Creo que tengo malware en el PC

Fernando_Gimenez · 30 Julio, 2020 16:02

Buenas tardes, a continuación expongo mi caso:

El pasado dia 27 de julio pasé el Malwarebytes actualizado y me puso en cuarentena el siguiente troyano: Trojan.Agent.Autolt.Generic.

He vuelto a pasar el Malwarebytes en modo Analisis Avanzado los siguientes dias 28 y 29 y no me detecta ningun virus. También he escaneado el PC con el Windows Defender el cual tampoco ha detectado ninguna amenaza.

El caso es que a dia de hoy el puntero hace movimientos extraños, por lo que intuyo que debo tener algo de malware o que me están monitorizando.

Alguna recomendación? Gracias y un saludo.

JavierHF · 30 Julio, 2020 16:05

Buenas @Fernando_Gimenez y Bienvenido al Foro.!!!

Para revisar tu máquina, sigue estos pasos(aunque alguno lo hayas realizado), en el orden indicado y leyendo todo lo explicado.

Desactiva temporalmente el Antivirus [Cómo deshabilitar temporalmente su Antivirus , mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar ) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :

CCleaner + Manual.
Malwarebytes’ Anti-Malware + Manual. revisa en detalle el manual, para que sepas usarlo y configurarlo correctamente.
AdwCleaner + Manual.
Junkware Removal Tool.
Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. Como saber si Mi Windows es de 32 o 64 Bits ?.

Ejecutas las herramientas de una en una y en el orden indicado :

CCleaner.-

Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.
Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.
Realiza un Análisis Personalizado.
Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.
En el apartado del programa Historial de detecciones encontrarás el informe de MBAM, que debes copiar y pegar en tu próxima respuesta, para poder analizarlo.

AdwCleaner.-

Ejecuta Adwcleaner.exe.
Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.
El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

Ejecuta JRT.exe.
Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.
Si en algún momento te pide Reiniciar hazlo.
Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

Ejecuta FRST.exe.
En el mensaje de la ventana del Disclaimer/Responsabilidad, pulsamos Sí/Yes
En la ventana principal pulsamos en el botón Analizar/Scan y esperamos a que concluya el proceso.
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Poner los informes en tu próxima respuesta de :

Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(más de 64.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado.

Saludos Javier.

Fernando_Gimenez · 31 Julio, 2020 12:44

Al ejecutar el programa de instalación de CCleaner, cuando le doy a la pestaña de instalar, la ventana desaparece y no empieza la instalación. Lo he ejecutado en normal y como administrador.

JavierHF · 31 Julio, 2020 13:43

Hola.

Tienes Windows Defender como Antivirus…??

Has desactivado el Antivirus…??

Fernando_Gimenez · 31 Julio, 2020 14:19

Hola Javier, tengo malwarebytes y windows defender, ambos los he desactivado como has indicado arriba.

JavierHF · 31 Julio, 2020 14:40

Hola.

Pues SI tienes Windows Defender es muy probable que él sea el culpable de que NO te funcione la instalación de CCleaner porque lo considera software inadecuado.

Intenta hacer la instalación de CCleaner desde el modo seguro de windows y SI tampoco pudieras omite la instalación.

Saludos.

Fernando_Gimenez · 7 Agosto, 2020 15:43

Hola Javier, perdón por la demora, al final si que pude instalar CCleaner, a continuación te dejo los informes.


Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 7/8/20
Hora del análisis: 11:39
Archivo de registro: e5d18eb9-d891-11ea-9c11-d8cb8ae2994e.json

-Información del software-
Versión: 4.1.2.73
Versión de los componentes: 1.0.990
Versión del paquete de actualización: 1.0.28081
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: System

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Programador de tareas
Resultado: Completado
Objetos analizados: 295246
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 6 min, 0 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)


# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build:    07-22-2020
# Database: 2020-07-20.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    08-07-2020
# Duration: 00:00:13
# OS:       Windows 7 Home Premium
# Scanned:  31837
# Detected: 4


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.SamsungSmartSwitch   File   C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk 
Preinstalled.SamsungSmartSwitch   Folder   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG\SMART SWITCH PC 
Preinstalled.SamsungSmartSwitch   Folder   C:\Users\Fer 2\AppData\Roaming\SAMSUNG\SMART SWITCH PC 
Preinstalled.SamsungSmartSwitch   Folder   C:\Users\Fer 2_2\AppData\Roaming\SAMSUNG\SMART SWITCH PC 



# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build:    07-22-2020
# Database: 2020-07-20.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    08-07-2020
# Duration: 00:00:04
# OS:       Windows 7 Home Premium
# Cleaned:  57
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Users\Fer 2\AppData\LocalLow\.acestream
Deleted       C:\Users\Fer 2\AppData\Roaming\.acestream
Deleted       C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
Deleted       C:\Users\Fer 2\AppData\Roaming\acestream
Deleted       C:\Users\Fer 2_2\AppData\LocalLow\.acestream
Deleted       C:\Users\Fer 2_2\AppData\Roaming\.acestream
Deleted       C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
Deleted       C:\Users\Fer 2_2\AppData\Roaming\acestream
Deleted       C:\_acestream_cache_

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Lavasoft\Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{17AA1859-C0D5-4E4F-BAF6-143E593B0544}C:\users\fer 2_2\appdata\roaming\kodi\userdata\addon_data\program.plexus\acestream\ace_engine.exe
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{6DC2ED23-DB22-463A-A79B-F611598647C7}C:\users\fer 2\appdata\roaming\acestream\engine\ace_engine.exe
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{FE26DF8C-E3F9-43AA-9ADC-9AA9C6399C3C}C:\users\fer 2_2\appdata\roaming\acestream\engine\ace_engine.exe
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{44C7047F-0717-43C8-85A9-90C9EB95560A}C:\users\fer 2_2\appdata\roaming\acestream\engine\ace_engine.exe
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{59FE2E4A-8246-4EF0-A7BB-1209C2FF954A}C:\users\fer 2\appdata\roaming\acestream\engine\ace_engine.exe
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{CBDEF4A5-E58A-4A59-BF19-303376D03D4C}C:\users\fer 2_2\appdata\roaming\kodi\userdata\addon_data\program.plexus\acestream\ace_engine.exe
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{6F9F8BBC-C035-4C52-BFB8-1A7313BA42DB}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{8CE78CA5-C7EA-44B3-826A-2EDC79C92652}
Deleted       HKLM\Software\Classes\.acestream
Deleted       HKLM\Software\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Deleted       HKLM\Software\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Deleted       HKLM\Software\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
Deleted       HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKU\S-1-5-21-570404620-873943029-220001324-1004\SOFTWARE\Classes\Applications\ace_player.exe
Deleted       HKU\S-1-5-21-570404620-873943029-220001324-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive
Deleted       HKU\S-1-5-21-570404620-873943029-220001324-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia
Deleted       HKU\S-1-5-21-570404620-873943029-220001324-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream
Deleted       HKU\S-1-5-21-570404620-873943029-220001324-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive
Deleted       HKU\S-1-5-21-570404620-873943029-220001324-1004\Software\AceStream
Deleted       HKU\S-1-5-21-570404620-873943029-220001324-1004\Software\Classes\.acelive
Deleted       HKU\S-1-5-21-570404620-873943029-220001324-1004\Software\Classes\.acemedia
Deleted       HKU\S-1-5-21-570404620-873943029-220001324-1004\Software\Classes\.acestream
Deleted       HKU\S-1-5-21-570404620-873943029-220001324-1004\Software\Classes\.tslive
Deleted       HKU\S-1-5-21-570404620-873943029-220001324-1004\Software\Classes\AudioCD\shell\PlayWithACEStream
Deleted       HKU\S-1-5-21-570404620-873943029-220001324-1004\Software\Classes\DVD\shell\PlayWithACEStream
Deleted       HKU\S-1-5-21-570404620-873943029-220001324-1004\Software\Classes\acestream
Deleted       HKU\S-1-5-21-570404620-873943029-220001324-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayCDAudioOnArrival
Deleted       HKU\S-1-5-21-570404620-873943029-220001324-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDAudioOnArrival
Deleted       HKU\S-1-5-21-570404620-873943029-220001324-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDMovieOnArrival
Deleted       HKU\S-1-5-21-570404620-873943029-220001324-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayMusicFilesOnArrival
Deleted       HKU\S-1-5-21-570404620-873943029-220001324-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlaySVCDMovieOnArrival
Deleted       HKU\S-1-5-21-570404620-873943029-220001324-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVCDMovieOnArrival
Deleted       HKU\S-1-5-21-570404620-873943029-220001324-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVideoFilesOnArrival
Deleted       HKU\S-1-5-21-570404620-873943029-220001324-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKU\S-1-5-21-570404620-873943029-220001324-1004\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
Deleted       HKU\S-1-5-21-570404620-873943029-220001324-1004\Software\RegisteredApplications|AceStream

