Onmur
2022-06-04, 20:54
Hello.
I'm asking for help.
My computer, which is still running Windows 7, has been having problems, lately. First, Office stopped working, so I wanted to upgrade to Windows 10. However, the tool I downloaded from Microsoft to install Windows 10 can't execute, and the same happens with other files. At some point, several applications stopped working, including Microsoft Security Essentials, Malwarebytes, CCleaner, and the Task Manager. I've had to restore system several times to be able to use the PC.
As an aside, I ran both Microsoft Security Essentials and Malwarebytes, and they found no problems. I also ran AdwCleaner, and that one did quarantine some files.
At this point, I'm considering formatting the PC and installing Windows 10 from 0, but I need to keep using the computer for work related purposes for a few days before then, so I'm hoping for help with removing any malware program that might be around.
I've found this forum, read the instructions for using Farbar and aswMBR, and I was hoping you could help me.
I used regedit to make a registry backup, then I ran Farbar and aswMBR, and got these logs I will be posting next. Thank you already for your time.
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 04-06-2022 01
Ejecutado por Pato (administrador) sobre CASITA (04-06-2022 14:29:14)
Ejecutado desde C:\Users\Pato\Desktop\Farbar
Perfiles cargados: Pato
Plataforma: Microsoft Windows 7 Ultimate Service Pack 1 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: FF
Modo de Inicio: Normal
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Users\Pato\Downloads\AdwCleaner.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <12>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe <2>
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <5>
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1601744 2019-01-27] (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA) [Archivo no firmado]
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\Run: [Discord] => C:\Users\Pato\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\Run: [f.lux] => C:\Users\Pato\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-17] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36836592 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [8537040 2022-02-02] (Comfort Software Group -> Comfort Software Group)
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\MountPoints2: L - L:\setup.exe
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\MountPoints2: {48641d4f-c405-11e3-a7aa-50465d09814d} - G:\setup.exe
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\MountPoints2: {48641d52-c405-11e3-a7aa-50465d09814d} - 0
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\MountPoints2: {c70770c1-39ec-11ea-a2c2-30b5c2008a06} - G:\ResidentEvil2.exe
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\MountPoints2: {e7093fe8-719c-11e5-9353-50465d09814d} - L:\LG_PC_Programs.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-12-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\102.0.5005.63\Installer\chrmstp.exe [2022-06-01] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FIREFOX.lnk [2022-01-27]
ShortcutTarget: FIREFOX.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
Startup: C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OPERA.lnk [2022-01-27]
ShortcutTarget: OPERA.lnk -> C:\Users\Pato\AppData\Local\Programs\Opera GX\launcher.exe (Opera Software AS -> Opera Software)
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {01B79720-3C63-455D-A98E-2A3477386AFD} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1617197801 => C:\Users\Pato\AppData\Local\Programs\Opera GX\launcher.exe [2369792 2022-05-30] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Pato\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {025E13C4-E7AF-4387-913B-E089BC23AB12} - System32\Tasks\stream
Task: {031C6724-0368-4820-BB63-3F70A78AB799} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {050D685F-FE41-4CC0-BA78-11E1A1889D88} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {1CD23378-7FEE-4B86-B780-9E9946EEBE8F} - System32\Tasks\Tierra
Task: {219BC370-1C4E-4F4C-9BDF-150E64A30BB8} - System32\Tasks\avastBCLRestartS-1-5-21-482052857-3487469296-3382205014-1000 => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {26E5925B-510A-4988-A059-5E0AC0CCF2EA} - System32\Tasks\{EEFADF95-F858-4CD2-8AA2-0E517C98D228} => C:\Windows\system32\pcalua.exe -a I:\SETUP.EXE -d I:\
Task: {39CD3F67-3DC8-4840-A204-7F046FA12AB4} - System32\Tasks\Alarmas\Alarma
Task: {3B1C4C53-A0ED-427B-B060-9A4D2AAAA20C} - System32\Tasks\pagar deuda
Task: {40434AA4-0F38-4C8B-B8EE-525956FB7D8B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload (Ningún archivo)
Task: {4D1B15FA-5406-4D8C-A1ED-DB8AB4B23EBB} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {52535C7C-E788-42FC-B8E7-963F98EDAF71} - System32\Tasks\curso
Task: {5AB22868-8C5A-4EBC-B38A-C8A5F5178F8C} - System32\Tasks\CCleanerSkipUAC - Pato => C:\Program Files\CCleaner\CCleaner.exe [30924528 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {64F06016-74FE-4807-8DD2-557EF4F8D051} - System32\Tasks\plomero
Task: {682399FC-F09E-4613-8059-3F1D5F1C805C} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [71648 2016-12-15] (DivX, LLC -> DivX, LLC)
Task: {6A895425-402F-45DC-B63F-6DBC7C683E08} - System32\Tasks\rezero13
Task: {71725899-9BA9-4633-A199-EAC49901296C} - System32\Tasks\21 twitch
Task: {76E6EA14-7700-4C25-8B04-F4119451A115} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880 (Ningún archivo)
Task: {785B6124-1862-4A08-908B-F78277A7C3C1} - System32\Tasks\AdobeAAMUpdater-1.0-casita-Pato => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7ECB9352-A9F6-4A12-9006-2267E586E2BC} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {822BB38F-DBA6-4985-954C-46196F881BAE} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [1174016 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Task: {84114F84-4A4F-4313-A7D6-484A96661F17} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {884EC2A6-F243-4F85-BD2D-C5B5DD1D6947} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {89E50FB9-6494-41E2-B28D-C312667D56CF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /frequentupdate SCHEDULEDTASK displaylevel=False (Ningún archivo)
Task: {8DA63800-4D6C-48A6-BF05-34180D894556} - System32\Tasks\Opera GX scheduled Autoupdate 1616187668 => C:\Users\Pato\AppData\Local\Programs\Opera GX\launcher.exe [2369792 2022-05-30] (Opera Software AS -> Opera Software)
Task: {97F69FCB-4CCF-40E4-8FA4-CB0925D968A0} - System32\Tasks\tp fisica
Task: {99AF7C31-7C44-42A4-9857-A29BC34F9584} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {9C192135-7214-42CD-A895-B58BDA26F7C0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe (Ningún archivo)
Task: {9C6C7B7F-97CF-4BD4-804B-5983D5861165} - System32\Tasks\clase
Task: {A3B223CD-7BAA-4416-84E9-DCBE17B4CC04} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (Ningún archivo)
Task: {A51F1F4C-2C82-425E-BC9B-93D0F9E001EF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-05-11] (Piriform Software Ltd -> Piriform)
Task: {AD68FD0B-2D4C-4327-AADB-0DFB80236EFA} - System32\Tasks\devolucions
Task: {B72E43E9-1975-4A45-94D3-B44E04DDDC4C} - System32\Tasks\mira a otro lado
Task: {C02935F0-25B1-4C9E-BE5D-865531C4BDAA} - System32\Tasks\tele y churros
Task: {C6502971-ACD9-4D5B-B4E7-3C675DC5228E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {D7361B0E-1E1A-4A6E-8B32-6214EDED6B5A} - System32\Tasks\{6DB9007F-3ABB-4C3A-9CD6-0931F6E3952E} => C:\Windows\system32\pcalua.exe -a C:\Users\Pato\Downloads\rafkill-1.2.3.exe -d C:\Users\Pato\Downloads
Task: {DA1C4164-B5A3-442E-A2E8-5EF7F32DD50F} - System32\Tasks\devolucion
Task: {E3B51905-B9D1-4B7A-B562-178B02BDF29B} - System32\Tasks\{B6BA0174-32CA-4339-BBC8-73E6934B9CCD} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Valve\Portal\Portal.exe" -d "C:\Program Files\Valve\Portal"
Task: {E3E35150-972F-4640-A360-BFC4D705F6F0} - System32\Tasks\pok
Task: {E9ED7BC1-7614-46E5-9E9E-8684E8FCD456} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Ningún archivo)
Task: {EA545B29-5DE5-4BCC-BE34-B612FB380823} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe /onlogon (Ningún archivo)
Task: {F921A173-57C3-4A52-91E8-6287B326FCC8} - System32\Tasks\{AE0E3E39-CD0D-478D-AE83-1B711A6F387E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Valve\Half-Life\ESForces.v1.3.OPENBETA.FINAL.exe" -d "C:\Program Files (x86)\Valve\Half-Life"
Task: {FD9AD0D9-34D4-4C4E-BBCC-39BE1C2552F8} - System32\Tasks\bounties
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\..\Interfaces\{7C5BB6DD-585E-44EA-9CA8-C408332FDEDA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{E06A01A6-DF69-4175-8104-554BA46997F8}: [DhcpNameServer] 200.42.4.210 200.49.130.41
HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,192.168.0.1,-1]
HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,26.0.0.1,9256]
FireFox:
========
FF DefaultProfile: qoeltqbd.default-1542229303266
FF ProfilePath: C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266 [2022-06-04]
FF Session Restore: Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266 -> está habilitado.
FF Extension: (Color Changer) - C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266\Extensions\@colorchanger.xpi [2021-11-30]
FF Extension: (AdBlocker Ultimate) - C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266\Extensions\adblockultimate@adblockultimate.net.xpi [2022-05-25]
FF Extension: (Tampermonkey) - C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266\Extensions\firefox@tampermonkey.net.xpi [2022-05-12]
FF Extension: (fanfiction-tools) - C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266\Extensions\jid1-APQ1424BwMIlpg@jetpack.xpi [2018-12-06]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-05-24]
FF Extension: (Tab Saver) - C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266\Extensions\{3c764d86-a50a-4f5c-b773-cb84bea924e7}.xpi [2021-12-08]
FF Extension: (NoScript) - C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2022-05-30]
FF Extension: (Adblock para YouTube™) - C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266\Extensions\{80e9f0be-bd1e-4b69-b079-5f44b2962921}.xpi [2018-11-15]
FF Extension: (Sin Nombre) - C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-05-31]
FF Extension: (Toggle Website Colors (Tab)) - C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266\Extensions\{d9d33933-40dc-4da1-8dc5-5b0449ce7d46}.xpi [2021-09-20]
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-12-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-12-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [Ningún archivo]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-04-24] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2016-12-23] (DivX, LLC -> DivX, LLC)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [Ningún archivo]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [Ningún archivo]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2016-02-29] (Nero AG -> Nero AG)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-04-24] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2013-03-11] (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FF Plugin HKU\S-1-5-21-482052857-3487469296-3382205014-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Ningún archivo]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default [2022-05-13]
CHR DownloadDir: C:\Users\Pato\Desktop
CHR StartupUrls: Default -> "hxxps://forums.sufficientvelocity.com/forums/quests.29/","hxxps://forums.sufficientvelocity.com/threads/we-have-the-technology-penny-quest.42457/page-17#post-9709782","hxxps://mail.google.com/mail/u/0/h/3hsqg9f6dg6c/?zy=g&f=1","hxxps://www.youtube.com/watch?v=IvK8XG-vSLg","hxxps://chrome.google.com/webstore/search/scroll","hxxps://www.google.com.ar/search?q=chrome+tabs+like+firefox&num=30&safe=off&rlz=1C1PRFC_enAR773AR773&source=lnt&tbs=qdr:y&sa=X&ved=0ahUKEwiv9s3_8ebXAhUIfZAKHddPBLEQpwUIHw&biw=1024&bih=675","hxxps://www.reddit.com/r/chrome/comments/2asqg2/recently_switched_is_there_a_way_to_have_tabs/","hxxps://www.reddit.com/r/chrome/comments/5yr83k/yo_is_there_really_no_way_on_chrome_to_have_tabs/"
CHR Session Restore: Default -> está habilitado.
