668f90f19821404c9a21e5e19f162412}&r=eg
ShortcutWithArgument: C:\Users\Rodrigo Torres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://nav.brotlab.net?uid={668f90f19821404c9a21e5e19f162412}&r=eg
ShortcutWithArgument: C:\Users\Rodrigo Torres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5bb99674507bea2b\Google Chrome.lnk -> C:\Users\Rodrigo Torres\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://nav.brotlab.net?uid={668f90f19821404c9a21e5e19f162412}&r=eg
==================== Loaded Modules (Whitelisted) ==============
2016-01-26 05:17 - 2016-01-26 05:17 - 02316728 _____ () C:\ProgramData\System32\SafeGuard64.dll
2012-04-28 16:35 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2015-09-24 10:09 - 2015-12-10 10:56 - 00193456 _____ () C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe
2016-01-26 04:41 - 2015-12-08 10:24 - 07142328 _____ () C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\XBox\XBLive.exe
2015-12-16 12:22 - 2015-12-16 12:22 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-16 12:22 - 2015-12-16 12:22 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-01-26 01:36 - 2016-01-26 01:36 - 02818048 _____ () C:\Program Files\AVAST Software\Avast\defs\16012501\algo.dll
2016-01-26 05:17 - 2016-01-26 05:17 - 01536952 _____ () C:\ProgramData\System32\SafeGuard32.dll
2015-12-16 12:22 - 2015-12-16 12:22 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-12-10 11:29 - 2015-12-08 11:12 - 00126896 _____ () C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdate.dll
2016-01-26 04:41 - 2015-11-30 10:08 - 00256440 _____ () C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\XBox\Xbox.Live.dll
2015-12-16 12:22 - 2015-12-16 12:22 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-01-28 22:53 - 2016-01-27 14:39 - 01632584 _____ () C:\Users\Rodrigo Torres\AppData\Local\Google\Chrome\Application\48.0.2564.97\libglesv2.dll
2016-01-28 22:53 - 2016-01-27 14:39 - 00087880 _____ () C:\Users\Rodrigo Torres\AppData\Local\Google\Chrome\Application\48.0.2564.97\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3232866778-1889148444-3693148987-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-3232866778-1889148444-3693148987-1000\...\aeriagames.com -> hxxp://aeriagames.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 23:34 - 2009-06-10 18:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3232866778-1889148444-3693148987-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Rodrigo Torres\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 190.113.128.1 - 190.113.128.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\startupfolder: C:^Users^Rodrigo Torres^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: Facebook Update => "C:\Users\Rodrigo Torres\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{5A84FB37-3CB9-4717-A53C-AFD8E3B2E26D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FD81AD1A-841E-4E75-BD35-CAB66F542921}] => (Allow) LPort=2869
FirewallRules: [{294B23C8-04C6-4459-ADA0-EFEED8AA6BD3}] => (Allow) LPort=1900
FirewallRules: [{4710E939-0D82-4CBD-9A56-7245E15FF4BF}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{33A471E1-808B-4C93-A027-B9FBD6BD6D96}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{92FC20ED-E39D-4E3A-AFCE-F1090D555608}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{37FDAF23-C38F-4937-BC4B-E42D6B126A49}E:\easysetupassistant\wr741n\easysetupassistant.exe] => (Allow) E:\easysetupassistant\wr741n\easysetupassistant.exe
FirewallRules: [UDP Query User{DC1DFC51-2063-4E03-B704-436F8E9B49C9}E:\easysetupassistant\wr741n\easysetupassistant.exe] => (Allow) E:\easysetupassistant\wr741n\easysetupassistant.exe
FirewallRules: [TCP Query User{97CC9649-8E5B-4F51-AD68-115E9CECC325}C:\users\rodrigo torres\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rodrigo torres\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{55DEFBFB-0C96-4F3D-A9C1-DECC95970D8F}C:\users\rodrigo torres\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rodrigo torres\appdata\local\akamai\netsession_win.exe
FirewallRules: [{7348FE00-3C6E-4CBD-BF20-C0C88FE84CC4}] => (Block) C:\users\rodrigo torres\appdata\local\akamai\netsession_win.exe
FirewallRules: [{EDC02562-89F9-4FA2-8853-09E80FFA50FB}] => (Block) C:\users\rodrigo torres\appdata\local\akamai\netsession_win.exe
FirewallRules: [{BF6F9690-3F72-4A8A-B207-28C4C58DEA69}] => (Allow) c:\users\rodrigo torres\appdata\roaming\tencent\assault fire\020b3de4ffa17b9353032c6d7239312b\teniodl\teniodl.exe
FirewallRules: [{7894D15F-04A3-4727-A781-943C99F0C393}] => (Allow) c:\users\rodrigo torres\appdata\roaming\tencent\assault fire\020b3de4ffa17b9353032c6d7239312b\teniodl\teniodl.exe
FirewallRules: [{39F16B91-20A3-4C74-AC0B-A69103C1F726}] => (Allow) C:\Users\Rodrigo Torres\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{AAD8860E-871D-401B-87B9-F7E7F0B5B9EE}] => (Allow) D:\Mauro\Dragon Nest\Dragon Nest Latino\DragonNest.exe
FirewallRules: [{998D2C86-27DC-4B4C-BDDA-AB4C6C42C6D9}] => (Allow) D:\Mauro\Dragon Nest\Dragon Nest Latino\DragonNest.exe
FirewallRules: [{77B4A822-4457-4017-B23E-3C7035B35690}] => (Allow) D:\Mauro\Dragon Nest\Dragon Nest Latino\DragonNest.exe
FirewallRules: [{B1E6D60E-B50E-46F9-867E-B474C08D559C}] => (Allow) D:\Mauro\Dragon Nest\Dragon Nest Latino\DragonNest.exe
FirewallRules: [TCP Query User{85DBB7D8-50C6-42DF-B268-B2B400037152}D:\mauro\cosas varias\raidcall\raidcall.exe] => (Allow) D:\mauro\cosas varias\raidcall\raidcall.exe
FirewallRules: [UDP Query User{0D5F1C97-4A38-41DE-A84B-4DAE17C01CAA}D:\mauro\cosas varias\raidcall\raidcall.exe] => (Allow) D:\mauro\cosas varias\raidcall\raidcall.exe
FirewallRules: [TCP Query User{46588B1C-3B04-4FAD-9C74-36CDC036978D}C:\users\rodrigo torres\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Block) C:\users\rodrigo torres\appdata\local\jdownloader v2.0\jdownloader2.exe