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Deleted       Bing Default Search
Deleted       Bing Default Search
Deleted       https://defaultsearch.co/homepage?hp=1&pId=BT171001&iDate=2019-12-22 07:44:14&bName=&bitmask=0300
Deleted       https://defaultsearch.co/homepage?hp=1&pId=BT171001&iDate=2019-12-22 07:44:14&bName=&bitmask=0300

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [9496 octets] - [07/08/2020 17:22:03]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Home Premium x64 
Ran by Admin (Administrator) on 07/08/2020 at 17:24:52,77
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 17 

Successfully deleted: C:\ProgramData\mntemp (File) 
Successfully deleted: C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8W3ERR0C (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N0HH3LT4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RV55V864 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZLVCV047 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8W3ERR0C (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N0HH3LT4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RV55V864 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZLVCV047 (Temporary Internet Files Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07/08/2020 at 17:26:06,74
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Fernando_Gimenez · 7 Agosto, 2020 15:45


Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 29-07-2020
Ejecutado por Admin (administrador) sobre FER-PC (MSI MS-7996) (07-08-2020 17:31:00)
Ejecutado desde C:\Users\Fer 2_2\Desktop
Perfiles cargados: Fer 2_2 & Admin
Platform: Windows 7 Home Premium Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 11 (Navegador predeterminado: IE)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Christiaan Ghijselinck -> Micro-Star Int'l Co., Ltd.) C:\Windows\SysWOW64\RAMDiskImage.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI RAMDisk\MSI_RAMDisk_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [Cmaudio8788] => C:\Windows\Syswow64\cmicnfgp.dll [12935168 2012-11-20] (C-Media Corporation) [Archivo no firmado]
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] () [Archivo no firmado]
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] () [Archivo no firmado]
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2109064 2020-04-27] (Logitech Inc -> Logitech, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-06-15] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-570404620-873943029-220001324-1004\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-570404620-873943029-220001324-1005\...\Run: [uTorrent] => C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe [1893104 2020-05-18] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-570404620-873943029-220001324-1005\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-18\...\Run: [KSS] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-04-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP C511 Status Monitor: C:\Windows\system32\hpinkstsC511LM.dll [333496 2013-01-25] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.105\Installer\chrmstp.exe [2020-07-28] (Google LLC -> Google LLC)
Startup: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Security Essentials.lnk [2016-04-15]
ShortcutTarget: Microsoft Security Essentials.lnk -> C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation -> Microsoft Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {03897561-BE10-41EE-96B8-0D20D7BABD46} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1331792 2020-05-07] (Adobe Inc. -> Adobe Inc.)
Task: {0EE54A22-B400-42C0-9043-A284411CD3DA} - System32\Tasks\{B266CC71-D486-41E6-BA29-F41AE2927BCE} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.17.0.106&LastError=404
Task: {2147C284-CB09-48A7-9A49-58B2765091A2} - System32\Tasks\{5F99CCBD-3403-4955-81D2-B9E02FA1538C} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.22.0.109/es/go/help.faq.installer?LastError=1603
Task: {2C57DBF0-78CA-495C-922B-2117B7B85AD1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3C4F244D-C159-49FC-AC1F-5A4C3424E6AB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {3DC3B870-6D87-4AC6-8265-B0765918BBF6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_403_Plugin.exe [1475640 2020-07-15] (Adobe Inc. -> Adobe)
Task: {4C5CB531-41AB-4117-85DD-28999D6EACD2} - System32\Tasks\{1F15607F-8A16-4F3A-B374-E9A3654A55C8} => C:\Windows\system32\pcalua.exe -a E:\Descargas\Xbox360_64Esp.exe -d E:\Descargas
Task: {57674DF0-DAA4-4C50-8ABA-97B2E2468C34} - System32\Tasks\{222AFB30-5690-416A-84DD-CAF912E837A2} => C:\Users\Fer 2_2\Desktop\CCleaner.exe [25838336 2020-07-31] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5BDF11ED-424F-45F9-814E-5D31D7A187D7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-15] (Adobe Inc. -> Adobe)
Task: {711A782B-61F5-46AE-B180-65D14AFA39A5} - System32\Tasks\{93BAEC50-88A8-4C49-AB88-61872235CCDF} => C:\Windows\system32\pcalua.exe -a "D:\OtherDriver\Intel SBA\IntelSba_4.0.40.exe" -d "D:\OtherDriver\Intel SBA" -c -silent
Task: {71813E16-99C2-47B7-BAC5-13BCDAF5E935} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-04-23] (Google Inc -> Google Inc.)
Task: {7BBC2B83-D340-4418-88DD-7C75F7AB721C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8DB9422B-9DBD-4763-BD5F-9B3D1362CBEE} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Fer 2_2\Desktop\adwcleaner_8.0.7.exe [8414384 2020-07-31] (Malwarebytes Inc -> Malwarebytes)
Task: {AFFE5551-6479-4263-87A7-7CFB4FF00FFB} - System32\Tasks\{F9D6761A-D299-4EA5-8275-CA6B26370472} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.17.0.106&LastError=404
Task: {B7D83565-A1D4-4E93-A23E-EF24F7E7FADC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-04-23] (Google Inc -> Google Inc.)
Task: {E0D78689-56A1-4403-B3DD-EF82AFDC0AF2} - System32\Tasks\{174BA62B-B699-4F39-98D9-F5FF62D51231} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.22.0.109/es/go/help.faq.installer?LastError=1603
Task: {FD753E27-41DC-42E9-AF14-0D80025C807B} - System32\Tasks\{6424C860-4833-4C3B-9266-86976B5533C9} => C:\Windows\system32\pcalua.exe -a C:\Users\Fer\Desktop\wlsetup-web.exe -d C:\Users\Fer\Desktop

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\..\Interfaces\{1940C649-A191-42BE-9668-E6F571B77886}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{5E352B32-046B-48D7-9B8A-BFD41343A35C}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-570404620-873943029-220001324-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-es/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-02-26] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-26] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll Ningún archivo

FireFox:
========
FF DefaultProfile: e3s140rg.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e3s140rg.default [2019-12-22]
FF NewTab: Mozilla\Firefox\Profiles\e3s140rg.default -> hxxps://defaultsearch.co/homepage?hp=1&pId=BT171001&iDate=2019-12-22 07:44:14&bName=&bitmask=0300
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cai9e4w4.default-release [2020-07-31]
FF Homepage: Mozilla\Firefox\Profiles\cai9e4w4.default-release -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\cai9e4w4.default-release -> hxxps://defaultsearch.co/homepage?hp=1&pId=BT171001&iDate=2019-12-22 07:44:14&bName=&bitmask=0300
FF HKU\S-1-5-21-570404620-873943029-220001324-1004\...\Firefox\Extensions: [[email protected]] - C:\Users\Fer 2_2\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => no encontrado
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_403.dll [2020-07-15] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_403.dll [2020-07-15] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-570404620-873943029-220001324-1004: @acestream.net/acestreamplugin,version=3.1.16.1 -> C:\Users\Fer 2_2\AppData\Roaming\ACEStream\player\npace_plugin.dll [Ningún archivo]