CHR Extension: (Lazy Tabs) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabgbgciohhaogajcnacpgilhmacdahc [2018-02-15]
CHR Extension: (TooManyTabs para Chrome) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2017-11-30]
CHR Extension: (Documentos) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-30]
CHR Extension: (Google Drive) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-30]
CHR Extension: (Video Styler (brightness and more)) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfmgdnjlifbmedglimhnbhgkefanaiep [2018-03-07]
CHR Extension: (YouTube) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-30]
CHR Extension: (Tampermonkey) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-08-28]
CHR Extension: (Session Buddy) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2018-01-29]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Bloqueador de anuncios para Youtube ™) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2018-10-29]
CHR Extension: (Selectable - for fanfiction.net and more) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcidlhgdoojamkbpmhbpgldmajnobefd [2018-05-16]
CHR Extension: (The Great Suspender) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2017-11-30]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (uMatrix) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfcmafjalglgifnmanfmnieipoejdcf [2018-08-28]
CHR Extension: (Gmail) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-30]
CHR Extension: (Chrome Media Router) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-31]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-482052857-3487469296-3382205014-1000) Opera GXStable - "C:\Users\Pato\AppData\Local\Programs\Opera GX\Launcher.exe"
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-04-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2018-05-10] (Apple Inc. -> Apple Inc.)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [128584 2018-03-26] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3729512 2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8524512 2022-05-13] (Malwarebytes Inc. -> Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R3 DroidCam; C:\Windows\System32\DRIVERS\droidcam.sys [31576 2020-04-24] (DEV47 APPS -> Dev47Apps)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2018-11-29] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2018-11-29] (Disc Soft Ltd -> Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
S3 h647906; C:\Windows\System32\drivers\h647906.sys [63856 2008-08-08] (Shen Zhen Dragon Rise Macro Technology Limited Company -> Your Corporation)
S3 h648101; C:\Windows\System32\drivers\h648101.sys [65776 2008-08-08] (Shen Zhen Dragon Rise Macro Technology Limited Company -> Your Corporation)
S3 h648103; C:\Windows\System32\drivers\h648103.sys [62960 2008-08-08] (Shen Zhen Dragon Rise Macro Technology Limited Company -> Your Corporation)
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [41272 2008-08-08] (Shen Zhen Dragon Rise Macro Technology Limited Company -> Your Corporation)
S3 hid8101; C:\Windows\SysWOW64\drivers\hid8101.sys [43192 2008-08-08] (Shen Zhen Dragon Rise Macro Technology Limited Company -> Your Corporation)
S3 hid8103; C:\Windows\SysWOW64\drivers\hid8103.sys [40856 2008-08-08] (Shen Zhen Dragon Rise Macro Technology Limited Company -> Your Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-05-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239560 2022-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-01-11] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2013-01-11] (MiniTool Solution Ltd -> )
S3 RvNetMP60; C:\Windows\System32\DRIVERS\RvNetMP60.sys [69048 2021-09-21] (Famatech Corp. -> Famatech Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-04-14] () [Archivo no firmado] [El archivo está en uso]
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tpg64win7; C:\Windows\System32\DRIVERS\tpg64win7.sys [648808 2012-02-22] (Realtek Semiconductor Corp -> TP-LINK TECHNOLOGIES CO., LTD)
S3 vjoy; C:\Windows\System32\DRIVERS\vjoy.sys [56560 2015-08-15] (Shaul Eizikovich -> Shaul Eizikovich)
R3 wovad_micarray; C:\Windows\System32\drivers\womic.sys [35696 2017-11-25] (Beijing Wolicheng Technology Co., Ltd. -> Windows (R) Win 7 DDK provider)
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [34016 2014-05-27] (Windows Central Build Account - X -> Microsoft Corporation)
U3 a7b9c01f; no ImagePath
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
U3 aswbdisk; no ImagePath
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 MpKsl1199b774; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4FA05688-FB88-43B2-852A-5121B1F33BA8}\MpKslDrv.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) (Lista blanca) =========
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2022-06-04 14:29 - 2022-06-04 14:30 - 000000000 ____D C:\Users\Pato\Desktop\Farbar
2022-06-04 14:29 - 2022-06-04 14:29 - 000000000 _____ C:\Users\Pato\Downloads\wEkk4S4-.exe.part
2022-06-04 14:29 - 2022-06-04 14:29 - 000000000 _____ C:\Users\Pato\Downloads\aswMBR.exe
2022-06-04 14:23 - 2022-06-04 14:23 - 008551608 _____ (Malwarebytes) C:\Users\Pato\Downloads\AdwCleaner(1).exe
2022-06-04 14:11 - 2022-06-04 14:16 - 000052680 _____ C:\Users\Pato\Downloads\Addition.txt
2022-06-04 14:05 - 2022-06-04 14:16 - 000048665 _____ C:\Users\Pato\Downloads\FRST.txt
2022-06-04 14:05 - 2022-06-04 14:05 - 008551608 _____ (Malwarebytes) C:\Users\Pato\Downloads\AdwCleaner.exe
2022-06-04 13:51 - 2022-06-04 13:51 - 000627600 _____ C:\Users\Pato\Documents\cc_20220604_135150.reg
2022-06-04 13:35 - 2022-06-04 13:35 - 000000000 ___HD C:\Users\Pato\Downloads\.opera
2022-06-04 13:35 - 2022-06-04 13:35 - 000000000 ___HD C:\Users\Pato\.opera
2022-06-04 12:18 - 2022-06-04 12:18 - 000000000 ___HD C:\$Windows.~WS
2022-06-04 11:47 - 2022-06-04 11:47 - 000000000 ____D C:\$WINDOWS.~BT
2022-06-04 11:45 - 2022-06-04 11:45 - 003096328 _____ C:\Users\Pato\Desktop\2ndbackup04062022.rar
2022-06-04 11:44 - 2022-06-04 11:44 - 035405041 _____ C:\Users\Pato\Desktop\bookmarksfirefox04062022.html
2022-06-04 11:44 - 2022-06-04 11:44 - 000093633 _____ C:\Users\Pato\Desktop\bookmarksopera04062022.html
2022-06-03 13:24 - 2022-06-03 13:24 - 000000000 ____D C:\Users\Public\Documents\Catch!
2022-06-03 08:23 - 2022-06-03 08:23 - 000088146 _____ C:\Users\Pato\Desktop\2022.05.01-PRORRATEO PRELIMINAR- FEDERICO LACROZE 2137 - MAYO PRELIMINAR.pdf
2022-06-02 16:29 - 2022-06-02 16:29 - 000109534 _____ C:\Users\Pato\Downloads\2022.05.01-PRORRATEO PRELIMINAR- ACOYTE 673 - MAYO PRELIMINAR.pdf
2022-06-02 16:27 - 2022-06-02 16:28 - 000071747 _____ C:\Users\Pato\Downloads\2022.05.01-PRORRATEO PRELIMINAR- ACOYTE 673 - MAYO PRELIMINAR.xlsx
2022-06-02 16:21 - 2022-06-02 16:21 - 000223440 _____ C:\Users\Pato\Downloads\2022.05.01-PRORRATEO PRELIMINAR- ACOYTE 673 - MAYO PRELIMINAR a.xlsx
2022-06-02 16:21 - 2022-06-02 16:21 - 000223440 _____ C:\Users\Pato\Downloads\2022.05.01-PRORRATEO- ACOYTE 673 - MAYO.xlsx
2022-06-01 17:28 - 2022-06-01 17:44 - 000000000 ____D C:\Windows\system32\appmgmt
2022-05-31 23:11 - 2022-06-01 09:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-05-31 20:54 - 2022-05-31 20:55 - 001232764 _____ C:\Users\Pato\Documents\cc_20220531_205447.reg
2022-05-31 16:07 - 2022-05-31 16:07 - 000027643 _____ C:\Users\Pato\Documents\20363197869-constancia cuit afip.pdf
2022-05-31 14:03 - 2022-05-31 14:03 - 000000520 _____ C:\Users\Pato\Desktop\Asistente de soporte y recuperación de Microsoft.appref-ms
2022-05-31 12:00 - 2022-05-31 12:05 - 000000000 ____D C:\Users\Pato\AppData\Roaming\DFXCT
2022-05-31 11:25 - 2022-05-31 15:33 - 000000000 ____D C:\Users\Pato\AppData\Local\SaraResults
2022-05-31 10:55 - 2022-05-31 14:05 - 000000000 ____D C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
2022-05-31 10:55 - 2022-05-31 10:55 - 000000000 ____D C:\Users\Pato\AppData\Local\SaRALogs
2022-05-25 17:28 - 2022-05-25 17:28 - 000223176 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-05-12 21:27 - 2022-06-04 13:35 - 000004048 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1616187668
2022-05-08 19:05 - 2022-05-08 19:05 - 000001079 _____ C:\Users\Public\Desktop\Free Alarm Clock.lnk
2022-05-08 19:05 - 2022-05-08 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock
2022-05-08 19:05 - 2022-05-08 19:05 - 000000000 ____D C:\Program Files (x86)\FreeAlarmClock
2022-05-08 19:03 - 2022-05-08 19:03 - 004721088 _____ (Comfort Software Group ) C:\Users\Pato\Desktop\FreeAlarmClockSetup.exe
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2022-06-04 14:29 - 2016-02-03 12:19 - 000000000 ____D C:\FRST
2022-06-04 14:23 - 2022-02-09 11:34 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-06-04 14:22 - 2017-02-17 18:11 - 000000000 ____D C:\Users\Pato\AppData\Roaming\discord
2022-06-04 14:22 - 2016-11-18 09:13 - 000000000 ____D C:\Users\Pato\AppData\LocalLow\Mozilla
2022-06-04 14:20 - 2014-03-12 09:33 - 000000000 ____D C:\AdwCleaner
2022-06-04 14:15 - 2013-02-16 16:26 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-04 14:05 - 2009-07-14 01:45 - 000028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-06-04 14:05 - 2009-07-14 01:45 - 000028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-06-04 13:45 - 2013-03-01 12:55 - 000000000 ____D C:\Program Files\CCleaner
2022-06-04 13:44 - 2017-02-17 18:11 - 000000000 ____D C:\Users\Pato\AppData\Local\Discord
2022-06-04 13:37 - 2019-10-03 09:09 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-06-04 13:35 - 2013-02-16 16:09 - 000000000 ____D C:\Users\Pato
2022-06-04 13:28 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-06-04 13:27 - 2021-11-27 18:25 - 000000000 ____D C:\Program Files (x86)\StarCraft II
2022-06-04 13:27 - 2020-05-27 23:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WarCraft III
2022-06-04 13:27 - 2018-05-10 23:11 - 000000000 ____D C:\Program Files (x86)\StarCroft
2022-06-04 13:27 - 2016-06-27 22:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2016
2022-06-04 13:27 - 2013-12-13 07:10 - 000000000 ____D C:\Program Files (x86)\Battle.net
2022-06-04 13:27 - 2013-03-05 11:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2022-06-04 13:27 - 2013-02-18 01:17 - 000000000 ____D C:\Users\Pato\Desktop\EVERYTHING
2022-06-04 13:27 - 2013-02-17 15:44 - 000000000 ____D C:\PCSX2 1.0.0
2022-06-04 13:26 - 2022-04-23 15:44 - 000000000 ____D C:\Program Files (x86)\International GunZ
2022-06-04 13:26 - 2022-02-14 18:42 - 000000000 ____D C:\Users\Pato\Desktop\Formulario para atención de usuarios Argentina.gob.ar_archivos
2022-06-04 13:26 - 2022-02-14 18:42 - 000000000 ____D C:\Users\Pato\Desktop\Formulario para atención de usuarios Argentina.gob.ar 1_archivos
2022-06-04 13:26 - 2021-11-27 22:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheating-Death
2022-06-04 13:26 - 2021-11-27 18:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2022-06-04 13:26 - 2021-11-27 18:25 - 000000000 ____D C:\Users\Pato\Documents\StarCraft II
2022-06-04 13:26 - 2021-11-02 21:33 - 000000000 ____D C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-06-04 13:26 - 2021-06-02 12:39 - 000000000 ____D C:\Users\Pato\Documents\PCSX2
2022-06-04 13:26 - 2021-05-22 10:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Compressor
2022-06-04 13:26 - 2021-05-22 10:46 - 000000000 ____D C:\Program Files (x86)\Free Video Compressor
2022-06-04 13:26 - 2021-04-27 13:48 - 000000000 ____D C:\SNES9x v1.53-1240
2022-06-04 13:26 - 2021-03-25 16:30 - 000000000 ____D C:\Users\Pato\Documents\My Cheat Tables
2022-06-04 13:26 - 2021-01-25 18:51 - 000000000 ____D C:\Warframe
2022-06-04 13:26 - 2021-01-25 18:50 - 000000000 ____D C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warframe
2022-06-04 13:26 - 2020-05-19 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker
2022-06-04 13:26 - 2020-05-19 20:02 - 000000000 ____D C:\Program Files (x86)\Tracker
2022-06-04 13:26 - 2020-04-08 17:57 - 000000000 ____D C:\Users\Pato\AppData\Roaming\Zoom
2022-06-04 13:26 - 2019-07-19 17:03 - 000000000 ____D C:\Program Files (x86)\NirSoft
2022-06-04 13:26 - 2018-08-09 20:39 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2022-06-04 13:26 - 2018-05-10 23:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft
2022-06-04 13:26 - 2018-02-19 16:13 - 000000000 ____D C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\maxima-5.38.1
2022-06-04 13:26 - 2016-11-29 16:47 - 000000000 ____D C:\Users\Pato\Desktop\EVERYTHING 2
2022-06-04 13:26 - 2016-10-28 16:53 - 000000000 ____D C:\Program Files (x86)\ePub Reader for Windows
2022-06-04 13:26 - 2016-09-08 14:20 - 000000000 ____D C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2022-06-04 13:26 - 2016-08-20 01:19 - 000000000 ____D C:\Program Files (x86)\BANDAI NAMCO Games
2022-06-04 13:26 - 2016-03-19 12:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2022-06-04 13:26 - 2016-03-19 11:40 - 000000000 ____D C:\Users\Pato\Documents\Heroes of the Storm
2022-06-04 13:26 - 2016-03-19 11:40 - 000000000 ____D C:\Program Files (x86)\Heroes of the Storm
2022-06-04 13:26 - 2016-02-04 23:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-06-04 13:26 - 2015-02-15 19:17 - 000000000 ____D C:\Users\Pato\Documents\Assassin's Creed IV Black Flag
2022-06-04 13:26 - 2014-12-06 18:13 - 000000000 ____D C:\Program Files\Valve
2022-06-04 13:26 - 2014-10-06 17:22 - 000000000 ____D C:\Program Files (x86)\Freemake
2022-06-04 13:26 - 2014-05-08 20:32 - 000000000 ____D C:\Program Files (x86)\Child of Light
2022-06-04 13:26 - 2014-04-14 17:12 - 000000000 ____D C:\Games
2022-06-04 13:26 - 2014-04-14 15:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
2022-06-04 13:26 - 2014-04-14 15:54 - 000000000 ____D C:\Program Files (x86)\Diablo II
2022-06-04 13:26 - 2014-03-25 18:21 - 000000000 ____D C:\th135
2022-06-04 13:26 - 2014-02-03 18:04 - 000000000 ____D C:\Program Files (x86)\Lame For Audacity
2022-06-04 13:26 - 2014-01-09 08:51 - 000000000 ____D C:\Program Files (x86)\Firefall
2022-06-04 13:26 - 2013-12-13 07:11 - 000000000 ____D C:\Users\Pato\AppData\Roaming\Battle.net
2022-06-04 13:26 - 2013-12-13 07:11 - 000000000 ____D C:\Users\Pato\AppData\Local\Battle.net
2022-06-04 13:26 - 2013-12-13 07:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2022-06-04 13:26 - 2013-08-14 18:13 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2022-06-04 13:26 - 2013-07-19 17:44 - 000000000 ____D C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Magicka