FirewallRules: [UDP Query User{BF217127-D44D-455A-869D-A36C3C573F49}C:\users\rodrigo torres\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Block) C:\users\rodrigo torres\appdata\local\jdownloader v2.0\jdownloader2.exe
FirewallRules: [TCP Query User{99E855FC-C6E4-4DA4-BBB3-4198FED0C5B5}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe] => (Block) C:\programdata\microsoft\network\dsq\network\sysnetwk.exe
FirewallRules: [UDP Query User{FA087AAE-6979-4DF4-B3D4-3EA80B6B9969}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe] => (Block) C:\programdata\microsoft\network\dsq\network\sysnetwk.exe
==================== Restore Points =========================
10-01-2016 03:06:06 Windows Update
16-01-2016 03:26:18 Windows Update
22-01-2016 03:54:24 Windows Update
25-01-2016 02:47:07 Installed Aurora 2.
25-01-2016 03:06:45 Removed Aurora 2.
25-01-2016 03:07:29 Removed BlueStacks App Player
26-01-2016 04:14:44 Windows Update
==================== Faulty Device Manager Devices =============
Name: Adaptador de red Broadcom 802.11n
Description: Adaptador de red Broadcom 802.11n
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Controladora simple de comunicaciones PCI
Description: Controladora simple de comunicaciones PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/29/2016 12:29:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/29/2016 12:15:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/29/2016 12:12:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/29/2016 12:05:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/28/2016 11:38:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/28/2016 11:11:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/28/2016 10:46:48 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: El servicio Windows Search se está deteniendo porque hay un problema con el indizador: The catalog is corrupt.
Detalles:
El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)
Error: (01/28/2016 10:46:48 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: No se puede inicializar el índice.
Detalles:
El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)
Error: (01/28/2016 10:46:48 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: No se puede inicializar la aplicación.
Contexto: aplicación Windows
Detalles:
El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)
Error: (01/28/2016 10:46:48 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: No se puede inicializar el objeto Recopilador.
Contexto: aplicación Windows, catálogo SystemIndex
Detalles:
El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)
System errors:
=============
Error: (01/29/2016 12:14:54 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
%%1068
Error: (01/29/2016 12:14:30 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (01/29/2016 12:14:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
%%1068
Error: (01/29/2016 12:14:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
%%1068
Error: (01/29/2016 12:14:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
%%1068
Error: (01/29/2016 12:14:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
%%1068
Error: (01/29/2016 12:14:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
%%1068
Error: (01/29/2016 12:14:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
%%1068
Error: (01/29/2016 12:14:27 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
%%1068
Error: (01/29/2016 12:14:27 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
%%1068
CodeIntegrity:
===================================
Date: 2012-07-06 11:05:38.582
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\Temp\7B0AC5346137940C.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2012-07-06 11:05:38.567
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\Temp\7B0AC5346137940C.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2012-07-06 09:46:49.316
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\Temp\3C8EC8F6122F22F.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2012-07-06 09:46:49.303
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\Temp\3C8EC8F6122F22F.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2012-07-06 09:46:48.285
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\Temp\3C8EC8F6122F22F.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2012-07-06 09:46:48.275
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\Temp\3C8EC8F6122F22F.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2012-07-06 09:46:36.604
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\Temp\2734FC61E07727.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2012-07-06 09:46:36.593
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\Temp\2734FC61E07727.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2012-07-06 09:46:35.491
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\Temp\2734FC61E07727.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2012-07-06 09:46:35.481
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\Temp\2734FC61E07727.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
==================== Memory info ===========================
Processor: Intel® Pentium® CPU P6200 @ 2.13GHz
Percentage of memory in use: 49%
Total physical RAM: 2932.56 MB
Available physical RAM: 1468.69 MB
Total Virtual: 5863.32 MB
Available Virtual: 4107.49 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:178 GB) (Free:91.32 GB) NTFS
Drive d: () (Fixed) (Total:265.89 GB) (Free:226.44 GB) NTFS
Drive f: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0C4E138D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=178 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=265.9 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=21.8 GB) - (Type=27)
==================== End of Addition.txt ============================