Chrome: 
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2020-07-31]
CHR DefaultSearchURL: Default -> hxxps://es.search.yahoo.com/search?fr=mcafee&type=E210ES91082G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://es.search.yahoo.com/sugg/gossip/gossip-es-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Presentaciones) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-27]
CHR Extension: (Documentos) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-27]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-27]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-08]
CHR Extension: (Hojas de cálculo) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-27]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-16]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-08]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-27]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-07-31]
CHR HKU\S-1-5-21-570404620-873943029-220001324-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-570404620-873943029-220001324-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-15] (Adobe Inc. -> Adobe)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8348064 2019-01-14] (BattlEye Innovations e.K. -> )
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-02-28] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [350312 2015-09-04] (Intel Corporation - pGFX -> Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [202872 2018-03-19] (Logitech Inc -> Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6970968 2020-07-27] (Malwarebytes Inc -> Malwarebytes)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [105296 2015-06-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_RAMDisk_Service; C:\Program Files (x86)\MSI\MSI RAMDisk\MSI_RAMDisk_Service.exe [70480 2015-09-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2510136 2020-07-30] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3462464 2020-07-30] (Electronic Arts, Inc. -> Electronic Arts)
R2 RAMDrivService; C:\Windows\SysWOW64\RAMDiskImage.exe [343032 2012-12-28] (Christiaan Ghijselinck -> Micro-Star Int'l Co., Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 VBoxSDS; E:\VirtualBox\VBoxSDS.exe [692992 2019-04-16] (Oracle Corporation -> Oracle Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-03-25] (Microsoft Windows -> Microsoft Corporation)
S2 kss; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe"  -r [X]
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2734080 2013-04-11] (C-MEDIA ELECTRONICS INC. -> C-Media Inc)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-04-16] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-04-16] (Disc Soft Ltd -> Disc Soft Ltd)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
S3 LGJoyHidFilter; C:\Windows\System32\drivers\LGJoyHidFilter.sys [57368 2018-03-19] (Logitech Inc -> Logitech Inc.)
S3 LGJoyHidLo; C:\Windows\System32\drivers\LGJoyHidLo.sys [47256 2018-03-19] (Logitech Inc -> Logitech Inc.)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2018-03-19] (Logitech Inc -> Logitech Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [216056 2020-07-27] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-07-27] (Malwarebytes Inc -> Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2015-11-05] (Apple Inc.) [Archivo no firmado]
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 RAMDriv; C:\Windows\System32\DRIVERS\ramdriv.sys [81912 2012-12-27] (Christiaan Ghijselinck -> Micro-Star Int'l Co., Ltd.)
R2 RAMDriv; C:\Windows\SysWOW64\DRIVERS\ramdriv.sys [81912 2012-12-27] (Christiaan Ghijselinck -> Micro-Star Int'l Co., Ltd.)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Apple, Inc.) [Archivo no firmado]
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [236560 2019-04-16] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [247952 2019-04-16] (Oracle Corporation -> Oracle Corporation)
R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [467368 2017-05-13] (IDRIX -> IDRIX)
S3 BEDaisy; \??\C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Tres meses (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-08-07 17:27 - 2020-08-07 17:31 - 000023473 _____ C:\Users\Fer 2_2\Desktop\FRST.txt
2020-08-07 17:27 - 2020-08-07 17:27 - 000044370 _____ C:\Users\Fer 2_2\Desktop\Addition.txt
2020-08-07 17:26 - 2020-08-07 17:31 - 000000000 ____D C:\FRST
2020-08-07 17:26 - 2020-08-07 17:30 - 000000554 _____ C:\Users\Admin\Desktop\JRT.txt
2020-08-07 17:23 - 2020-08-07 17:23 - 000003102 _____ C:\Windows\system32\Tasks\AdwCleaner_onReboot
2020-08-07 17:21 - 2020-08-07 17:23 - 000000000 ____D C:\AdwCleaner
2020-08-04 11:14 - 2020-08-04 11:14 - 008388672 _____ C:\Users\Fer 2_2\Downloads\Configurador_FNMT_RCM.exe
2020-07-31 17:11 - 2020-07-31 17:11 - 000029646 _____ C:\Users\Fer 2_2\Desktop\cc_20200731_171118.reg
2020-07-31 17:01 - 2020-07-31 17:01 - 000000000 ____D C:\Users\Admin\AppData\Local\CEF
2020-07-31 17:00 - 2020-08-07 17:26 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-07-31 17:00 - 2020-07-31 17:00 - 000002804 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-07-31 17:00 - 2020-07-31 17:00 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-07-31 17:00 - 2020-07-31 17:00 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-07-31 17:00 - 2020-07-31 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-07-31 17:00 - 2020-07-31 17:00 - 000000000 ____D C:\Program Files\CCleaner
2020-07-31 16:59 - 2020-07-31 16:59 - 025838336 _____ (Piriform Software Ltd) C:\Users\Admin\Downloads\ccsetup568.exe
2020-07-31 14:39 - 2020-07-31 14:39 - 000002940 _____ C:\Windows\system32\Tasks\{222AFB30-5690-416A-84DD-CAF912E837A2}
2020-07-31 14:23 - 2020-07-31 14:23 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Logishrd
2020-07-31 14:08 - 2020-07-31 14:08 - 002296832 _____ (Farbar) C:\Users\Fer 2_2\Desktop\FRST64.exe
2020-07-31 14:07 - 2020-07-31 14:07 - 008414384 _____ (Malwarebytes) C:\Users\Fer 2_2\Desktop\adwcleaner_8.0.7.exe
2020-07-31 14:07 - 2020-07-31 14:07 - 001790024 _____ (Malwarebytes) C:\Users\Fer 2_2\Desktop\JRT.exe
2020-07-31 14:05 - 2020-07-31 14:05 - 025838336 _____ (Piriform Software Ltd) C:\Users\Fer 2_2\Desktop\CCleaner.exe
2020-07-28 12:07 - 2020-07-28 12:07 - 000000000 _____ C:\Users\Fer 2_2\Desktop\Mirar forospyware.txt
2020-07-27 13:05 - 2020-07-27 13:05 - 000000000 ____D C:\Users\Fer 2_2\AppData\Roaming\Opera Software
2020-07-27 13:05 - 2020-07-27 13:05 - 000000000 ____D C:\Users\Fer 2_2\AppData\Local\Opera Software
2020-07-27 13:02 - 2020-07-27 13:02 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-07-27 13:02 - 2020-07-27 13:02 - 000216056 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-07-27 13:02 - 2020-07-27 13:02 - 000001960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-07-26 20:33 - 2020-07-26 20:33 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2020-07-16 11:16 - 2020-08-07 17:20 - 000000750 _____ C:\Users\Fer 2_2\Desktop\lista empresas.txt
2020-07-15 17:18 - 2020-07-15 17:18 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Oracle
2020-07-15 11:38 - 2020-07-15 11:38 - 009585208 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2020-07-13 11:33 - 2020-07-13 11:33 - 000000000 ____D C:\Program Files\Logitech
2020-07-13 10:11 - 2020-07-13 10:11 - 000000000 ____D C:\Users\Fer 2_2\AppData\LocalLow\Temp
2020-07-08 17:08 - 2020-07-08 17:08 - 000000000 _____ C:\Users\Fer 2_2\Desktop\CIDEAD.txt
2020-06-18 18:15 - 2020-06-18 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-06-18 18:15 - 2020-06-18 18:15 - 000000000 ____D C:\Program Files\VideoLAN
2020-05-27 17:46 - 2013-04-11 19:21 - 002734080 _____ (C-Media Inc) C:\Windows\system32\Drivers\cmudaxp.sys
2020-05-18 09:16 - 2020-05-22 09:25 - 000000000 ____D C:\Users\Admin\Downloads\opera autoupdate