2022-06-04 13:26 - 2013-07-19 17:43 - 000000000 ____D C:\Program Files (x86)\Magicka
2022-06-04 13:26 - 2013-05-14 18:51 - 000000000 ____D C:\Program Files (x86)\JDownloader
2022-06-04 13:26 - 2013-05-11 23:12 - 000000000 ____D C:\Users\Pato\AppData\Roaming\IrfanView
2022-06-04 13:26 - 2013-04-15 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frontier Aja
2022-06-04 13:26 - 2013-04-15 16:59 - 000000000 ____D C:\Program Files (x86)\Frontier Aja
2022-06-04 13:26 - 2013-04-02 20:03 - 000000000 ____D C:\Program Files (x86)\SPlayer
2022-06-04 13:26 - 2013-03-19 01:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
2022-06-04 13:26 - 2013-03-09 23:29 - 000000000 ____D C:\Program Files (x86)\Bethesda Softworks
2022-06-04 13:26 - 2013-03-05 11:16 - 000000000 ____D C:\Program Files (x86)\Nero
2022-06-04 13:26 - 2013-03-01 12:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-06-04 13:26 - 2013-02-28 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
2022-06-04 13:26 - 2013-02-28 19:00 - 000000000 ____D C:\Program Files (x86)\MagicISO
2022-06-04 13:26 - 2013-02-18 11:59 - 000000000 ____D C:\Users\Pato\Desktop\ST
2022-06-04 13:26 - 2013-02-17 21:48 - 000000000 ____D C:\Program Files (x86)\NAMCO BANDAI Games
2022-06-04 13:26 - 2013-02-17 21:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2022-06-04 13:26 - 2013-02-16 22:59 - 000000000 ____D C:\Users\Pato\Documents\My Games
2022-06-04 13:26 - 2013-02-16 21:22 - 000000000 ____D C:\Program Files (x86)\KONAMI
2022-06-04 13:26 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2022-06-04 13:25 - 2013-02-16 16:10 - 000000000 ____D C:\Windows\SoftwareDistribution.old
2022-06-04 13:25 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\registration
2022-06-04 12:19 - 2013-02-17 00:02 - 000000000 ____D C:\Windows\Panther
2022-06-01 18:16 - 2021-07-10 13:34 - 000000000 ____D C:\Users\Pato\AppData\Roaming\NCH Software
2022-06-01 18:16 - 2014-12-08 16:42 - 000000000 ____D C:\Program Files (x86)\UltraISO
2022-06-01 18:05 - 2009-07-14 02:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2022-06-01 17:51 - 2014-08-17 07:55 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2022-06-01 17:49 - 2017-07-28 18:11 - 000000000 ____D C:\Users\Pato\AppData\Local\CrashDumps
2022-06-01 17:39 - 2017-04-22 20:29 - 000000000 ____D C:\Program Files\Free PDF to Word Converter
2022-06-01 17:37 - 2021-11-27 22:06 - 000000000 ____D C:\Program Files (x86)\Cheating-Death
2022-06-01 17:30 - 2018-06-29 13:15 - 000000000 ____D C:\Users\Pato\Desktop\Materias
2022-06-01 16:34 - 2016-11-27 19:31 - 000000000 ____D C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-06-01 09:23 - 2021-07-20 09:03 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-06-01 00:16 - 2017-11-30 14:52 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-05-31 14:53 - 2016-02-13 19:08 - 000000000 ____D C:\Users\Pato\AppData\Local\Deployment
2022-05-31 14:23 - 2020-04-04 01:46 - 000000000 ____D C:\Program Files\Microsoft Office
2022-05-31 14:23 - 2009-07-14 00:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2022-05-31 12:48 - 2020-08-18 23:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2022-05-31 12:46 - 2020-08-18 23:17 - 000000000 ____D C:\Program Files\AutoHotkey
2022-05-31 12:46 - 2020-04-04 02:00 - 000000000 ____D C:\Program Files (x86)\Teams Installer
2022-05-25 17:30 - 2020-04-04 02:01 - 000000000 ___RD C:\Users\Pato\OneDrive
2022-05-25 11:31 - 2021-06-21 19:23 - 000000000 ____D C:\Users\Pato\AppData\Roaming\flashpoint-launcher
2022-05-13 18:45 - 2022-02-21 12:16 - 000001908 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-05-13 18:45 - 2020-08-02 20:17 - 000001920 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-05-13 18:41 - 2017-11-30 14:25 - 000000000 ____D C:\Program Files\Malwarebytes
2022-05-13 18:41 - 2014-05-13 15:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-05-12 21:39 - 2017-11-30 14:52 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-05-12 09:35 - 2015-12-21 01:28 - 000000000 ____D C:\Windows\system32\MRT
2022-05-12 09:24 - 2013-03-16 11:54 - 145501456 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-05-09 08:16 - 2009-07-14 02:08 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
==================== Archivos en la raíz de algunos directorios ========
2018-05-15 14:07 - 2018-05-22 12:53 - 000000033 _____ () C:\Users\Pato\AppData\Roaming\AdobeWLCMCache.dat
2017-09-17 18:10 - 2018-08-12 20:45 - 000003584 _____ () C:\Users\Pato\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-28 10:13 - 2018-09-28 10:13 - 000000000 _____ () C:\Users\Pato\AppData\Local\oobelibMkey.log
2014-03-29 13:36 - 2014-03-29 13:36 - 000000218 _____ () C:\Users\Pato\AppData\Local\recently-used.xbel
2014-02-23 17:32 - 2018-12-22 16:01 - 000007597 _____ () C:\Users\Pato\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
LastRegBack: 2022-05-27 00:38
==================== Final de FRST.txt ========================
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 04-06-2022 01
Ejecutado por Pato (04-06-2022 14:31:15)
Ejecutado desde C:\Users\Pato\Desktop\Farbar
Microsoft Windows 7 Ultimate Service Pack 1 (X64) (2013-02-16 19:09:16)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
(Si una entrada es incluida en el fixlist, será eliminada.)
Administrador (S-1-5-21-482052857-3487469296-3382205014-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-482052857-3487469296-3382205014-1002 - Limited - Enabled)
Invitado (S-1-5-21-482052857-3487469296-3382205014-501 - Limited - Disabled)
Pato (S-1-5-21-482052857-3487469296-3382205014-1000 - Administrator - Enabled) => C:\Users\Pato
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Asistente de soporte y recuperación de Microsoft (HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\a1a734b8150c1d83) (Version: 17.0.8503.9 - Microsoft Corporation)
AutoHotkey 1.1.33.02 (HKLM\...\AutoHotkey) (Version: 1.1.33.02 - Lexikos)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 6.00 - Piriform)
CodeBlocks (HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\CodeBlocks) (Version: 17.12 - The Code::Blocks Team)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0650 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\Discord) (Version: 0.0.309 - Discord Inc.)
DivX Setup (HKLM\...\DivX Setup) (Version: 3.0.0.141 - DivX, LLC)
DroidCam Client (HKLM-x32\...\DroidCam) (Version: 6.3.3 - Dev47apps)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ePub Reader for Windows versión 5.3 (HKLM-x32\...\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1) (Version: 5.3 - HANSoft, Inc.)
f.lux (HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\Flux) (Version: - f.lux Software LLC)
ffdshow (remove only) (HKLM-x32\...\ffdshow) (Version: - )
FlexHEX version 2.7 (HKLM-x32\...\FlexHEX_is1) (Version: 2.7 - Inv Softworks LLC)
FormatFactory 3.3.3.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.3.0 - Format Factory)
Free Alarm Clock (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 5.2.0.0 - Comfort Software Group)
Free Video Compressor (HKLM-x32\...\{01554C33-4131-4BC7-9E6D-AF85E02BDF4F}_is1) (Version: - freevideocompressor.com)
Freemake Video Converter versión 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.156.0 - International GeoGebra Institute)
GeoGebra Classic (HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\GeoGebra_6) (Version: 6.0.489 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 102.0.5005.63 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Half-Life (HKLM-x32\...\Half-Life_is1) (Version: Half-Life - No Steam - KingSOFT DVD)
Hero Editor V1.04 (HKLM-x32\...\ST6UNST #1) (Version: - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
International GunZ Installer (HKLM-x32\...\{F5F73DCD-B812-4FD3-B0B9-C1022739864F}) (Version: 1.2.2.0 - International GunZ)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
K-Lite Codec Pack 9.8.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.8.0 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version: - )
Malwarebytes version 4.5.9.198 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.9.198 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
MiKTeX 2.9 (HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MiniTool Partition Wizard Home Edition 7.7 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Mnemosyne 2.8 (HKLM-x32\...\Mnemosyne_is1) (Version: - )
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 es-AR) (HKLM\...\Mozilla Firefox 101.0 (x64 es-AR)) (Version: 101.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.1 - Mozilla)
MPC-HC 1.6.6.6957 (3975d54) (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.6.6957 - MPC-HC Team)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Multi-Timer Ultimate 2.51 (HKLM-x32\...\Multi-Timer Ultimate_is1) (Version: - Johannes Wallroth)
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version: - )
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 8.1.5 - Notepad++ Team)
OpenShot Video Editor versión 2.5.1 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.5.1 - OpenShot Studios, LLC)
Opera GX Stable 86.0.4363.64 (HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\Opera GX 86.0.4363.64) (Version: 86.0.4363.64 - Opera Software)
Opera GX Stable 86.0.4363.70 (HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\Opera GX 86.0.4363.70) (Version: 86.0.4363.70 - Opera Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.97.1001.2015 - Realtek)
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Stashimi Stub Installer (HKLM-x32\...\{910B539D-F257-46C8-9CB8-6C95EFF9CF22}) (Version: 18.001.1 - Nero AG) Hidden
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.362 - Microsoft Corporation)
Tracker (HKLM-x32\...\OSP Tracker) (Version: 5.1.5 - Open Source Physics)
USB Network Driver (HKLM-x32\...\{66ED8E01-C915-41F5-B33E-C5C31F27B885}) (Version: V3.70a - )
USB Vibration Joystick (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - )
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VIA Administrador de dispositivos de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
vJoy Device Driver 0.2.1.6 (HKLM\...\{8E31F76F-74C3-47F1-9550-E041EEDC5FBB}_is1) (Version: 0.2.1.6 - Shaul Eizikovich)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Warframe (HKLM-x32\...\{61E16878-258F-429D-A1D0-4E3E5D183BB5}) (Version: 1.0.0 - Digital Extremes)
Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.14000 - Nero AG) Hidden
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinZip 15.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )
WO Mic Client (HKLM-x32\...\WOMic) (Version: - )
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
X-Mouse Button Control 2.18.2 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.18.2 - Highresolution Enterprises)
YAWLE 0.5b (HKLM-x32\...\Yawle_0.3b) (Version: - )
YoloMouse (HKLM\...\{0BD95EA1-50C1-4841-869E-25B3AC863A26}) (Version: 0.8.1.0 - HaPpY)
Zoom (HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\ZoomUMX) (Version: 5.8.3 (1581) - Zoom Video Communications, Inc.)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
CustomCLSID: HKU\S-1-5-21-482052857-3487469296-3382205014-1000_Classes\CLSID\{6514CF27-CAB1-4577-81A9-EC81618C5003}\InprocServer32 -> C:\Program Files (x86)\FlexHEX\FlexCtx64.dll (Inv Softworks LLC -> Inv Softworks LLC)
CustomCLSID: HKU\S-1-5-21-482052857-3487469296-3382205014-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2021-02-13] (Notepad++ -> )
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [Archivo no firmado]
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2011-03-15] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [Archivo no firmado]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2011-03-15] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [Archivo no firmado]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2011-03-15] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers1_S-1-5-21-482052857-3487469296-3382205014-1000: [FlexHEX Menu] -> {6514CF27-CAB1-4577-81A9-EC81618C5003} => C:\Program Files (x86)\FlexHEX\FlexCtx64.dll [2018-06-30] (Inv Softworks LLC -> Inv Softworks LLC)
==================== Codecs (Lista blanca) ====================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Drivers32-x32: [vidc.iv50] => C:\PROGRA~2\SPlayer\ir50_32.dll
HKLM\...\Drivers32: [vidc.ffds] => C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax [1761280 2004-10-12] () [Archivo no firmado]
==================== Accesos directos & WMI ========================
(Las entradas pueden ser listadas para ser restauradas o eliminadas.)
Shortcut: C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\maxima-5.38.1\Configure default LISP for Maxima.lnk -> C:\maxima-5.38.1\bin\lispselector.bat (Ningún archivo)
Shortcut: C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\maxima-5.38.1\Maxima (command line).lnk -> C:\maxima-5.38.1\bin\maxima.bat (Ningún archivo)
Shortcut: C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\maxima-5.38.1\XMaxima (simple GUI).lnk -> C:\maxima-5.38.1\bin\xmaxima.bat (Ningún archivo)
==================== Módulos cargados (Lista blanca) =============
2010-11-18 20:08 - 2010-11-18 20:08 - 000086016 _____ (Igor Pavlov) [Archivo no firmado] D:\Program Files\7-Zip\7-zip.dll
2013-02-28 19:00 - 2008-05-22 22:25 - 000043520 _____ (MagicISO, Inc.) [Archivo no firmado] C:\Program Files (x86)\MagicISO\misosh64.dll
==================== Alternate Data Streams (Lista blanca) ========
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer (Versión 11) (Lista blanca) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-12-15] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-12-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Aplicación auxiliar de inicio de sesión en la cuenta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - Ningún archivo
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - Ningún archivo
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - Ningún archivo
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - Ningún archivo
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - Ningún archivo
(Si una entrada es incluida en el fixlist, será eliminada del registro.)