==================== Tres meses (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-08-07 17:28 - 2009-07-14 11:31 - 000747396 _____ C:\Windows\system32\perfh00A.dat
2020-08-07 17:28 - 2009-07-14 11:31 - 000158868 _____ C:\Windows\system32\perfc00A.dat
2020-08-07 17:28 - 2009-07-14 07:13 - 001676890 _____ C:\Windows\system32\PerfStringBackup.INI
2020-08-07 17:28 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-08-07 17:24 - 2016-04-15 17:43 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-08-07 17:23 - 2016-04-17 09:34 - 033555456 _____ C:\Windows\SysWOW64\RAMDiskImage.data
2020-08-07 17:23 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-08-07 13:51 - 2017-04-17 21:37 - 000000000 ___RD C:\Users\Fer 2_2\Google Drive
2020-08-07 11:48 - 2009-07-14 06:45 - 000023376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-08-07 11:48 - 2009-07-14 06:45 - 000023376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-08-06 21:08 - 2019-02-07 02:57 - 000000000 ____D C:\Program Files (x86)\Origin
2020-08-06 16:39 - 2019-08-05 17:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-08-06 12:33 - 2017-04-17 21:17 - 000000000 ____D C:\Users\Fer 2_2
2020-08-06 09:39 - 2017-12-02 14:22 - 000000000 ____D C:\Users\Fer 2_2\AppData\LocalLow\Mozilla
2020-07-31 17:09 - 2017-11-05 18:18 - 000000000 ____D C:\Users\Fer 2_2\AppData\Roaming\DAEMON Tools Lite
2020-07-31 17:09 - 2016-04-16 04:56 - 000000000 ____D C:\Program Files (x86)\Steam
2020-07-31 17:00 - 2016-04-24 16:55 - 000000000 ____D C:\ProgramData\AVG
2020-07-31 16:59 - 2019-12-22 21:43 - 000000000 ____D C:\Users\Admin\AppData\Roaming\uTorrent
2020-07-31 16:58 - 2019-12-22 21:44 - 000000000 ____D C:\Users\Admin\AppData\Local\BitTorrentHelper
2020-07-28 11:17 - 2017-04-17 21:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-07-27 21:05 - 2017-04-17 22:08 - 000000000 ____D C:\Users\Fer 2_2\AppData\Roaming\uTorrent
2020-07-27 20:45 - 2019-03-30 04:06 - 000000000 ____D C:\Users\Fer 2_2\AppData\Local\BitTorrentHelper
2020-07-27 18:49 - 2017-04-17 21:56 - 000000000 ____D C:\Users\Fer 2_2\AppData\Local\Spotify
2020-07-27 18:43 - 2017-04-17 21:55 - 000000000 ____D C:\Users\Fer 2_2\AppData\Roaming\Spotify
2020-07-27 13:15 - 2016-05-02 22:51 - 000000000 ____D C:\Users\Fer 2
2020-07-27 13:08 - 2017-04-17 22:21 - 000000000 ____D C:\Users\Fer 2_2\AppData\Roaming\vlc
2020-07-27 13:04 - 2016-07-24 17:13 - 000000000 ____D C:\ProgramData\Apple
2020-07-27 13:01 - 2019-05-11 18:32 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-07-15 11:39 - 2018-03-14 01:39 - 000004492 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-07-15 11:39 - 2018-01-21 18:57 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-07-15 11:39 - 2018-01-21 18:57 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-07-15 11:39 - 2018-01-21 18:57 - 000004332 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-07-15 11:38 - 2018-01-21 18:57 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-07-15 11:38 - 2018-01-21 18:57 - 000000000 ____D C:\Windows\system32\Macromed
2020-07-13 15:29 - 2018-04-05 03:11 - 000000000 ____D C:\Users\Fer 2_2\AppData\Local\Logitech
2020-07-13 15:29 - 2018-04-05 03:11 - 000000000 ____D C:\ProgramData\LogiShrd
2020-07-13 11:34 - 2018-04-05 03:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2020-07-13 11:34 - 2018-04-05 03:09 - 000000000 ____D C:\Users\Fer 2_2\AppData\Roaming\Logishrd
2020-07-13 10:19 - 2020-04-13 18:06 - 000000114 _____ C:\Users\Fer 2_2\Desktop\Lista compra.txt
2020-07-08 12:18 - 2016-04-17 06:17 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-07-08 12:18 - 2016-04-17 06:16 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Archivos en la raíz de algunos directorios ========

2013-02-26 08:28 - 2013-02-26 08:28 - 000027762 _____ () C:\Program Files\changes.txt
2015-09-05 10:11 - 2015-09-05 10:11 - 002671376 _____ (Beepa P/L) C:\Program Files\fraps.exe
2015-09-05 10:05 - 2015-09-05 10:05 - 000255760 _____ (Beepa P/L) C:\Program Files\fraps32.dll
2015-09-05 10:11 - 2015-09-05 10:11 - 000102160 _____ (Beepa P/L) C:\Program Files\fraps64.dat
2015-09-05 10:05 - 2015-09-05 10:05 - 000215824 _____ (Beepa P/L) C:\Program Files\fraps64.dll
2015-09-05 10:09 - 2015-09-05 10:09 - 000174080 _____ (Beepa P/L) C:\Program Files\frapslcd.dll
2013-02-26 08:27 - 2013-02-26 08:27 - 000001894 _____ () C:\Program Files\README.HTM
2017-11-22 02:21 - 2017-11-22 02:21 - 000036079 _____ (Beepa Pty Ltd) C:\Program Files\uninstall.exe

==================== SigCheckExt =========================

2016-04-16 04:54 - 2012-09-28 15:45 - 000465408 ____N (C-Media Electronics Inc.) C:\Windows\system32\cmasiopx.dll
2016-04-16 04:53 - 2013-03-21 11:11 - 000827904 ____N C:\Windows\system32\Cmeauoxy.exe
2016-04-15 19:57 - 2009-08-19 16:00 - 000359424 ____N C:\Windows\system32\CmiInstallResAll64.dll
2016-04-16 04:54 - 2007-12-13 18:12 - 000122880 ____N (CMedia Electronics Inc.) C:\Windows\system32\Cm_Oal.dll
2015-09-05 10:09 - 2015-09-05 10:09 - 000105984 _____ (Beepa P/L) C:\Windows\system32\frapsv64.dll
2016-04-16 04:54 - 2020-05-27 17:49 - 000111616 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2012-09-28 21:45 - 2012-09-28 21:45 - 000246272 _____ C:\Windows\system32\rtvcvfw64.dll
2016-04-16 04:54 - 2020-05-27 17:49 - 000419840 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2015-09-05 10:11 - 2015-09-05 10:11 - 002671376 _____ (Beepa P/L) C:\Program Files\fraps.exe
2015-09-05 10:05 - 2015-09-05 10:05 - 000255760 _____ (Beepa P/L) C:\Program Files\fraps32.dll
2015-09-05 10:05 - 2015-09-05 10:05 - 000215824 _____ (Beepa P/L) C:\Program Files\fraps64.dll
2015-09-05 10:09 - 2015-09-05 10:09 - 000174080 _____ (Beepa P/L) C:\Program Files\frapslcd.dll
2017-11-22 02:21 - 2017-11-22 02:21 - 000036079 _____ (Beepa Pty Ltd) C:\Program Files\uninstall.exe
2016-04-16 04:54 - 2012-09-28 15:45 - 000303104 ____N (C-Media Electronics Inc.) C:\Windows\SysWOW64\cmasiop.dll
2016-04-16 04:53 - 2012-11-20 12:24 - 012935168 ____N (C-Media Corporation) C:\Windows\SysWOW64\CmiCnfgp.dll
2016-04-16 04:53 - 2006-09-13 10:21 - 000200704 ____N (C-Media) C:\Windows\SysWOW64\Cmpaoxy.dll
2016-04-16 04:54 - 2007-12-13 18:12 - 000122880 ____N (CMedia Electronics Inc.) C:\Windows\SysWOW64\Cm_Oal.dll
2019-12-10 15:28 - 2008-08-18 20:18 - 000077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2015-09-05 10:09 - 2015-09-05 10:09 - 000094208 _____ (Beepa P/L) C:\Windows\SysWOW64\frapsvid.dll
2016-04-16 04:53 - 2008-07-11 09:04 - 000200704 ____N C:\Windows\SysWOW64\HsMgr.exe
2016-04-16 04:54 - 2012-02-06 09:15 - 000212992 ____N (C-Media Electronics Inc.) C:\Windows\SysWOW64\HsSrv.dll
2016-04-16 04:54 - 2012-01-06 10:30 - 000212992 ____N (C-Media Electronics Inc.) C:\Windows\SysWOW64\HsSrv2.dll
2015-05-22 01:00 - 2015-05-22 01:00 - 000002560 _____ (Intel(R) Corporation) C:\Windows\SysWOW64\IusEventLog.dll
2016-04-16 04:54 - 2020-05-27 17:49 - 000102400 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2012-09-28 21:45 - 2012-09-28 21:45 - 000247296 _____ C:\Windows\SysWOW64\rtvcvfw32.dll
2016-04-16 04:53 - 2012-06-06 09:56 - 000143360 ____N C:\Windows\SysWOW64\VmixP8.dll
2016-04-16 04:54 - 2020-05-27 17:49 - 000413696 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2015-06-15 10:00 - 2015-06-15 10:00 - 000041984 ____R (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll
2020-07-31 14:08 - 2020-07-31 14:08 - 002296832 _____ (Farbar) C:\Users\Fer 2_2\Desktop\FRST64.exe

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


==================== BCD ================================

Administrador de arranque de Windows
----------------------------------
Identificador           {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  es-ES
inherit                 {globalsettings}
default                 {current}
resumeobject            {e60f6a22-bc40-11e5-b8b4-aee462b7eb80}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Cargador de arranque de Windows
-----------------------------
Identificador           {e60f6a20-bc40-11e5-b8b4-aee462b7eb80}
device                  ramdisk=[C:]\Recovery\e60f6a20-bc40-11e5-b8b4-aee462b7eb80\Winre.wim,{e60f6a21-bc40-11e5-b8b4-aee462b7eb80}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\e60f6a20-bc40-11e5-b8b4-aee462b7eb80\Winre.wim,{e60f6a21-bc40-11e5-b8b4-aee462b7eb80}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Cargador de arranque de Windows
-----------------------------
Identificador           {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  es-ES
inherit                 {bootloadersettings}
recoverysequence        {e60f6a24-bc40-11e5-b8b4-aee462b7eb80}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {e60f6a22-bc40-11e5-b8b4-aee462b7eb80}
nx                      OptIn

Cargador de arranque de Windows
-----------------------------
Identificador           {e60f6a24-bc40-11e5-b8b4-aee462b7eb80}
device                  ramdisk=[C:]\Recovery\e60f6a24-bc40-11e5-b8b4-aee462b7eb80\Winre.wim,{e60f6a25-bc40-11e5-b8b4-aee462b7eb80}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\e60f6a24-bc40-11e5-b8b4-aee462b7eb80\Winre.wim,{e60f6a25-bc40-11e5-b8b4-aee462b7eb80}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Reanudar tras hibernaci�n
-------------------------
Identificador           {e60f6a22-bc40-11e5-b8b4-aee462b7eb80}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  es-ES
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Herramienta de comprobaci�n de memoria de Windows
-------------------------------------------------
Identificador           {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Herramienta de diagn�stico de memoria de Windows
locale                  es-ES
inherit                 {globalsettings}
badmemoryaccess         Yes

Configuraci�n de EMS
--------------------
Identificador           {emssettings}
bootems                 Yes

Configuraci�n del depurador
---------------------------
Identificador           {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

Defectos de RAM
---------------
Identificador           {badmemory}

Configuraci�n global
--------------------
Identificador           {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Configuraci�n del cargador de arranque
------------------------------------
Identificador           {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Configuraci�n de hipervisor
-------------------
Identificador           {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Reanudar la configuraci�n del cargador
--------------------------------------
Identificador           {resumeloadersettings}
inherit                 {globalsettings}

Opciones de dispositivo
-----------------------
Identificador           {e60f6a21-bc40-11e5-b8b4-aee462b7eb80}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\e60f6a20-bc40-11e5-b8b4-aee462b7eb80\boot.sdi

Opciones de dispositivo
-----------------------
Identificador           {e60f6a25-bc40-11e5-b8b4-aee462b7eb80}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\e60f6a24-bc40-11e5-b8b4-aee462b7eb80\boot.sdi


LastRegBack: 2020-08-05 10:55
==================== Final de FRST.txt ========================

Fernando_Gimenez · 7 Agosto, 2020 15:45


Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 29-07-2020
Ejecutado por Admin (07-08-2020 17:32:18)
Ejecutado desde C:\Users\Fer 2_2\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-04-15 15:30:47)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Admin (S-1-5-21-570404620-873943029-220001324-1005 - Administrator - Enabled) => C:\Users\Admin
Administrador (S-1-5-21-570404620-873943029-220001324-500 - Administrator - Disabled)
Fer 2_2 (S-1-5-21-570404620-873943029-220001324-1004 - Limited - Enabled) => C:\Users\Fer 2_2
HomeGroupUser$ (S-1-5-21-570404620-873943029-220001324-1002 - Limited - Enabled)
Invitado (S-1-5-21-570404620-873943029-220001324-501 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-570404620-873943029-220001324-1004\...\uTorrent) (Version: 3.5.5.45704 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-570404620-873943029-220001324-1005\...\uTorrent) (Version: 3.5.5.45672 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.009.20074 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.403 - Adobe)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.3.5 - Electronic Arts, Inc.)
ASUS Xonar DG Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
Backup and Sync from Google (HKLM\...\{01D33BEA-673C-439C-A7C7-DE5B236DB842}) (Version: 3.50.3166.0017 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.68 - Piriform)
CrystalDiskInfo 6.8.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.8.1 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0154 - Disc Soft Ltd)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{9B504F12-DA3B-4CEC-A6FD-B07D6C1FEA26}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 84.0.4147.105 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1168 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4279 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (es-ES) (HKLM-x32\...\{F49AF755-A5C3-4252-A190-5772B2669C3B}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (es-MX) (HKLM-x32\...\{E8F3B154-03CE-4120-8B9D-9E83ED5F3AD7}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (fr-CA) (HKLM-x32\...\{7D179500-CA0C-4456-B624-C15876B15F39}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (fr-FR) (HKLM-x32\...\{4CC174AA-25BC-46FF-B1E2-13B24AFB6142}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (it-IT) (HKLM-x32\...\{969D900A-3481-4A77-B888-D24160D4D727}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (ja-JP) (HKLM-x32\...\{EDA8693D-9E82-4FD1-98C8-0DC4F9141E0F}) (Version: 11.0.7400.336 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 6.2.3.2 (HKLM\...\{31C3855A-DA3A-4FC4-AE9B-1B4ACF89A2C4}) (Version: 6.2.3.2 - The Document Foundation)
Logitech Gaming Software 8.98 (HKLM\...\Logitech Gaming Software) (Version: 8.98.218 - Logitech Inc.)
Logitech Options (HKLM\...\LogiOptions) (Version: 8.20.329 - Logitech)
Malwarebytes version 4.1.2.73 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.2.73 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Standard 2016 (HKLM\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pl-PL) (HKLM-x32\...\{BEFB9378-5E88-4266-8EB1-C92869449885}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pt-BR) (HKLM-x32\...\{F6B5EB21-0ABF-487C-B9A9-D9DB259C4403}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (ru-RU) (HKLM-x32\...\{9419B7EA-6A4B-4A57-8E2A-3BDD4676118F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (zh-CN) (HKLM-x32\...\{BAD2A75A-1708-47BA-A498-20890D2C78A7}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{449EFED6-5F86-4428-8EB2-3DA1F6E67CE4}) (Version: 1.20.146.0 - Microsoft)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.8 - MSI)
MSI RAMDisk (HKLM-x32\...\{F29CF050-7278-4CDB-9EF8-2DC6DAA87453}}_is1) (Version: 1.0.0.11 - MSI)
NVIDIA Controlador de gráficos 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 68.0.3618.104 (HKU\S-1-5-21-570404620-873943029-220001324-1005\...\Opera 68.0.3618.104) (Version: 68.0.3618.104 - Opera Software)
Opera Stable 69.0.3686.77 (HKU\S-1-5-21-570404620-873943029-220001324-1004\...\Opera 69.0.3686.77) (Version: 69.0.3686.77 - Opera Software)
Oracle VM VirtualBox 6.0.6 (HKLM\...\{6C89B405-9910-446E-A6A9-7B15A09513D3}) (Version: 6.0.6 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.79.42672 - Electronic Arts, Inc.)
Panel de control de NVIDIA 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 353.62 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Revo Uninstaller 2.1.7 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.7 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Savu Mouse (HKLM-x32\...\{6F4B8EA6-4546-4160-A05F-0706F7DC1EFF}) (Version: 1.1.9 - ROCCAT GmbH)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
SopCast 4.2.0 (HKLM-x32\...\SopCast) (Version: 4.2.0 - www.sopcast.com)
Spotify (HKU\S-1-5-21-570404620-873943029-220001324-1004\...\Spotify) (Version: 1.1.34.694.gac68a2b3 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
Update for Skype for Business 2016 (KB4464532) 64-Bit Edition (HKLM\...\{90160000-0012-0000-1000-0000000FF1CE}_Office16.STANDARD_{AE29DCF7-9675-4C7D-8818-D9D3CF25D135}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4464532) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.STANDARD_{AE29DCF7-9675-4C7D-8818-D9D3CF25D135}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 18.1 - Ubisoft)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.19 - IDRIX)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-06-15] (Google LLC -> Google)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} =>  -> Ningún archivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-06-15] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-09-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Archivo no firmado]