IE trusted site: HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\sharepoint.com -> hxxps://insptutneduar-files.sharepoint.com
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2009-07-13 23:34 - 2009-06-10 18:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: Update webget => 2
MSCONFIG\Services: Util webget => 2
MSCONFIG\Services: WMPNetworkSvc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HandyAndy.lnk => C:\Windows\pss\HandyAndy.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Pato^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OUTLOOK.EXE => C:\Windows\pss\OUTLOOK.EXE.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Chromium => "c:\users\pato\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session
MSCONFIG\startupreg: com.squirrel.Teams.Teams => C:\Users\Pato\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EpicGamesLauncher => "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
MSCONFIG\startupreg: f.lux => "C:\Users\Pato\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: RadminVPN => "C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe" /minimized
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: UPlayLoader => C:\Users\Pato\AppData\Roaming\UPlayLoader.exe
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [{B317C595-ADAA-419E-AA04-C5B57AC90C66}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe (Nero AG -> Nero AG)
FirewallRules: [{AF8EAB99-5E97-4CB7-A988-ADD5D729FC2F}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe (Nero AG -> Nero AG)
FirewallRules: [TCP Query User{B9DFAC50-376A-4E7E-BD17-D0DB1AA1362F}C:\program files (x86)\valve\half-life\hl.exe] => (Allow) C:\program files (x86)\valve\half-life\hl.exe (Valve) [Archivo no firmado]
FirewallRules: [UDP Query User{BFCBC9F9-2E91-4EF8-9CCD-209F039EEB2B}C:\program files (x86)\valve\half-life\hl.exe] => (Allow) C:\program files (x86)\valve\half-life\hl.exe (Valve) [Archivo no firmado]
FirewallRules: [TCP Query User{1D3EC1D8-4141-4B0F-86CB-D7FFDFB592A1}C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe] => (Allow) C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe (Nero AG -> Nero AG)
FirewallRules: [UDP Query User{9F3BCE5B-6762-4950-AB2F-239DF175D882}C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe] => (Allow) C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe (Nero AG -> Nero AG)
FirewallRules: [{4BD44338-7818-47E9-8EBA-9B68C5A1661F}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{4F5EBF28-717A-4EF1-A54D-1069CC3F7986}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{41C6D3D7-6500-4F51-9509-BC99C90DB18B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{CA0AAE92-79A6-4510-9275-1000A0AFC3CF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{26963E97-41CE-4E65-95A0-4561ECC31E01}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{B71FFAEA-F658-4B95-A613-7AC31099E2E0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{F07C1F5D-42AC-46FB-9362-128D019B2E96}] => (Allow) C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013_100.exe (Konami Digital Entertainment Co., Ltd.) [Archivo no firmado]
FirewallRules: [{E04F6326-6204-49C3-AC3B-E45BF210CD26}] => (Allow) C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013_100.exe (Konami Digital Entertainment Co., Ltd.) [Archivo no firmado]
FirewallRules: [{3FCD27C9-F2D5-4F31-8128-CB9389311090}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E31F97C9-2053-450E-BF0A-51B62EEC1487}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{17AF8ED0-3F81-43EE-BF2C-C290D40F750B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A5499914-2D45-4C8A-97FE-153072172605}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\StartNBR.exe (Nero AG -> Nero AG)
FirewallRules: [{E6248984-39DC-40E1-B5EB-3972E9AEE64D}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe (Nero AG -> Nero AG)
FirewallRules: [{6F3CA005-ED53-4A22-8AAF-5CDE1107D0E9}] => (Allow) C:\Program Files (x86)\Nero\KM\MediaHome.exe (Nero AG -> Nero AG)
FirewallRules: [{D7D8263C-87BF-4739-8CCE-FD7E7444CCB0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FBA8C345-F400-4D50-9E8D-B83E571EDFFF}] => (Allow) LPort=2869
FirewallRules: [{93651A7F-4113-4308-8CA4-0C43B2584A19}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{656C255F-E817-40E0-AD7E-8B373FB5A158}C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{947D8881-C737-41CF-B4A9-25073C374889}C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{7D292005-9E2E-49E0-8479-2DDD3765A49C}] => (Block) C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{F937DC6B-D489-4A75-92BA-09028D86CB38}] => (Block) C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{3015F648-9558-4FEF-9BDB-C51C6A57E5AE}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [Archivo no firmado]
FirewallRules: [{3FB7E181-724A-447A-8016-8107E6309198}] => (Allow) LPort=4950
FirewallRules: [{ED2813FF-5FED-4589-8255-10908AF27E13}] => (Allow) LPort=443
FirewallRules: [{025748E8-9C6B-4375-B83C-E434911EEBF1}] => (Allow) LPort=443
FirewallRules: [{7946578E-FD20-476E-9F9F-DA3D4B9F5AE6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{42E40672-C902-4528-9980-15444846114D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{448B31E4-B7A4-433B-96D1-6782DE3CFB43}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{2A091CBF-B51A-4630-B2DD-F5BC1C0D1A3F}C:\program files (x86)\heroes of the storm\versions\base72649\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base72649\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{96C037B8-76EC-41A1-B353-71075F9697AC}C:\program files (x86)\heroes of the storm\versions\base72649\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base72649\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{1696B94A-31A6-4A05-BA42-8DDC6DE14E65}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{AD58927D-30F6-4CE1-9780-CC9520AD1223}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{5F174A67-D0B8-4115-8EDA-C3980E9A6104}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{96096FDE-2C04-43BE-9B2A-2D9DE3DE3F4C}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{89BB6CA8-11F4-42A6-B82D-A0DC89241737}] => (Allow) C:\Users\Pato\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1DAAAB6D-A97F-44C5-8D7C-4655CB69A0A8}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{BE0B00AA-3D93-435C-BB6D-6646EF1259A6}C:\program files (x86)\tracker\jre\bin\java.exe] => (Allow) C:\program files (x86)\tracker\jre\bin\java.exe
FirewallRules: [UDP Query User{D08D7310-48F2-4E2E-9373-608673947ECE}C:\program files (x86)\tracker\jre\bin\java.exe] => (Allow) C:\program files (x86)\tracker\jre\bin\java.exe
FirewallRules: [{9E1BF09A-0193-4BCE-B77A-FB665F233ECF}] => (Allow) LPort=6112
FirewallRules: [{8D846872-1FDB-4641-9A75-2D6B161E8C27}] => (Allow) LPort=6112
FirewallRules: [{95FDBEFF-82FB-4229-9E5A-A501D9123936}] => (Allow) LPort=4000
FirewallRules: [{29F4B8F2-557E-4CCE-A932-880518D54DAA}] => (Allow) LPort=4000
FirewallRules: [{37B76B7C-CCFE-4F90-AEC3-149E76C15DC6}] => (Allow) C:\Program Files\OpenShot Video Editor\openshot-qt.exe (OpenShot Studios, LLC) [Archivo no firmado]
FirewallRules: [{CC07EDB1-6294-47AB-BFE8-7EA7432ABE86}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\nero.exe (Nero AG -> Nero AG)
FirewallRules: [{26C077A0-345D-4837-8109-A9CB52C35050}] => (Allow) C:\Users\Pato\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{538A8C99-BFE8-4027-8B57-366E5A1E00BD}] => (Allow) C:\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{2BB2D4D9-BFD2-4DAC-B2BE-AD95870AD9CE}] => (Allow) C:\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{9585137B-F7BB-4DCC-B662-72B4FC5C7802}] => (Allow) C:\Users\Pato\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{30695D5E-CAE9-4B86-AF6D-A34A25BE6378}] => (Allow) C:\Users\Pato\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{E0403F6C-0E20-4929-9002-14E60D20E856}] => (Allow) C:\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{C651ADA3-C0C3-4A08-8662-FFF710904169}] => (Allow) C:\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{7E48D0CF-0174-47E1-B6B9-4106A4CDD908}] => (Allow) C:\Users\Pato\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{6B62DCC2-E666-4E2B-9E16-314C70F84941}] => (Allow) C:\Program Files\OpenShot Video Editor\openshot-qt.exe (OpenShot Studios, LLC) [Archivo no firmado]
FirewallRules: [TCP Query User{267B9261-B594-4BFB-BAC7-7EB4D98DC2CE}C:\program files (x86)\mnemosyne\mnemosyne.exe] => (Allow) C:\program files (x86)\mnemosyne\mnemosyne.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{FFBE34C7-E4C8-4B29-A4DD-929620EE843B}C:\program files (x86)\mnemosyne\mnemosyne.exe] => (Allow) C:\program files (x86)\mnemosyne\mnemosyne.exe () [Archivo no firmado]
FirewallRules: [{AEF9E817-2F07-4806-8837-C94ED9D66667}] => (Block) C:\program files (x86)\mnemosyne\mnemosyne.exe () [Archivo no firmado]
FirewallRules: [{96D0072B-A110-411F-8326-4F9A9FE9D7E7}] => (Block) C:\program files (x86)\mnemosyne\mnemosyne.exe () [Archivo no firmado]
FirewallRules: [{80E878EA-F650-4795-BB2B-426C4650A728}] => (Allow) C:\Users\Pato\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B8ADCFA3-76A0-458B-8B08-464BDB2766BD}] => (Allow) LPort=27015
FirewallRules: [TCP Query User{D73A08FC-8A14-4A8C-82A3-DA814D20B22C}C:\users\pato\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\pato\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{1B152A2F-4B64-4353-A89B-219DBAF9ED44}C:\users\pato\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\pato\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{B315C64C-5418-45B4-B9EC-B42BC61B75F1}] => (Block) C:\users\pato\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{DA0759FA-F04D-4862-956C-F872161750DA}] => (Block) C:\users\pato\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{92870FF9-7F06-4223-95E6-A3DEB638175A}C:\program files (x86)\starcraft ii\versions\base87702\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base87702\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{ADBAED1C-346E-4BCC-A2B2-F833AAD042AC}C:\program files (x86)\starcraft ii\versions\base87702\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base87702\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{C4B3E3A2-6674-461C-8D4C-8348352618C3}] => (Block) C:\program files (x86)\starcraft ii\versions\base87702\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{AE4A419F-1DAE-410D-8BB0-ACF298861AC7}] => (Block) C:\program files (x86)\starcraft ii\versions\base87702\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{6FE9EB81-8D27-4409-A2B8-1749B801851B}C:\program files (x86)\international gunz\client\gunz.exe] => (Allow) C:\program files (x86)\international gunz\client\gunz.exe (International GunZ) [Archivo no firmado]
FirewallRules: [UDP Query User{379A1025-2B53-4366-A758-97207D5E65CB}C:\program files (x86)\international gunz\client\gunz.exe] => (Allow) C:\program files (x86)\international gunz\client\gunz.exe (International GunZ) [Archivo no firmado]
FirewallRules: [{F44ADF2D-3FFC-484B-813B-05EC0552F604}] => (Block) C:\program files (x86)\international gunz\client\gunz.exe (International GunZ) [Archivo no firmado]
FirewallRules: [{E79B0282-AD6B-403F-AACD-7F25C8ED212F}] => (Block) C:\program files (x86)\international gunz\client\gunz.exe (International GunZ) [Archivo no firmado]
FirewallRules: [{2EC600A3-790E-4C63-9429-F0AC8DEFC4F9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Puntos de Restauración =========================
01-06-2022 18:16:56 Removed Warframe
03-06-2022 13:43:32 Windows Update
04-06-2022 13:11:09 Operación de restauración
04-06-2022 14:04:11 Windows Update
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
Name: AQ436N82 IDE Controller
Description: AQ436N82 IDE Controller
Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard mass storage controllers)
Service: a7b9c01f
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (06/04/2022 02:29:45 PM) (Source: VSS) (EventID: 12297) (User: )
Description: Error del Servicio de instantáneas de volumen: no se pueden vaciar las escrituras de E/S durante el período de creación de la instantánea en el volumen \\?\Volume{b12a5a45-78c7-11e2-9264-806e6f6e6963}\.
El índice del volumen en el conjunto de instantánea es 0. Detalles del error: Open[0x00000000, La operación se completó correctamente.
], Flush[0x80042302, Un componente del Servicio de instantáneas de volumen detectó un error inesperado.
Consulte el registro de eventos de la aplicación para obtener más información.
], Release[0x00000000, La operación se completó correctamente.
], OnRun[0x00000000, La operación se completó correctamente.
].
Operación:
Ejecutando operación asincrónica
Contexto:
Estado actual: DoSnapshotSet
Error: (06/04/2022 02:29:45 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado DeviceIoControl(\\?\Volume{b12a5a45-78c7-11e2-9264-806e6f6e6963} - 0000000000000244,0x0053c000,0000000000463240,0,0000000000464250,4096,[0]). HR = 0x80070005, Acceso denegado.
.
Operación:
Ejecutando operación asincrónica
Contexto:
Estado actual: calling flush-and-hold IOCTL
Estado actual: flush-and-hold writes
Nombre del volumen: \\?\Volume{b12a5a45-78c7-11e2-9264-806e6f6e6963}\
Error: (06/04/2022 02:24:22 PM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: No se pudo iniciar el servicio de protección de software. 0xD000010A
6.1.7601.17514
Error: (06/04/2022 01:09:22 PM) (Source: System Restore) (EventID: 8206) (User: )
Description: El punto de restauración seleccionado se dañó o eliminó durante la restauración (Removed International GunZ Installer).
Error: (06/04/2022 12:46:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Los Servicios de cifrado no pudieron inicializar la base de datos del catálogo. El error ESENT era: -543.
Error: (06/04/2022 12:46:02 PM) (Source: ESENT) (EventID: 454) (User: )
Description: Catalog Database (960) Catalog Database: Error inesperado al recuperar o restaurar la base de datos -543.
Error: (06/04/2022 12:46:02 PM) (Source: ESENT) (EventID: 452) (User: )
Description: Catalog Database (960) Catalog Database: La base de datos C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb requiere los archivos de registro 1155-1166, para recuperarse correctamente. El proceso de recuperación sólo encontró los archivos de registro a partir del 1160.
Error: (06/01/2022 05:49:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: firefox.exe, versión: 101.0.0.8181, marca de tiempo: 0x628ff7f7
Nombre del módulo con errores: xul.dll, versión: 101.0.0.8181, marca de tiempo: 0x628ff95e
Código de excepción: 0x80000003
Desplazamiento de errores: 0x00000000044f3bb8
Id. del proceso con errores: 0x1518
Hora de inicio de la aplicación con errores: 0x01d875b265b98ea6
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Mozilla Firefox\xul.dll
Id. del informe: 5a174660-e1ec-11ec-b67e-30b5c2008a06
Errores del sistema:
=============
Error: (06/04/2022 02:24:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Protección de software se cerró con el siguiente error:
Acceso denegado.
Error: (06/04/2022 02:22:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Acrobat Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (06/04/2022 02:22:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AdobeUpdateService se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (06/04/2022 02:22:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Genuine Monitor Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (06/04/2022 02:22:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Genuine Software Integrity Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (06/04/2022 02:22:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Bonjour Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 500 milisegundos: Reiniciar el servicio.
Error: (06/04/2022 02:22:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio VIA Karaoke digital mixer Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (06/04/2022 02:22:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Live ID Sign-in Assistant terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.
==================== Información de la memoria ===========================
BIOS: American Megatrends Inc. 0608 08/10/2012
Placa base: ASUSTeK COMPUTER INC. P8H61-M LX3 R2.0
Procesador: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Porcentaje de memoria en uso: 69%
RAM física total: 7113.84 MB
RAM física disponible: 2153.52 MB
Virtual total: 14225.83 MB
Virtual disponible: 8412.16 MB
==================== Unidades ================================
Drive c: () (Fixed) (Total:361.12 GB) (Free:246.02 GB) (Model: WDC WD5000AAKX-00ERMA0 ATA Device) NTFS
Drive d: (Datos) (Fixed) (Total:52.09 GB) (Free:20.44 GB) (Model: WDC WD5000AAKX-00ERMA0 ATA Device) NTFS
\\?\Volume{b12a5a44-78c7-11e2-9264-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 106BA9D7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=361.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=52.1 GB) - (Type=0F Extended)
==================== Final de Addition.txt =======================
I'm asking for help.