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2017-03-26 19:00 - 2017-03-26 19:00 - 000111616 _____ (Microsoft Corporation) [Archivo no firmado] [El archivo está en uso] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2016-04-17 07:47 - 2014-06-23 09:56 - 001113600 _____ (Robert Simpson, et al.) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\MSI\MSI RAMDisk\System.Data.SQLite.dll
2019-02-07 02:57 - 2020-04-10 12:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-02-07 02:57 - 2020-04-10 12:05 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\Origin\ssleay32.dll
2019-02-07 02:57 - 2020-04-10 12:05 - 001611264 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-02-07 02:57 - 2020-04-10 12:05 - 005487104 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-02-07 02:57 - 2020-04-10 12:05 - 005841920 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-02-07 02:57 - 2020-04-10 12:05 - 001179136 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-02-07 02:57 - 2020-04-10 12:05 - 000146432 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2019-02-07 02:57 - 2020-04-10 12:05 - 005089792 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-02-07 02:57 - 2020-04-10 12:05 - 000184832 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [468]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-570404620-873943029-220001324-1004\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-570404620-873943029-220001324-1005\...\localhost -> localhost

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-14 04:34 - 2016-04-17 06:18 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-570404620-873943029-220001324-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-570404620-873943029-220001324-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: Fax => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\startupreg: AceStream => C:\Users\Fer 2_2\AppData\Roaming\ACEStream\engine\ace_engine.exe
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: Discord => C:\Users\Fer 2_2\AppData\Local\Discord\app-0.0.304\Discord.exe
MSCONFIG\startupreg: EpicGamesLauncher => "E:\Juegos\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
MSCONFIG\startupreg: Fast Boot => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: Malwarebytes TrayApp => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: ROCCAT Savu Gaming Mouse => "C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe" /Automation 
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: Spotify => "C:\Users\Fer 2_2\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Fer 2_2\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: WiFi Guard => "C:\Program Files\SoftPerfect WiFi Guard\WiFiGuard.exe" /hide

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{BBA8A2A4-A336-418B-A86D-CE3C14413B46}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D9A05223-EF0D-43F0-BF78-09F818A281A9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8C12AC5F-0EDD-4FBB-859D-2406C6017E0E}] => (Allow) LPort=24680
FirewallRules: [{19EF0EE2-34DF-4A56-8DF0-B39E807BB923}] => (Allow) E:\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{2BD05136-E011-452D-BD9C-10E3B91E6718}] => (Allow) E:\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe (CAPCOM CO., LTD. -> )
FirewallRules: [TCP Query User{61FE6C9B-C1D6-496E-88A3-8CD594AF3547}E:\juegos\xcom 2\binaries\win64\xcom2.exe] => (Allow) E:\juegos\xcom 2\binaries\win64\xcom2.exe => Ningún archivo
FirewallRules: [UDP Query User{1AAA2766-85F4-4C98-9C45-D4797A8896A8}E:\juegos\xcom 2\binaries\win64\xcom2.exe] => (Allow) E:\juegos\xcom 2\binaries\win64\xcom2.exe => Ningún archivo
FirewallRules: [TCP Query User{EDAB42C7-261D-4D8E-9B3D-64C8B9447805}C:\users\fer 2\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\fer 2\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{FE97F021-2800-4496-B821-D2276499140E}C:\users\fer 2\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\fer 2\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B660B2BD-7DE2-4D2A-B67F-E29871D73A2C}] => (Allow) C:\Users\Fer 2\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2CB5F970-7189-44BF-9F9C-0031B72D55AF}] => (Allow) C:\Users\Fer 2\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{888746DC-CDE0-4093-97BD-353DF6FBEA1F}] => (Allow) C:\Users\Fer 2\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F3970E51-2A4D-41E4-A6C6-EE2B97C7CAB2}] => (Allow) C:\Users\Fer 2\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{493DCF4E-8D69-4664-8BC2-637000A5B8C2}] => (Allow) C:\Users\Fer 2\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{357F7846-D199-423A-B5F0-6D993C82AC4B}] => (Allow) C:\Users\Fer 2\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{1BA9C85A-1EFD-4833-9EF8-FF3A78975053}E:\steam\steamapps\common\dayz\dayz.exe] => (Allow) E:\steam\steamapps\common\dayz\dayz.exe => Ningún archivo
FirewallRules: [UDP Query User{D13E70F9-869D-4500-8E63-A4C29C29DD6E}E:\steam\steamapps\common\dayz\dayz.exe] => (Allow) E:\steam\steamapps\common\dayz\dayz.exe => Ningún archivo
FirewallRules: [TCP Query User{DCDFEA9D-98C4-42C6-AFA7-1ABCE23DF812}C:\users\fer 2\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\fer 2\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{874E3175-AAB0-48EA-A4CA-6A432A973CA9}C:\users\fer 2\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\fer 2\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{2FFD7141-14B2-47FF-9AC6-E20548DEAA6A}E:\juegos\doom\doomx64.exe] => (Allow) E:\juegos\doom\doomx64.exe => Ningún archivo
FirewallRules: [UDP Query User{0437E8F1-EC3F-4E8F-B144-A2D6EE842B60}E:\juegos\doom\doomx64.exe] => (Allow) E:\juegos\doom\doomx64.exe => Ningún archivo
FirewallRules: [{7EFBDE95-E56C-4CB2-81AC-222E4C87B316}] => (Allow) E:\Juegos\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe => Ningún archivo
FirewallRules: [{72C437AC-97F4-442E-8AB1-83C05E26BA55}] => (Allow) E:\Juegos\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe => Ningún archivo
FirewallRules: [TCP Query User{5786F58A-5A08-4C98-8004-62C7CAB7C977}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe (www.sopcast.com) [Archivo no firmado]
FirewallRules: [UDP Query User{B697BAFB-9072-4F1C-83E9-0FEB9DFE76FA}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe (www.sopcast.com) [Archivo no firmado]
FirewallRules: [{D4C938A7-CBDC-45BB-A229-9A7D5DBA998D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Ningún archivo
FirewallRules: [{1699DCE8-5446-4DFD-811D-659697CA9AB3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Ningún archivo
FirewallRules: [TCP Query User{4AEAF66B-A6B9-4CAF-AA35-88CB399E0EAD}C:\users\fer 2_2\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\fer 2_2\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{DD10D7B4-2783-48D6-8918-909FC8759199}C:\users\fer 2_2\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\fer 2_2\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{14ECEDAA-4BAE-4722-A8F8-9C83032281BA}] => (Allow) C:\Users\Fer 2_2\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7DB6880C-65ED-45CF-9D6C-8E67AD0D80BF}] => (Allow) C:\Users\Fer 2_2\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{DF956BB2-1DE8-4A32-9541-BD2D8F87DF66}] => (Allow) C:\Users\Fer 2_2\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2B8F7C31-B800-4225-9A38-3277409B48E9}] => (Allow) C:\Users\Fer 2_2\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2E37B3FF-7910-4363-BC26-DCBF9EA801D2}] => (Allow) C:\Users\Fer 2_2\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{FE7A368A-A321-46AA-8142-E3553E84813B}] => (Allow) C:\Users\Fer 2_2\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{3306A2BE-1E45-4571-991F-7A9C613954AA}] => (Allow) E:\Juegos\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{8A60AF62-67CA-49DF-B11E-873D686F7192}] => (Allow) E:\Juegos\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{5987301C-0044-4E79-A98E-4380C7E86ADA}] => (Allow) E:\Juegos\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{36D44F1E-363E-4CC2-97A2-C4077E568C00}] => (Allow) E:\Juegos\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{3A34B31C-38B9-4408-B183-6B2D34323B24}E:\juegos\tom clancy's rainbow six siege\rainbowsix.exe] => (Allow) E:\juegos\tom clancy's rainbow six siege\rainbowsix.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [UDP Query User{C9A2E874-1C6C-4836-826B-89156C625367}E:\juegos\tom clancy's rainbow six siege\rainbowsix.exe] => (Allow) E:\juegos\tom clancy's rainbow six siege\rainbowsix.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{DDCEDCF5-3603-4FD1-9832-F2D4A71AD837}E:\pelis magnet\pelismagnet.exe] => (Allow) E:\pelis magnet\pelismagnet.exe => Ningún archivo
FirewallRules: [UDP Query User{FA85B760-4C14-407A-A106-74469AFE1E3E}E:\pelis magnet\pelismagnet.exe] => (Allow) E:\pelis magnet\pelismagnet.exe => Ningún archivo
FirewallRules: [TCP Query User{4869A699-9DD4-4E2A-8531-4699ACA4689A}E:\juegos\rise of the tomb raider - 20 years celebration\rottr.exe] => (Allow) E:\juegos\rise of the tomb raider - 20 years celebration\rottr.exe => Ningún archivo
FirewallRules: [UDP Query User{E45247B9-5AFB-4132-8FB2-85D66C590FCF}E:\juegos\rise of the tomb raider - 20 years celebration\rottr.exe] => (Allow) E:\juegos\rise of the tomb raider - 20 years celebration\rottr.exe => Ningún archivo
FirewallRules: [{78D140D3-7017-48E8-8330-1253F1D2C8B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => Ningún archivo
FirewallRules: [{50308E2E-64C0-415D-96CA-06AB0D60C4D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => Ningún archivo
FirewallRules: [TCP Query User{D079AAD7-1FC1-46EA-8883-B6E12D725B26}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Ningún archivo
FirewallRules: [UDP Query User{E94F0087-286E-4955-BD84-1381C5449BFB}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Ningún archivo
FirewallRules: [TCP Query User{1000EDEC-6F98-4689-AFEF-828BB92658D6}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{F77B5C24-3D3B-4AD0-B8CA-2E1E10B81E80}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{DCE8B245-6F7A-4E46-B5D4-28020CFA4A19}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{4EE73DFB-DCF9-498D-84C1-4FDE8C66C244}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{0AC66C0A-474F-4DA7-A630-765A01D2BDB0}E:\juegos\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\juegos\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{F68EC439-DFFD-4260-829E-C306E197D74A}E:\juegos\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\juegos\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{06B07C96-1292-4041-8B6D-38695DA09B15}E:\juegos\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\juegos\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{8EFDEB5B-E289-401E-824B-A9228836FF70}E:\juegos\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\juegos\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{5638D9AD-7065-4662-892C-728CB9E22693}E:\juegos\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) E:\juegos\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{0BA25D3F-44A2-4D46-80DB-E2BE52BD6014}E:\juegos\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) E:\juegos\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{4A5C2966-0B78-4F2D-BAD9-8B008227E1CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe => Ningún archivo
FirewallRules: [{12E614BE-83B9-4BDE-A98E-6497C680CE36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe => Ningún archivo
FirewallRules: [TCP Query User{6C0888B2-2DC7-47E4-952A-59E8D38C0468}E:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) E:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Ningún archivo
FirewallRules: [UDP Query User{D6E4375F-257C-4D73-8E58-BEDE489A85D2}E:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) E:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Ningún archivo
FirewallRules: [TCP Query User{D1427E90-0BEA-4120-B892-8682D57A68AE}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe => Ningún archivo
FirewallRules: [UDP Query User{E6326EE6-7047-4DB6-BAE3-02B83617437F}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe => Ningún archivo
FirewallRules: [{BC0B3967-07E9-446D-A21D-C99D052069B5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F070114E-F4DC-4E8E-BB35-253AEDE7C4BC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8E0A957F-8235-4178-9820-B69C25FF34A6}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{B1D30D24-2F42-4E72-AB9E-86C6BE9AD51D}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F7C1FE4B-2EE8-44E5-A825-24A65EC3B09D}] => (Allow) C:\Users\Admin\AppData\Local\Programs\Opera\66.0.3515.44\opera.exe => Ningún archivo
FirewallRules: [{4DA22866-EBE7-465E-9D3B-B42717812939}] => (Allow) E:\Juegos\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{44FC4102-C10A-4071-852E-F1725CE867D9}] => (Allow) E:\Juegos\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{0C0825BC-657F-422D-A04B-04BAF7C46215}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{001CEDD0-FA21-4B43-968E-5C85F0A13175}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{33A4578B-9A7F-43AA-B407-45F4012030FD}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{AF17B283-B4B8-47EF-8C37-6EE9BD414FC5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================

ATENCIÓN: Restaurar Sistema está deshabilitado (Total:111.69 GB) (Free:26.83 GB) (24%)

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (08/07/2020 03:55:03 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2020-08-07T15:49:03Z. Error Code: 0x80041321.

Error: (08/07/2020 01:55:03 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2020-08-07T13:49:03Z. Error Code: 0x80041321.

Error: (08/07/2020 11:55:03 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2020-08-07T11:49:03Z. Error Code: 0x80041321.

Error: (08/07/2020 11:45:03 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/06/2020 08:26:21 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2020-08-06T20:20:21Z. Error Code: 0x80041321.

Error: (08/06/2020 06:26:21 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2020-08-06T18:20:21Z. Error Code: 0x80041321.

Error: (08/06/2020 04:26:21 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2020-08-06T16:20:21Z. Error Code: 0x80041321.

Error: (08/06/2020 02:26:21 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2020-08-06T14:20:21Z. Error Code: 0x80041321.


Errores del sistema:
=============
Error: (08/07/2020 05:27:17 PM) (Source: DCOM) (EventID: 10016) (User: Fer-PC)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
 y APPID 
{56BE716B-2F76-4DFA-8702-67AE10044F0B}
 al usuario Fer-PC\Fer 2_2 con SID (S-1-5-21-570404620-873943029-220001324-1004) en la dirección LocalHost (con LRPC). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/07/2020 05:27:17 PM) (Source: DCOM) (EventID: 10016) (User: Fer-PC)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
 y APPID 
{56BE716B-2F76-4DFA-8702-67AE10044F0B}
 al usuario Fer-PC\Fer 2_2 con SID (S-1-5-21-570404620-873943029-220001324-1004) en la dirección LocalHost (con LRPC). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/07/2020 05:27:17 PM) (Source: DCOM) (EventID: 10016) (User: Fer-PC)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
 y APPID 
{56BE716B-2F76-4DFA-8702-67AE10044F0B}
 al usuario Fer-PC\Fer 2_2 con SID (S-1-5-21-570404620-873943029-220001324-1004) en la dirección LocalHost (con LRPC). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/07/2020 05:26:56 PM) (Source: DCOM) (EventID: 10016) (User: Fer-PC)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
 y APPID 
{56BE716B-2F76-4DFA-8702-67AE10044F0B}
 al usuario Fer-PC\Fer 2_2 con SID (S-1-5-21-570404620-873943029-220001324-1004) en la dirección LocalHost (con LRPC). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/07/2020 05:26:56 PM) (Source: DCOM) (EventID: 10016) (User: Fer-PC)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
 y APPID 
{56BE716B-2F76-4DFA-8702-67AE10044F0B}
 al usuario Fer-PC\Fer 2_2 con SID (S-1-5-21-570404620-873943029-220001324-1004) en la dirección LocalHost (con LRPC). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/07/2020 05:26:56 PM) (Source: DCOM) (EventID: 10016) (User: Fer-PC)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
 y APPID 
{56BE716B-2F76-4DFA-8702-67AE10044F0B}
 al usuario Fer-PC\Fer 2_2 con SID (S-1-5-21-570404620-873943029-220001324-1004) en la dirección LocalHost (con LRPC). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/07/2020 05:25:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 y APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/07/2020 05:25:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio NVIDIA Display Driver Service se terminó de manera inesperada. Esto ha sucedido 1 veces.