My computer, which is still running Windows 7, has been having problems, lately. First, Office stopped working, so I wanted to upgrade to Windows 10. However, the tool I downloaded from Microsoft to install Windows 10 can't execute, and the same happens with other files. At some point, several applications stopped working, including Microsoft Security Essentials, Malwarebytes, CCleaner, and the Task Manager. I've had to restore system several times to be able to use the PC.
As an aside, I ran both Microsoft Security Essentials and Malwarebytes, and they found no problems. I also ran AdwCleaner, and that one did quarantine some files.
At this point, I'm considering formatting the PC and installing Windows 10 from 0, but I need to keep using the computer for work related purposes for a few days before then, so I'm hoping for help with removing any malware program that might be around.
I've found this forum, read the instructions for using Farbar and aswMBR, and I was hoping you could help me.
I used regedit to make a registry backup, then I ran Farbar and aswMBR, and got these logs I will be posting next. Thank you already for your time.
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 04-06-2022 01
Ejecutado por Pato (administrador) sobre CASITA (04-06-2022 14:29:14)
Ejecutado desde C:\Users\Pato\Desktop\Farbar
Perfiles cargados: Pato
Plataforma: Microsoft Windows 7 Ultimate Service Pack 1 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: FF
Modo de Inicio: Normal
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Users\Pato\Downloads\AdwCleaner.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <12>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe <2>
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <5>
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1601744 2019-01-27] (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA) [Archivo no firmado]
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\Run: [Discord] => C:\Users\Pato\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\Run: [f.lux] => C:\Users\Pato\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-17] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36836592 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [8537040 2022-02-02] (Comfort Software Group -> Comfort Software Group)
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\MountPoints2: L - L:\setup.exe
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\MountPoints2: {48641d4f-c405-11e3-a7aa-50465d09814d} - G:\setup.exe
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\MountPoints2: {48641d52-c405-11e3-a7aa-50465d09814d} - 0
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\MountPoints2: {c70770c1-39ec-11ea-a2c2-30b5c2008a06} - G:\ResidentEvil2.exe
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\MountPoints2: {e7093fe8-719c-11e5-9353-50465d09814d} - L:\LG_PC_Programs.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-12-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\102.0.5005.63\Installer\chrmstp.exe [2022-06-01] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FIREFOX.lnk [2022-01-27]
ShortcutTarget: FIREFOX.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
Startup: C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OPERA.lnk [2022-01-27]
ShortcutTarget: OPERA.lnk -> C:\Users\Pato\AppData\Local\Programs\Opera GX\launcher.exe (Opera Software AS -> Opera Software)
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {01B79720-3C63-455D-A98E-2A3477386AFD} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1617197801 => C:\Users\Pato\AppData\Local\Programs\Opera GX\launcher.exe [2369792 2022-05-30] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Pato\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {025E13C4-E7AF-4387-913B-E089BC23AB12} - System32\Tasks\stream
Task: {031C6724-0368-4820-BB63-3F70A78AB799} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {050D685F-FE41-4CC0-BA78-11E1A1889D88} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {1CD23378-7FEE-4B86-B780-9E9946EEBE8F} - System32\Tasks\Tierra
Task: {219BC370-1C4E-4F4C-9BDF-150E64A30BB8} - System32\Tasks\avastBCLRestartS-1-5-21-482052857-3487469296-3382205014-1000 => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {26E5925B-510A-4988-A059-5E0AC0CCF2EA} - System32\Tasks\{EEFADF95-F858-4CD2-8AA2-0E517C98D228} => C:\Windows\system32\pcalua.exe -a I:\SETUP.EXE -d I:\
Task: {39CD3F67-3DC8-4840-A204-7F046FA12AB4} - System32\Tasks\Alarmas\Alarma
Task: {3B1C4C53-A0ED-427B-B060-9A4D2AAAA20C} - System32\Tasks\pagar deuda
Task: {40434AA4-0F38-4C8B-B8EE-525956FB7D8B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload (Ningún archivo)
Task: {4D1B15FA-5406-4D8C-A1ED-DB8AB4B23EBB} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {52535C7C-E788-42FC-B8E7-963F98EDAF71} - System32\Tasks\curso
Task: {5AB22868-8C5A-4EBC-B38A-C8A5F5178F8C} - System32\Tasks\CCleanerSkipUAC - Pato => C:\Program Files\CCleaner\CCleaner.exe [30924528 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {64F06016-74FE-4807-8DD2-557EF4F8D051} - System32\Tasks\plomero
Task: {682399FC-F09E-4613-8059-3F1D5F1C805C} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [71648 2016-12-15] (DivX, LLC -> DivX, LLC)
Task: {6A895425-402F-45DC-B63F-6DBC7C683E08} - System32\Tasks\rezero13
Task: {71725899-9BA9-4633-A199-EAC49901296C} - System32\Tasks\21 twitch
Task: {76E6EA14-7700-4C25-8B04-F4119451A115} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880 (Ningún archivo)
Task: {785B6124-1862-4A08-908B-F78277A7C3C1} - System32\Tasks\AdobeAAMUpdater-1.0-casita-Pato => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7ECB9352-A9F6-4A12-9006-2267E586E2BC} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {822BB38F-DBA6-4985-954C-46196F881BAE} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [1174016 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Task: {84114F84-4A4F-4313-A7D6-484A96661F17} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {884EC2A6-F243-4F85-BD2D-C5B5DD1D6947} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {89E50FB9-6494-41E2-B28D-C312667D56CF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /frequentupdate SCHEDULEDTASK displaylevel=False (Ningún archivo)
Task: {8DA63800-4D6C-48A6-BF05-34180D894556} - System32\Tasks\Opera GX scheduled Autoupdate 1616187668 => C:\Users\Pato\AppData\Local\Programs\Opera GX\launcher.exe [2369792 2022-05-30] (Opera Software AS -> Opera Software)
Task: {97F69FCB-4CCF-40E4-8FA4-CB0925D968A0} - System32\Tasks\tp fisica
Task: {99AF7C31-7C44-42A4-9857-A29BC34F9584} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {9C192135-7214-42CD-A895-B58BDA26F7C0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe (Ningún archivo)
Task: {9C6C7B7F-97CF-4BD4-804B-5983D5861165} - System32\Tasks\clase
Task: {A3B223CD-7BAA-4416-84E9-DCBE17B4CC04} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (Ningún archivo)
Task: {A51F1F4C-2C82-425E-BC9B-93D0F9E001EF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-05-11] (Piriform Software Ltd -> Piriform)
Task: {AD68FD0B-2D4C-4327-AADB-0DFB80236EFA} - System32\Tasks\devolucions
Task: {B72E43E9-1975-4A45-94D3-B44E04DDDC4C} - System32\Tasks\mira a otro lado
Task: {C02935F0-25B1-4C9E-BE5D-865531C4BDAA} - System32\Tasks\tele y churros
Task: {C6502971-ACD9-4D5B-B4E7-3C675DC5228E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {D7361B0E-1E1A-4A6E-8B32-6214EDED6B5A} - System32\Tasks\{6DB9007F-3ABB-4C3A-9CD6-0931F6E3952E} => C:\Windows\system32\pcalua.exe -a C:\Users\Pato\Downloads\rafkill-1.2.3.exe -d C:\Users\Pato\Downloads
Task: {DA1C4164-B5A3-442E-A2E8-5EF7F32DD50F} - System32\Tasks\devolucion
Task: {E3B51905-B9D1-4B7A-B562-178B02BDF29B} - System32\Tasks\{B6BA0174-32CA-4339-BBC8-73E6934B9CCD} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Valve\Portal\Portal.exe" -d "C:\Program Files\Valve\Portal"
Task: {E3E35150-972F-4640-A360-BFC4D705F6F0} - System32\Tasks\pok
Task: {E9ED7BC1-7614-46E5-9E9E-8684E8FCD456} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Ningún archivo)
Task: {EA545B29-5DE5-4BCC-BE34-B612FB380823} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe /onlogon (Ningún archivo)
Task: {F921A173-57C3-4A52-91E8-6287B326FCC8} - System32\Tasks\{AE0E3E39-CD0D-478D-AE83-1B711A6F387E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Valve\Half-Life\ESForces.v1.3.OPENBETA.FINAL.exe" -d "C:\Program Files (x86)\Valve\Half-Life"
Task: {FD9AD0D9-34D4-4C4E-BBCC-39BE1C2552F8} - System32\Tasks\bounties
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\..\Interfaces\{7C5BB6DD-585E-44EA-9CA8-C408332FDEDA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{E06A01A6-DF69-4175-8104-554BA46997F8}: [DhcpNameServer] 200.42.4.210 200.49.130.41
HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,192.168.0.1,-1]
HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,26.0.0.1,9256]
FireFox:
========
FF DefaultProfile: qoeltqbd.default-1542229303266
FF ProfilePath: C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266 [2022-06-04]
FF Session Restore: Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266 -> está habilitado.
FF Extension: (Color Changer) - C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266\Extensions\@colorchanger.xpi [2021-11-30]
FF Extension: (AdBlocker Ultimate) - C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266\Extensions\adblockultimate@adblockultimate.net.xpi [2022-05-25]
FF Extension: (Tampermonkey) - C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266\Extensions\firefox@tampermonkey.net.xpi [2022-05-12]
FF Extension: (fanfiction-tools) - C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266\Extensions\jid1-APQ1424BwMIlpg@jetpack.xpi [2018-12-06]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-05-24]
FF Extension: (Tab Saver) - C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266\Extensions\{3c764d86-a50a-4f5c-b773-cb84bea924e7}.xpi [2021-12-08]
FF Extension: (NoScript) - C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2022-05-30]
FF Extension: (Adblock para YouTube™) - C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266\Extensions\{80e9f0be-bd1e-4b69-b079-5f44b2962921}.xpi [2018-11-15]
FF Extension: (Sin Nombre) - C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-05-31]
FF Extension: (Toggle Website Colors (Tab)) - C:\Users\Pato\AppData\Roaming\Mozilla\Firefox\Profiles\qoeltqbd.default-1542229303266\Extensions\{d9d33933-40dc-4da1-8dc5-5b0449ce7d46}.xpi [2021-09-20]
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-12-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-12-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [Ningún archivo]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-04-24] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2016-12-23] (DivX, LLC -> DivX, LLC)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [Ningún archivo]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [Ningún archivo]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2016-02-29] (Nero AG -> Nero AG)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-04-24] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2013-03-11] (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FF Plugin HKU\S-1-5-21-482052857-3487469296-3382205014-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Ningún archivo]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default [2022-05-13]
CHR DownloadDir: C:\Users\Pato\Desktop
CHR StartupUrls: Default -> "hxxps://forums.sufficientvelocity.com/forums/quests.29/","hxxps://forums.sufficientvelocity.com/threads/we-have-the-technology-penny-quest.42457/page-17#post-9709782","hxxps://mail.google.com/mail/u/0/h/3hsqg9f6dg6c/?zy=g&f=1","hxxps://www.youtube.com/watch?v=IvK8XG-vSLg","hxxps://chrome.google.com/webstore/search/scroll","hxxps://www.google.com.ar/search?q=chrome+tabs+like+firefox&num=30&safe=off&rlz=1C1PRFC_enAR773AR773&source=lnt&tbs=qdr:y&sa=X&ved=0ahUKEwiv9s3_8ebXAhUIfZAKHddPBLEQpwUIHw&biw=1024&bih=675","hxxps://www.reddit.com/r/chrome/comments/2asqg2/recently_switched_is_there_a_way_to_have_tabs/","hxxps://www.reddit.com/r/chrome/comments/5yr83k/yo_is_there_really_no_way_on_chrome_to_have_tabs/"
CHR Session Restore: Default -> está habilitado.
CHR Extension: (Lazy Tabs) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabgbgciohhaogajcnacpgilhmacdahc [2018-02-15]
CHR Extension: (TooManyTabs para Chrome) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2017-11-30]
CHR Extension: (Documentos) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-30]
CHR Extension: (Google Drive) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-30]
CHR Extension: (Video Styler (brightness and more)) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfmgdnjlifbmedglimhnbhgkefanaiep [2018-03-07]
CHR Extension: (YouTube) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-30]
CHR Extension: (Tampermonkey) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-08-28]
CHR Extension: (Session Buddy) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2018-01-29]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Bloqueador de anuncios para Youtube ™) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2018-10-29]
CHR Extension: (Selectable - for fanfiction.net and more) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcidlhgdoojamkbpmhbpgldmajnobefd [2018-05-16]
CHR Extension: (The Great Suspender) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2017-11-30]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (uMatrix) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfcmafjalglgifnmanfmnieipoejdcf [2018-08-28]
CHR Extension: (Gmail) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-30]
CHR Extension: (Chrome Media Router) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-31]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-482052857-3487469296-3382205014-1000) Opera GXStable - "C:\Users\Pato\AppData\Local\Programs\Opera GX\Launcher.exe"
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-04-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2018-05-10] (Apple Inc. -> Apple Inc.)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [128584 2018-03-26] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3729512 2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8524512 2022-05-13] (Malwarebytes Inc. -> Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R3 DroidCam; C:\Windows\System32\DRIVERS\droidcam.sys [31576 2020-04-24] (DEV47 APPS -> Dev47Apps)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2018-11-29] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2018-11-29] (Disc Soft Ltd -> Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
S3 h647906; C:\Windows\System32\drivers\h647906.sys [63856 2008-08-08] (Shen Zhen Dragon Rise Macro Technology Limited Company -> Your Corporation)
S3 h648101; C:\Windows\System32\drivers\h648101.sys [65776 2008-08-08] (Shen Zhen Dragon Rise Macro Technology Limited Company -> Your Corporation)
S3 h648103; C:\Windows\System32\drivers\h648103.sys [62960 2008-08-08] (Shen Zhen Dragon Rise Macro Technology Limited Company -> Your Corporation)
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [41272 2008-08-08] (Shen Zhen Dragon Rise Macro Technology Limited Company -> Your Corporation)
S3 hid8101; C:\Windows\SysWOW64\drivers\hid8101.sys [43192 2008-08-08] (Shen Zhen Dragon Rise Macro Technology Limited Company -> Your Corporation)
S3 hid8103; C:\Windows\SysWOW64\drivers\hid8103.sys [40856 2008-08-08] (Shen Zhen Dragon Rise Macro Technology Limited Company -> Your Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-05-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239560 2022-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-01-11] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2013-01-11] (MiniTool Solution Ltd -> )
S3 RvNetMP60; C:\Windows\System32\DRIVERS\RvNetMP60.sys [69048 2021-09-21] (Famatech Corp. -> Famatech Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-04-14] () [Archivo no firmado] [El archivo está en uso]
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tpg64win7; C:\Windows\System32\DRIVERS\tpg64win7.sys [648808 2012-02-22] (Realtek Semiconductor Corp -> TP-LINK TECHNOLOGIES CO., LTD)
S3 vjoy; C:\Windows\System32\DRIVERS\vjoy.sys [56560 2015-08-15] (Shaul Eizikovich -> Shaul Eizikovich)
R3 wovad_micarray; C:\Windows\System32\drivers\womic.sys [35696 2017-11-25] (Beijing Wolicheng Technology Co., Ltd. -> Windows (R) Win 7 DDK provider)
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [34016 2014-05-27] (Windows Central Build Account - X -> Microsoft Corporation)
U3 a7b9c01f; no ImagePath
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
U3 aswbdisk; no ImagePath
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 MpKsl1199b774; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4FA05688-FB88-43B2-852A-5121B1F33BA8}\MpKslDrv.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) (Lista blanca) =========
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2022-06-04 14:29 - 2022-06-04 14:30 - 000000000 ____D C:\Users\Pato\Desktop\Farbar
2022-06-04 14:29 - 2022-06-04 14:29 - 000000000 _____ C:\Users\Pato\Downloads\wEkk4S4-.exe.part
2022-06-04 14:29 - 2022-06-04 14:29 - 000000000 _____ C:\Users\Pato\Downloads\aswMBR.exe
2022-06-04 14:23 - 2022-06-04 14:23 - 008551608 _____ (Malwarebytes) C:\Users\Pato\Downloads\AdwCleaner(1).exe
2022-06-04 14:11 - 2022-06-04 14:16 - 000052680 _____ C:\Users\Pato\Downloads\Addition.txt
2022-06-04 14:05 - 2022-06-04 14:16 - 000048665 _____ C:\Users\Pato\Downloads\FRST.txt
2022-06-04 14:05 - 2022-06-04 14:05 - 008551608 _____ (Malwarebytes) C:\Users\Pato\Downloads\AdwCleaner.exe
2022-06-04 13:51 - 2022-06-04 13:51 - 000627600 _____ C:\Users\Pato\Documents\cc_20220604_135150.reg
2022-06-04 13:35 - 2022-06-04 13:35 - 000000000 ___HD C:\Users\Pato\Downloads\.opera
2022-06-04 13:35 - 2022-06-04 13:35 - 000000000 ___HD C:\Users\Pato\.opera
2022-06-04 12:18 - 2022-06-04 12:18 - 000000000 ___HD C:\$Windows.~WS
2022-06-04 11:47 - 2022-06-04 11:47 - 000000000 ____D C:\$WINDOWS.~BT
2022-06-04 11:45 - 2022-06-04 11:45 - 003096328 _____ C:\Users\Pato\Desktop\2ndbackup04062022.rar
2022-06-04 11:44 - 2022-06-04 11:44 - 035405041 _____ C:\Users\Pato\Desktop\bookmarksfirefox04062022.html
2022-06-04 11:44 - 2022-06-04 11:44 - 000093633 _____ C:\Users\Pato\Desktop\bookmarksopera04062022.html
2022-06-03 13:24 - 2022-06-03 13:24 - 000000000 ____D C:\Users\Public\Documents\Catch!
2022-06-03 08:23 - 2022-06-03 08:23 - 000088146 _____ C:\Users\Pato\Desktop\2022.05.01-PRORRATEO PRELIMINAR- FEDERICO LACROZE 2137 - MAYO PRELIMINAR.pdf
2022-06-02 16:29 - 2022-06-02 16:29 - 000109534 _____ C:\Users\Pato\Downloads\2022.05.01-PRORRATEO PRELIMINAR- ACOYTE 673 - MAYO PRELIMINAR.pdf
2022-06-02 16:27 - 2022-06-02 16:28 - 000071747 _____ C:\Users\Pato\Downloads\2022.05.01-PRORRATEO PRELIMINAR- ACOYTE 673 - MAYO PRELIMINAR.xlsx
2022-06-02 16:21 - 2022-06-02 16:21 - 000223440 _____ C:\Users\Pato\Downloads\2022.05.01-PRORRATEO PRELIMINAR- ACOYTE 673 - MAYO PRELIMINAR a.xlsx
2022-06-02 16:21 - 2022-06-02 16:21 - 000223440 _____ C:\Users\Pato\Downloads\2022.05.01-PRORRATEO- ACOYTE 673 - MAYO.xlsx
2022-06-01 17:28 - 2022-06-01 17:44 - 000000000 ____D C:\Windows\system32\appmgmt
2022-05-31 23:11 - 2022-06-01 09:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-05-31 20:54 - 2022-05-31 20:55 - 001232764 _____ C:\Users\Pato\Documents\cc_20220531_205447.reg
2022-05-31 16:07 - 2022-05-31 16:07 - 000027643 _____ C:\Users\Pato\Documents\20363197869-constancia cuit afip.pdf
2022-05-31 14:03 - 2022-05-31 14:03 - 000000520 _____ C:\Users\Pato\Desktop\Asistente de soporte y recuperación de Microsoft.appref-ms
2022-05-31 12:00 - 2022-05-31 12:05 - 000000000 ____D C:\Users\Pato\AppData\Roaming\DFXCT
2022-05-31 11:25 - 2022-05-31 15:33 - 000000000 ____D C:\Users\Pato\AppData\Local\SaraResults
2022-05-31 10:55 - 2022-05-31 14:05 - 000000000 ____D C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
2022-05-31 10:55 - 2022-05-31 10:55 - 000000000 ____D C:\Users\Pato\AppData\Local\SaRALogs
2022-05-25 17:28 - 2022-05-25 17:28 - 000223176 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-05-12 21:27 - 2022-06-04 13:35 - 000004048 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1616187668
2022-05-08 19:05 - 2022-05-08 19:05 - 000001079 _____ C:\Users\Public\Desktop\Free Alarm Clock.lnk
2022-05-08 19:05 - 2022-05-08 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock
2022-05-08 19:05 - 2022-05-08 19:05 - 000000000 ____D C:\Program Files (x86)\FreeAlarmClock
2022-05-08 19:03 - 2022-05-08 19:03 - 004721088 _____ (Comfort Software Group ) C:\Users\Pato\Desktop\FreeAlarmClockSetup.exe
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2022-06-04 14:29 - 2016-02-03 12:19 - 000000000 ____D C:\FRST
2022-06-04 14:23 - 2022-02-09 11:34 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-06-04 14:22 - 2017-02-17 18:11 - 000000000 ____D C:\Users\Pato\AppData\Roaming\discord
2022-06-04 14:22 - 2016-11-18 09:13 - 000000000 ____D C:\Users\Pato\AppData\LocalLow\Mozilla
2022-06-04 14:20 - 2014-03-12 09:33 - 000000000 ____D C:\AdwCleaner
2022-06-04 14:15 - 2013-02-16 16:26 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-04 14:05 - 2009-07-14 01:45 - 000028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-06-04 14:05 - 2009-07-14 01:45 - 000028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-06-04 13:45 - 2013-03-01 12:55 - 000000000 ____D C:\Program Files\CCleaner
2022-06-04 13:44 - 2017-02-17 18:11 - 000000000 ____D C:\Users\Pato\AppData\Local\Discord
2022-06-04 13:37 - 2019-10-03 09:09 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-06-04 13:35 - 2013-02-16 16:09 - 000000000 ____D C:\Users\Pato
2022-06-04 13:28 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-06-04 13:27 - 2021-11-27 18:25 - 000000000 ____D C:\Program Files (x86)\StarCraft II
2022-06-04 13:27 - 2020-05-27 23:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WarCraft III
2022-06-04 13:27 - 2018-05-10 23:11 - 000000000 ____D C:\Program Files (x86)\StarCroft
2022-06-04 13:27 - 2016-06-27 22:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2016
2022-06-04 13:27 - 2013-12-13 07:10 - 000000000 ____D C:\Program Files (x86)\Battle.net
2022-06-04 13:27 - 2013-03-05 11:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2022-06-04 13:27 - 2013-02-18 01:17 - 000000000 ____D C:\Users\Pato\Desktop\EVERYTHING
2022-06-04 13:27 - 2013-02-17 15:44 - 000000000 ____D C:\PCSX2 1.0.0
2022-06-04 13:26 - 2022-04-23 15:44 - 000000000 ____D C:\Program Files (x86)\International GunZ
2022-06-04 13:26 - 2022-02-14 18:42 - 000000000 ____D C:\Users\Pato\Desktop\Formulario para atención de usuarios Argentina.gob.ar_archivos
2022-06-04 13:26 - 2022-02-14 18:42 - 000000000 ____D C:\Users\Pato\Desktop\Formulario para atención de usuarios Argentina.gob.ar 1_archivos
2022-06-04 13:26 - 2021-11-27 22:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheating-Death
2022-06-04 13:26 - 2021-11-27 18:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2022-06-04 13:26 - 2021-11-27 18:25 - 000000000 ____D C:\Users\Pato\Documents\StarCraft II
2022-06-04 13:26 - 2021-11-02 21:33 - 000000000 ____D C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-06-04 13:26 - 2021-06-02 12:39 - 000000000 ____D C:\Users\Pato\Documents\PCSX2
2022-06-04 13:26 - 2021-05-22 10:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Compressor
2022-06-04 13:26 - 2021-05-22 10:46 - 000000000 ____D C:\Program Files (x86)\Free Video Compressor
2022-06-04 13:26 - 2021-04-27 13:48 - 000000000 ____D C:\SNES9x v1.53-1240
2022-06-04 13:26 - 2021-03-25 16:30 - 000000000 ____D C:\Users\Pato\Documents\My Cheat Tables
2022-06-04 13:26 - 2021-01-25 18:51 - 000000000 ____D C:\Warframe
2022-06-04 13:26 - 2021-01-25 18:50 - 000000000 ____D C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warframe
2022-06-04 13:26 - 2020-05-19 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker
2022-06-04 13:26 - 2020-05-19 20:02 - 000000000 ____D C:\Program Files (x86)\Tracker
2022-06-04 13:26 - 2020-04-08 17:57 - 000000000 ____D C:\Users\Pato\AppData\Roaming\Zoom
2022-06-04 13:26 - 2019-07-19 17:03 - 000000000 ____D C:\Program Files (x86)\NirSoft
2022-06-04 13:26 - 2018-08-09 20:39 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2022-06-04 13:26 - 2018-05-10 23:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft
2022-06-04 13:26 - 2018-02-19 16:13 - 000000000 ____D C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\maxima-5.38.1
2022-06-04 13:26 - 2016-11-29 16:47 - 000000000 ____D C:\Users\Pato\Desktop\EVERYTHING 2
2022-06-04 13:26 - 2016-10-28 16:53 - 000000000 ____D C:\Program Files (x86)\ePub Reader for Windows
2022-06-04 13:26 - 2016-09-08 14:20 - 000000000 ____D C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2022-06-04 13:26 - 2016-08-20 01:19 - 000000000 ____D C:\Program Files (x86)\BANDAI NAMCO Games
2022-06-04 13:26 - 2016-03-19 12:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2022-06-04 13:26 - 2016-03-19 11:40 - 000000000 ____D C:\Users\Pato\Documents\Heroes of the Storm
2022-06-04 13:26 - 2016-03-19 11:40 - 000000000 ____D C:\Program Files (x86)\Heroes of the Storm
2022-06-04 13:26 - 2016-02-04 23:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-06-04 13:26 - 2015-02-15 19:17 - 000000000 ____D C:\Users\Pato\Documents\Assassin's Creed IV Black Flag
2022-06-04 13:26 - 2014-12-06 18:13 - 000000000 ____D C:\Program Files\Valve
2022-06-04 13:26 - 2014-10-06 17:22 - 000000000 ____D C:\Program Files (x86)\Freemake
2022-06-04 13:26 - 2014-05-08 20:32 - 000000000 ____D C:\Program Files (x86)\Child of Light
2022-06-04 13:26 - 2014-04-14 17:12 - 000000000 ____D C:\Games
2022-06-04 13:26 - 2014-04-14 15:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
2022-06-04 13:26 - 2014-04-14 15:54 - 000000000 ____D C:\Program Files (x86)\Diablo II
2022-06-04 13:26 - 2014-03-25 18:21 - 000000000 ____D C:\th135
2022-06-04 13:26 - 2014-02-03 18:04 - 000000000 ____D C:\Program Files (x86)\Lame For Audacity
2022-06-04 13:26 - 2014-01-09 08:51 - 000000000 ____D C:\Program Files (x86)\Firefall
2022-06-04 13:26 - 2013-12-13 07:11 - 000000000 ____D C:\Users\Pato\AppData\Roaming\Battle.net
2022-06-04 13:26 - 2013-12-13 07:11 - 000000000 ____D C:\Users\Pato\AppData\Local\Battle.net
2022-06-04 13:26 - 2013-12-13 07:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2022-06-04 13:26 - 2013-08-14 18:13 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2022-06-04 13:26 - 2013-07-19 17:44 - 000000000 ____D C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Magicka
2022-06-04 13:26 - 2013-07-19 17:43 - 000000000 ____D C:\Program Files (x86)\Magicka
2022-06-04 13:26 - 2013-05-14 18:51 - 000000000 ____D C:\Program Files (x86)\JDownloader
2022-06-04 13:26 - 2013-05-11 23:12 - 000000000 ____D C:\Users\Pato\AppData\Roaming\IrfanView
2022-06-04 13:26 - 2013-04-15 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frontier Aja
2022-06-04 13:26 - 2013-04-15 16:59 - 000000000 ____D C:\Program Files (x86)\Frontier Aja
2022-06-04 13:26 - 2013-04-02 20:03 - 000000000 ____D C:\Program Files (x86)\SPlayer
2022-06-04 13:26 - 2013-03-19 01:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
2022-06-04 13:26 - 2013-03-09 23:29 - 000000000 ____D C:\Program Files (x86)\Bethesda Softworks
2022-06-04 13:26 - 2013-03-05 11:16 - 000000000 ____D C:\Program Files (x86)\Nero
2022-06-04 13:26 - 2013-03-01 12:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-06-04 13:26 - 2013-02-28 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
2022-06-04 13:26 - 2013-02-28 19:00 - 000000000 ____D C:\Program Files (x86)\MagicISO
2022-06-04 13:26 - 2013-02-18 11:59 - 000000000 ____D C:\Users\Pato\Desktop\ST
2022-06-04 13:26 - 2013-02-17 21:48 - 000000000 ____D C:\Program Files (x86)\NAMCO BANDAI Games
2022-06-04 13:26 - 2013-02-17 21:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2022-06-04 13:26 - 2013-02-16 22:59 - 000000000 ____D C:\Users\Pato\Documents\My Games
2022-06-04 13:26 - 2013-02-16 21:22 - 000000000 ____D C:\Program Files (x86)\KONAMI
2022-06-04 13:26 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2022-06-04 13:25 - 2013-02-16 16:10 - 000000000 ____D C:\Windows\SoftwareDistribution.old
2022-06-04 13:25 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\registration
2022-06-04 12:19 - 2013-02-17 00:02 - 000000000 ____D C:\Windows\Panther
2022-06-01 18:16 - 2021-07-10 13:34 - 000000000 ____D C:\Users\Pato\AppData\Roaming\NCH Software
2022-06-01 18:16 - 2014-12-08 16:42 - 000000000 ____D C:\Program Files (x86)\UltraISO
2022-06-01 18:05 - 2009-07-14 02:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2022-06-01 17:51 - 2014-08-17 07:55 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2022-06-01 17:49 - 2017-07-28 18:11 - 000000000 ____D C:\Users\Pato\AppData\Local\CrashDumps
2022-06-01 17:39 - 2017-04-22 20:29 - 000000000 ____D C:\Program Files\Free PDF to Word Converter
2022-06-01 17:37 - 2021-11-27 22:06 - 000000000 ____D C:\Program Files (x86)\Cheating-Death
2022-06-01 17:30 - 2018-06-29 13:15 - 000000000 ____D C:\Users\Pato\Desktop\Materias
2022-06-01 16:34 - 2016-11-27 19:31 - 000000000 ____D C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-06-01 09:23 - 2021-07-20 09:03 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-06-01 00:16 - 2017-11-30 14:52 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-05-31 14:53 - 2016-02-13 19:08 - 000000000 ____D C:\Users\Pato\AppData\Local\Deployment
2022-05-31 14:23 - 2020-04-04 01:46 - 000000000 ____D C:\Program Files\Microsoft Office
2022-05-31 14:23 - 2009-07-14 00:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2022-05-31 12:48 - 2020-08-18 23:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2022-05-31 12:46 - 2020-08-18 23:17 - 000000000 ____D C:\Program Files\AutoHotkey
2022-05-31 12:46 - 2020-04-04 02:00 - 000000000 ____D C:\Program Files (x86)\Teams Installer
2022-05-25 17:30 - 2020-04-04 02:01 - 000000000 ___RD C:\Users\Pato\OneDrive
2022-05-25 11:31 - 2021-06-21 19:23 - 000000000 ____D C:\Users\Pato\AppData\Roaming\flashpoint-launcher
2022-05-13 18:45 - 2022-02-21 12:16 - 000001908 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-05-13 18:45 - 2020-08-02 20:17 - 000001920 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-05-13 18:41 - 2017-11-30 14:25 - 000000000 ____D C:\Program Files\Malwarebytes
2022-05-13 18:41 - 2014-05-13 15:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-05-12 21:39 - 2017-11-30 14:52 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-05-12 09:35 - 2015-12-21 01:28 - 000000000 ____D C:\Windows\system32\MRT
2022-05-12 09:24 - 2013-03-16 11:54 - 145501456 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-05-09 08:16 - 2009-07-14 02:08 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
==================== Archivos en la raíz de algunos directorios ========
2018-05-15 14:07 - 2018-05-22 12:53 - 000000033 _____ () C:\Users\Pato\AppData\Roaming\AdobeWLCMCache.dat
2017-09-17 18:10 - 2018-08-12 20:45 - 000003584 _____ () C:\Users\Pato\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-28 10:13 - 2018-09-28 10:13 - 000000000 _____ () C:\Users\Pato\AppData\Local\oobelibMkey.log
2014-03-29 13:36 - 2014-03-29 13:36 - 000000218 _____ () C:\Users\Pato\AppData\Local\recently-used.xbel
2014-02-23 17:32 - 2018-12-22 16:01 - 000007597 _____ () C:\Users\Pato\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
LastRegBack: 2022-05-27 00:38
==================== Final de FRST.txt ========================
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 04-06-2022 01
Ejecutado por Pato (04-06-2022 14:31:15)
Ejecutado desde C:\Users\Pato\Desktop\Farbar
Microsoft Windows 7 Ultimate Service Pack 1 (X64) (2013-02-16 19:09:16)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
(Si una entrada es incluida en el fixlist, será eliminada.)
Administrador (S-1-5-21-482052857-3487469296-3382205014-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-482052857-3487469296-3382205014-1002 - Limited - Enabled)
Invitado (S-1-5-21-482052857-3487469296-3382205014-501 - Limited - Disabled)
Pato (S-1-5-21-482052857-3487469296-3382205014-1000 - Administrator - Enabled) => C:\Users\Pato
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Asistente de soporte y recuperación de Microsoft (HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\a1a734b8150c1d83) (Version: 17.0.8503.9 - Microsoft Corporation)
AutoHotkey 1.1.33.02 (HKLM\...\AutoHotkey) (Version: 1.1.33.02 - Lexikos)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 6.00 - Piriform)
CodeBlocks (HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\CodeBlocks) (Version: 17.12 - The Code::Blocks Team)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0650 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\Discord) (Version: 0.0.309 - Discord Inc.)
DivX Setup (HKLM\...\DivX Setup) (Version: 3.0.0.141 - DivX, LLC)
DroidCam Client (HKLM-x32\...\DroidCam) (Version: 6.3.3 - Dev47apps)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ePub Reader for Windows versión 5.3 (HKLM-x32\...\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1) (Version: 5.3 - HANSoft, Inc.)
f.lux (HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\Flux) (Version: - f.lux Software LLC)
ffdshow (remove only) (HKLM-x32\...\ffdshow) (Version: - )
FlexHEX version 2.7 (HKLM-x32\...\FlexHEX_is1) (Version: 2.7 - Inv Softworks LLC)
FormatFactory 3.3.3.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.3.0 - Format Factory)
Free Alarm Clock (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 5.2.0.0 - Comfort Software Group)
Free Video Compressor (HKLM-x32\...\{01554C33-4131-4BC7-9E6D-AF85E02BDF4F}_is1) (Version: - freevideocompressor.com)
Freemake Video Converter versión 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.156.0 - International GeoGebra Institute)
GeoGebra Classic (HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\GeoGebra_6) (Version: 6.0.489 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 102.0.5005.63 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Half-Life (HKLM-x32\...\Half-Life_is1) (Version: Half-Life - No Steam - KingSOFT DVD)
Hero Editor V1.04 (HKLM-x32\...\ST6UNST #1) (Version: - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
International GunZ Installer (HKLM-x32\...\{F5F73DCD-B812-4FD3-B0B9-C1022739864F}) (Version: 1.2.2.0 - International GunZ)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
K-Lite Codec Pack 9.8.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.8.0 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version: - )
Malwarebytes version 4.5.9.198 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.9.198 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
MiKTeX 2.9 (HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MiniTool Partition Wizard Home Edition 7.7 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Mnemosyne 2.8 (HKLM-x32\...\Mnemosyne_is1) (Version: - )
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 es-AR) (HKLM\...\Mozilla Firefox 101.0 (x64 es-AR)) (Version: 101.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.1 - Mozilla)
MPC-HC 1.6.6.6957 (3975d54) (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.6.6957 - MPC-HC Team)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Multi-Timer Ultimate 2.51 (HKLM-x32\...\Multi-Timer Ultimate_is1) (Version: - Johannes Wallroth)
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version: - )
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 8.1.5 - Notepad++ Team)
OpenShot Video Editor versión 2.5.1 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.5.1 - OpenShot Studios, LLC)
Opera GX Stable 86.0.4363.64 (HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\Opera GX 86.0.4363.64) (Version: 86.0.4363.64 - Opera Software)
Opera GX Stable 86.0.4363.70 (HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\Opera GX 86.0.4363.70) (Version: 86.0.4363.70 - Opera Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.97.1001.2015 - Realtek)
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Stashimi Stub Installer (HKLM-x32\...\{910B539D-F257-46C8-9CB8-6C95EFF9CF22}) (Version: 18.001.1 - Nero AG) Hidden
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.362 - Microsoft Corporation)
Tracker (HKLM-x32\...\OSP Tracker) (Version: 5.1.5 - Open Source Physics)
USB Network Driver (HKLM-x32\...\{66ED8E01-C915-41F5-B33E-C5C31F27B885}) (Version: V3.70a - )
USB Vibration Joystick (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - )
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VIA Administrador de dispositivos de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
vJoy Device Driver 0.2.1.6 (HKLM\...\{8E31F76F-74C3-47F1-9550-E041EEDC5FBB}_is1) (Version: 0.2.1.6 - Shaul Eizikovich)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Warframe (HKLM-x32\...\{61E16878-258F-429D-A1D0-4E3E5D183BB5}) (Version: 1.0.0 - Digital Extremes)
Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.14000 - Nero AG) Hidden
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinZip 15.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )
WO Mic Client (HKLM-x32\...\WOMic) (Version: - )
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
X-Mouse Button Control 2.18.2 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.18.2 - Highresolution Enterprises)
YAWLE 0.5b (HKLM-x32\...\Yawle_0.3b) (Version: - )
YoloMouse (HKLM\...\{0BD95EA1-50C1-4841-869E-25B3AC863A26}) (Version: 0.8.1.0 - HaPpY)
Zoom (HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\ZoomUMX) (Version: 5.8.3 (1581) - Zoom Video Communications, Inc.)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
CustomCLSID: HKU\S-1-5-21-482052857-3487469296-3382205014-1000_Classes\CLSID\{6514CF27-CAB1-4577-81A9-EC81618C5003}\InprocServer32 -> C:\Program Files (x86)\FlexHEX\FlexCtx64.dll (Inv Softworks LLC -> Inv Softworks LLC)
CustomCLSID: HKU\S-1-5-21-482052857-3487469296-3382205014-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2021-02-13] (Notepad++ -> )
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [Archivo no firmado]
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2011-03-15] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [Archivo no firmado]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2011-03-15] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [Archivo no firmado]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2011-03-15] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers1_S-1-5-21-482052857-3487469296-3382205014-1000: [FlexHEX Menu] -> {6514CF27-CAB1-4577-81A9-EC81618C5003} => C:\Program Files (x86)\FlexHEX\FlexCtx64.dll [2018-06-30] (Inv Softworks LLC -> Inv Softworks LLC)
==================== Codecs (Lista blanca) ====================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Drivers32-x32: [vidc.iv50] => C:\PROGRA~2\SPlayer\ir50_32.dll
HKLM\...\Drivers32: [vidc.ffds] => C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax [1761280 2004-10-12] () [Archivo no firmado]
==================== Accesos directos & WMI ========================
(Las entradas pueden ser listadas para ser restauradas o eliminadas.)
Shortcut: C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\maxima-5.38.1\Configure default LISP for Maxima.lnk -> C:\maxima-5.38.1\bin\lispselector.bat (Ningún archivo)
Shortcut: C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\maxima-5.38.1\Maxima (command line).lnk -> C:\maxima-5.38.1\bin\maxima.bat (Ningún archivo)
Shortcut: C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\maxima-5.38.1\XMaxima (simple GUI).lnk -> C:\maxima-5.38.1\bin\xmaxima.bat (Ningún archivo)
==================== Módulos cargados (Lista blanca) =============
2010-11-18 20:08 - 2010-11-18 20:08 - 000086016 _____ (Igor Pavlov) [Archivo no firmado] D:\Program Files\7-Zip\7-zip.dll
2013-02-28 19:00 - 2008-05-22 22:25 - 000043520 _____ (MagicISO, Inc.) [Archivo no firmado] C:\Program Files (x86)\MagicISO\misosh64.dll
==================== Alternate Data Streams (Lista blanca) ========
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer (Versión 11) (Lista blanca) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-12-15] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-12-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Aplicación auxiliar de inicio de sesión en la cuenta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - Ningún archivo
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - Ningún archivo
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - Ningún archivo
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - Ningún archivo
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - Ningún archivo
(Si una entrada es incluida en el fixlist, será eliminada del registro.)
IE trusted site: HKU\S-1-5-21-482052857-3487469296-3382205014-1000\...\sharepoint.com -> hxxps://insptutneduar-files.sharepoint.com
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2009-07-13 23:34 - 2009-06-10 18:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
HKU\S-1-5-21-482052857-3487469296-3382205014-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: Update webget => 2
MSCONFIG\Services: Util webget => 2
MSCONFIG\Services: WMPNetworkSvc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HandyAndy.lnk => C:\Windows\pss\HandyAndy.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Pato^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OUTLOOK.EXE => C:\Windows\pss\OUTLOOK.EXE.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Chromium => "c:\users\pato\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session
MSCONFIG\startupreg: com.squirrel.Teams.Teams => C:\Users\Pato\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EpicGamesLauncher => "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
MSCONFIG\startupreg: f.lux => "C:\Users\Pato\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: RadminVPN => "C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe" /minimized
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: UPlayLoader => C:\Users\Pato\AppData\Roaming\UPlayLoader.exe
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [{B317C595-ADAA-419E-AA04-C5B57AC90C66}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe (Nero AG -> Nero AG)
FirewallRules: [{AF8EAB99-5E97-4CB7-A988-ADD5D729FC2F}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe (Nero AG -> Nero AG)
FirewallRules: [TCP Query User{B9DFAC50-376A-4E7E-BD17-D0DB1AA1362F}C:\program files (x86)\valve\half-life\hl.exe] => (Allow) C:\program files (x86)\valve\half-life\hl.exe (Valve) [Archivo no firmado]
FirewallRules: [UDP Query User{BFCBC9F9-2E91-4EF8-9CCD-209F039EEB2B}C:\program files (x86)\valve\half-life\hl.exe] => (Allow) C:\program files (x86)\valve\half-life\hl.exe (Valve) [Archivo no firmado]
FirewallRules: [TCP Query User{1D3EC1D8-4141-4B0F-86CB-D7FFDFB592A1}C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe] => (Allow) C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe (Nero AG -> Nero AG)
FirewallRules: [UDP Query User{9F3BCE5B-6762-4950-AB2F-239DF175D882}C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe] => (Allow) C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe (Nero AG -> Nero AG)
FirewallRules: [{4BD44338-7818-47E9-8EBA-9B68C5A1661F}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{4F5EBF28-717A-4EF1-A54D-1069CC3F7986}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{41C6D3D7-6500-4F51-9509-BC99C90DB18B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{CA0AAE92-79A6-4510-9275-1000A0AFC3CF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{26963E97-41CE-4E65-95A0-4561ECC31E01}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{B71FFAEA-F658-4B95-A613-7AC31099E2E0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{F07C1F5D-42AC-46FB-9362-128D019B2E96}] => (Allow) C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013_100.exe (Konami Digital Entertainment Co., Ltd.) [Archivo no firmado]
FirewallRules: [{E04F6326-6204-49C3-AC3B-E45BF210CD26}] => (Allow) C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013_100.exe (Konami Digital Entertainment Co., Ltd.) [Archivo no firmado]
FirewallRules: [{3FCD27C9-F2D5-4F31-8128-CB9389311090}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E31F97C9-2053-450E-BF0A-51B62EEC1487}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{17AF8ED0-3F81-43EE-BF2C-C290D40F750B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A5499914-2D45-4C8A-97FE-153072172605}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\StartNBR.exe (Nero AG -> Nero AG)
FirewallRules: [{E6248984-39DC-40E1-B5EB-3972E9AEE64D}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe (Nero AG -> Nero AG)
FirewallRules: [{6F3CA005-ED53-4A22-8AAF-5CDE1107D0E9}] => (Allow) C:\Program Files (x86)\Nero\KM\MediaHome.exe (Nero AG -> Nero AG)
FirewallRules: [{D7D8263C-87BF-4739-8CCE-FD7E7444CCB0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FBA8C345-F400-4D50-9E8D-B83E571EDFFF}] => (Allow) LPort=2869
FirewallRules: [{93651A7F-4113-4308-8CA4-0C43B2584A19}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{656C255F-E817-40E0-AD7E-8B373FB5A158}C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{947D8881-C737-41CF-B4A9-25073C374889}C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{7D292005-9E2E-49E0-8479-2DDD3765A49C}] => (Block) C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{F937DC6B-D489-4A75-92BA-09028D86CB38}] => (Block) C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{3015F648-9558-4FEF-9BDB-C51C6A57E5AE}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [Archivo no firmado]
FirewallRules: [{3FB7E181-724A-447A-8016-8107E6309198}] => (Allow) LPort=4950
FirewallRules: [{ED2813FF-5FED-4589-8255-10908AF27E13}] => (Allow) LPort=443
FirewallRules: [{025748E8-9C6B-4375-B83C-E434911EEBF1}] => (Allow) LPort=443
FirewallRules: [{7946578E-FD20-476E-9F9F-DA3D4B9F5AE6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{42E40672-C902-4528-9980-15444846114D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{448B31E4-B7A4-433B-96D1-6782DE3CFB43}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{2A091CBF-B51A-4630-B2DD-F5BC1C0D1A3F}C:\program files (x86)\heroes of the storm\versions\base72649\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base72649\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{96C037B8-76EC-41A1-B353-71075F9697AC}C:\program files (x86)\heroes of the storm\versions\base72649\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base72649\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{1696B94A-31A6-4A05-BA42-8DDC6DE14E65}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{AD58927D-30F6-4CE1-9780-CC9520AD1223}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{5F174A67-D0B8-4115-8EDA-C3980E9A6104}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{96096FDE-2C04-43BE-9B2A-2D9DE3DE3F4C}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{89BB6CA8-11F4-42A6-B82D-A0DC89241737}] => (Allow) C:\Users\Pato\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1DAAAB6D-A97F-44C5-8D7C-4655CB69A0A8}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{BE0B00AA-3D93-435C-BB6D-6646EF1259A6}C:\program files (x86)\tracker\jre\bin\java.exe] => (Allow) C:\program files (x86)\tracker\jre\bin\java.exe
FirewallRules: [UDP Query User{D08D7310-48F2-4E2E-9373-608673947ECE}C:\program files (x86)\tracker\jre\bin\java.exe] => (Allow) C:\program files (x86)\tracker\jre\bin\java.exe
FirewallRules: [{9E1BF09A-0193-4BCE-B77A-FB665F233ECF}] => (Allow) LPort=6112
FirewallRules: [{8D846872-1FDB-4641-9A75-2D6B161E8C27}] => (Allow) LPort=6112
FirewallRules: [{95FDBEFF-82FB-4229-9E5A-A501D9123936}] => (Allow) LPort=4000
FirewallRules: [{29F4B8F2-557E-4CCE-A932-880518D54DAA}] => (Allow) LPort=4000
FirewallRules: [{37B76B7C-CCFE-4F90-AEC3-149E76C15DC6}] => (Allow) C:\Program Files\OpenShot Video Editor\openshot-qt.exe (OpenShot Studios, LLC) [Archivo no firmado]
FirewallRules: [{CC07EDB1-6294-47AB-BFE8-7EA7432ABE86}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\nero.exe (Nero AG -> Nero AG)
FirewallRules: [{26C077A0-345D-4837-8109-A9CB52C35050}] => (Allow) C:\Users\Pato\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{538A8C99-BFE8-4027-8B57-366E5A1E00BD}] => (Allow) C:\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{2BB2D4D9-BFD2-4DAC-B2BE-AD95870AD9CE}] => (Allow) C:\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{9585137B-F7BB-4DCC-B662-72B4FC5C7802}] => (Allow) C:\Users\Pato\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{30695D5E-CAE9-4B86-AF6D-A34A25BE6378}] => (Allow) C:\Users\Pato\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{E0403F6C-0E20-4929-9002-14E60D20E856}] => (Allow) C:\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{C651ADA3-C0C3-4A08-8662-FFF710904169}] => (Allow) C:\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{7E48D0CF-0174-47E1-B6B9-4106A4CDD908}] => (Allow) C:\Users\Pato\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{6B62DCC2-E666-4E2B-9E16-314C70F84941}] => (Allow) C:\Program Files\OpenShot Video Editor\openshot-qt.exe (OpenShot Studios, LLC) [Archivo no firmado]
FirewallRules: [TCP Query User{267B9261-B594-4BFB-BAC7-7EB4D98DC2CE}C:\program files (x86)\mnemosyne\mnemosyne.exe] => (Allow) C:\program files (x86)\mnemosyne\mnemosyne.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{FFBE34C7-E4C8-4B29-A4DD-929620EE843B}C:\program files (x86)\mnemosyne\mnemosyne.exe] => (Allow) C:\program files (x86)\mnemosyne\mnemosyne.exe () [Archivo no firmado]
FirewallRules: [{AEF9E817-2F07-4806-8837-C94ED9D66667}] => (Block) C:\program files (x86)\mnemosyne\mnemosyne.exe () [Archivo no firmado]
FirewallRules: [{96D0072B-A110-411F-8326-4F9A9FE9D7E7}] => (Block) C:\program files (x86)\mnemosyne\mnemosyne.exe () [Archivo no firmado]
FirewallRules: [{80E878EA-F650-4795-BB2B-426C4650A728}] => (Allow) C:\Users\Pato\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B8ADCFA3-76A0-458B-8B08-464BDB2766BD}] => (Allow) LPort=27015
FirewallRules: [TCP Query User{D73A08FC-8A14-4A8C-82A3-DA814D20B22C}C:\users\pato\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\pato\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{1B152A2F-4B64-4353-A89B-219DBAF9ED44}C:\users\pato\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\pato\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{B315C64C-5418-45B4-B9EC-B42BC61B75F1}] => (Block) C:\users\pato\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{DA0759FA-F04D-4862-956C-F872161750DA}] => (Block) C:\users\pato\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{92870FF9-7F06-4223-95E6-A3DEB638175A}C:\program files (x86)\starcraft ii\versions\base87702\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base87702\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{ADBAED1C-346E-4BCC-A2B2-F833AAD042AC}C:\program files (x86)\starcraft ii\versions\base87702\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base87702\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{C4B3E3A2-6674-461C-8D4C-8348352618C3}] => (Block) C:\program files (x86)\starcraft ii\versions\base87702\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{AE4A419F-1DAE-410D-8BB0-ACF298861AC7}] => (Block) C:\program files (x86)\starcraft ii\versions\base87702\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{6FE9EB81-8D27-4409-A2B8-1749B801851B}C:\program files (x86)\international gunz\client\gunz.exe] => (Allow) C:\program files (x86)\international gunz\client\gunz.exe (International GunZ) [Archivo no firmado]
FirewallRules: [UDP Query User{379A1025-2B53-4366-A758-97207D5E65CB}C:\program files (x86)\international gunz\client\gunz.exe] => (Allow) C:\program files (x86)\international gunz\client\gunz.exe (International GunZ) [Archivo no firmado]
FirewallRules: [{F44ADF2D-3FFC-484B-813B-05EC0552F604}] => (Block) C:\program files (x86)\international gunz\client\gunz.exe (International GunZ) [Archivo no firmado]
FirewallRules: [{E79B0282-AD6B-403F-AACD-7F25C8ED212F}] => (Block) C:\program files (x86)\international gunz\client\gunz.exe (International GunZ) [Archivo no firmado]
FirewallRules: [{2EC600A3-790E-4C63-9429-F0AC8DEFC4F9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Puntos de Restauración =========================
01-06-2022 18:16:56 Removed Warframe
03-06-2022 13:43:32 Windows Update
04-06-2022 13:11:09 Operación de restauración
04-06-2022 14:04:11 Windows Update
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
Name: AQ436N82 IDE Controller
Description: AQ436N82 IDE Controller
Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard mass storage controllers)
Service: a7b9c01f
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (06/04/2022 02:29:45 PM) (Source: VSS) (EventID: 12297) (User: )
Description: Error del Servicio de instantáneas de volumen: no se pueden vaciar las escrituras de E/S durante el período de creación de la instantánea en el volumen \\?\Volume{b12a5a45-78c7-11e2-9264-806e6f6e6963}\.
El índice del volumen en el conjunto de instantánea es 0. Detalles del error: Open[0x00000000, La operación se completó correctamente.
], Flush[0x80042302, Un componente del Servicio de instantáneas de volumen detectó un error inesperado.
Consulte el registro de eventos de la aplicación para obtener más información.
], Release[0x00000000, La operación se completó correctamente.
], OnRun[0x00000000, La operación se completó correctamente.
].
Operación:
Ejecutando operación asincrónica
Contexto:
Estado actual: DoSnapshotSet
Error: (06/04/2022 02:29:45 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado DeviceIoControl(\\?\Volume{b12a5a45-78c7-11e2-9264-806e6f6e6963} - 0000000000000244,0x0053c000,0000000000463240,0,0000000000464250,4096,[0]). HR = 0x80070005, Acceso denegado.
.
Operación:
Ejecutando operación asincrónica
Contexto:
Estado actual: calling flush-and-hold IOCTL
Estado actual: flush-and-hold writes
Nombre del volumen: \\?\Volume{b12a5a45-78c7-11e2-9264-806e6f6e6963}\
Error: (06/04/2022 02:24:22 PM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: No se pudo iniciar el servicio de protección de software. 0xD000010A
6.1.7601.17514
Error: (06/04/2022 01:09:22 PM) (Source: System Restore) (EventID: 8206) (User: )
Description: El punto de restauración seleccionado se dañó o eliminó durante la restauración (Removed International GunZ Installer).
Error: (06/04/2022 12:46:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Los Servicios de cifrado no pudieron inicializar la base de datos del catálogo. El error ESENT era: -543.
Error: (06/04/2022 12:46:02 PM) (Source: ESENT) (EventID: 454) (User: )
Description: Catalog Database (960) Catalog Database: Error inesperado al recuperar o restaurar la base de datos -543.
Error: (06/04/2022 12:46:02 PM) (Source: ESENT) (EventID: 452) (User: )
Description: Catalog Database (960) Catalog Database: La base de datos C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb requiere los archivos de registro 1155-1166, para recuperarse correctamente. El proceso de recuperación sólo encontró los archivos de registro a partir del 1160.
Error: (06/01/2022 05:49:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: firefox.exe, versión: 101.0.0.8181, marca de tiempo: 0x628ff7f7
Nombre del módulo con errores: xul.dll, versión: 101.0.0.8181, marca de tiempo: 0x628ff95e
Código de excepción: 0x80000003
Desplazamiento de errores: 0x00000000044f3bb8
Id. del proceso con errores: 0x1518
Hora de inicio de la aplicación con errores: 0x01d875b265b98ea6
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Mozilla Firefox\xul.dll
Id. del informe: 5a174660-e1ec-11ec-b67e-30b5c2008a06
Errores del sistema:
=============
Error: (06/04/2022 02:24:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Protección de software se cerró con el siguiente error:
Acceso denegado.
Error: (06/04/2022 02:22:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Acrobat Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (06/04/2022 02:22:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AdobeUpdateService se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (06/04/2022 02:22:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Genuine Monitor Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (06/04/2022 02:22:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Genuine Software Integrity Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (06/04/2022 02:22:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Bonjour Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 500 milisegundos: Reiniciar el servicio.
Error: (06/04/2022 02:22:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio VIA Karaoke digital mixer Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (06/04/2022 02:22:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Live ID Sign-in Assistant terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.
==================== Información de la memoria ===========================
BIOS: American Megatrends Inc. 0608 08/10/2012
Placa base: ASUSTeK COMPUTER INC. P8H61-M LX3 R2.0
Procesador: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Porcentaje de memoria en uso: 69%
RAM física total: 7113.84 MB
RAM física disponible: 2153.52 MB
Virtual total: 14225.83 MB
Virtual disponible: 8412.16 MB
==================== Unidades ================================
Drive c: () (Fixed) (Total:361.12 GB) (Free:246.02 GB) (Model: WDC WD5000AAKX-00ERMA0 ATA Device) NTFS
Drive d: (Datos) (Fixed) (Total:52.09 GB) (Free:20.44 GB) (Model: WDC WD5000AAKX-00ERMA0 ATA Device) NTFS
\\?\Volume{b12a5a44-78c7-11e2-9264-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 106BA9D7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=361.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=52.1 GB) - (Type=0F Extended)
==================== Final de Addition.txt =======================