==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. 2.20 10/21/2015
Placa base: MSI H110M PRO-D (MS-7996)
Procesador: Intel(R) Core(TM) i5-6600 CPU @ 3.30GHz
Porcentaje de memoria en uso: 31%
RAM física total: 8155.75 MB
RAM física disponible: 5619.73 MB
Virtual total: 20835.89 MB
Virtual disponible: 18274.32 MB

==================== Unidades ================================

Drive b: (RAMDisk) (Fixed) (Total:0.25 GB) (Free:0.25 GB) FAT32
Drive c: () (Fixed) (Total:111.69 GB) (Free:26.83 GB) NTFS
Drive e: (SEAGATE DESKTOP) (Fixed) (Total:931.51 GB) (Free:495.27 GB) NTFS

\\?\Volume{e0909ea3-0350-11e6-befb-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 08202DDC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 558E8488)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================

Fernando_Gimenez · 7 Agosto, 2020 15:48


Resultado del análisis de Acceso directo de usuarios (x64) Versión: 29-07-2020
Ejecutado por Admin (07-08-2020 17:32:35)
Ejecutado desde C:\Users\Fer 2_2\Desktop
Modo de Inicio: Normal

==================== Accesos directos =============================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)


Shortcut: C:\Users\Admin\Links\Desktop.lnk -> C:\Users\Admin\Desktop ()
Shortcut: C:\Users\Admin\Links\Downloads.lnk -> C:\Users\Admin\Downloads ()
Shortcut: C:\Users\Admin\Links\RecentPlaces.lnk -> [::{22877A6D-37A1-461A-91B0-DBDA5AAEBC99}]
Shortcut: C:\Users\Admin\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Admin\Desktop\µTorrent.lnk -> C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -> C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk -> C:\Users\Admin\AppData\Local\Programs\Opera\launcher.exe (Ningún archivo)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\SendTo\Transferencia de archivos Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Office\Reciente\EMPRESA SIPCAM INAGRA S.LNK -> F:\11-1-2015\EMPRESA SIPCAM INAGRA S.docx (Ningún archivo)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -> C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (Audacity Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk -> E:\Juegos\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk -> C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk -> C:\Windows\Installer\{90160000-0012-0000-1000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Ayuda WinRAR.lnk -> C:\Program Files\WinRAR\winrar.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual RAR para consola.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Que hay de nuevo en la última versión.lnk -> C:\Program Files\WinRAR\Novedades.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeraCrypt\VeraCrypt.lnk -> C:\Program Files\VeraCrypt\VeraCrypt.exe (IDRIX)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeraCrypt\VeraCryptExpander.lnk -> C:\Program Files\VeraCrypt\VeraCryptExpander.exe (IDRIX)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast\SopCast.lnk -> C:\Program Files (x86)\SopCast\SopCast.exe (www.sopcast.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roccat\Savu Mouse\Savu Driver.lnk -> C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe (ROCCAT GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roccat\Savu Mouse\Uninstall Driver.lnk -> C:\Program Files (x86)\ROCCAT\Savu Mouse\UnInstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Desinstalar Revo Uninstaller.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller Help.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller\Revo Uninstaller Help.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe (VS Revo Group)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\MSI RAMDisk\Desinstalar MSI RAMDisk.lnk -> C:\Program Files (x86)\MSI\MSI RAMDisk\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\MSI RAMDisk\MSI RAMDisk.lnk -> C:\Program Files (x86)\MSI\MSI RAMDisk\MSI_RAMDisk.exe (Micro-Star Int'l Co., Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\Fast Boot\Desinstalar Fast Boot.lnk -> C:\Program Files (x86)\MSI\Fast Boot\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\Fast Boot\Fast Boot.lnk -> C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories\Ayuda de accesorios Microsoft Xbox 360.lnk -> C:\Program Files\Microsoft Xbox 360 Accessories\Xboxhelp.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories\Estado de accesorios Microsoft Xbox 360.lnk -> C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Gaming Software 8.98.lnk -> C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Options.lnk -> C:\Program Files\Logitech\LogiOptions\LogiOptions.exe (Logitech, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.2\LibreOffice Base.lnk -> C:\Program Files\LibreOffice\program\sbase.exe (The Document Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.2\LibreOffice Calc.lnk -> C:\Program Files\LibreOffice\program\scalc.exe (The Document Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.2\LibreOffice Draw.lnk -> C:\Program Files\LibreOffice\program\sdraw.exe (The Document Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.2\LibreOffice Impress.lnk -> C:\Program Files\LibreOffice\program\simpress.exe (The Document Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.2\LibreOffice Math.lnk -> C:\Program Files\LibreOffice\program\smath.exe (The Document Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.2\LibreOffice Writer.lnk -> C:\Program Files\LibreOffice\program\swriter.exe (The Document Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.2\LibreOffice.lnk -> C:\Program Files\LibreOffice\program\soffice.exe (The Document Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurar Java.lnk -> C:\Program Files\Java\jre1.8.0_161\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office 2016\Centro de carga de Office 2016.lnk -> C:\Windows\Installer\{90160000-0012-0000-1000-0000000FF1CE}\msouc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google\Google Docs.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Ningún archivo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google\Google Drive.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Ningún archivo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google\Google Sheets.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Ningún archivo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google\Google Slides.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Ningún archivo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\The Witcher 3 Wild Hunt.lnk -> [LF6"pH,R GFSIgmL8 zThe Witcher 3: Wild Hunt(1SPSXFL8C&m]
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps\Fraps.lnk -> C:\Program Files\fraps.exe (Beepa P/L)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps\Uninstall.lnk -> C:\Program Files\uninstall.exe (Beepa Pty Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DAEMON Tools Lite.lnk -> C:\Program Files\DAEMON Tools Lite\DTLauncher.exe (Disc Soft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo\CrystalDiskInfo.lnk -> C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe (Crystal Dew World)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Software Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google\Backup and Sync from Google.lnk -> C:\Program Files\Google\Drive\googledrivesync.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Xonar DGX Audio\Xonar DGX Audio Center.lnk -> C:\Program Files\ASUS Xonar DGX Audio\Customapp\AsusAudioCenter.exe (CMedia)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Bluetooth File Transfer Wizard.lnk -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A3Launcher\A3Launcher.lnk -> C:\Program Files (x86)\A3Launcher\A3Launcher.exe (Ningún archivo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files (x86)\7-Zip\7zFM.exe (Igor Pavlov)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files (x86)\7-Zip\7-zip.chm ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Ayuda WinRAR.lnk -> C:\Program Files\WinRAR\winrar.chm ()
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual RAR para consola.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Que hay de nuevo en la última versión.lnk -> C:\Program Files\WinRAR\Novedades.txt ()
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Security Essentials.lnk -> C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\ReadMe.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\Doc\ReadMe.pdf ()
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\RivaTuner Statistics Server.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ()
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\Uninstall.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\Uninstall.exe ()
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\RivaTuner Statistics Server localization reference.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\SDK\Doc\Localization reference.pdf ()
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\RivaTuner Statistics Server skin format reference.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\SDK\Doc\USF skin format reference.pdf ()
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\Samples.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\SDK\Samples ()
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\MSI Afterburner.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\ReadMe.lnk -> C:\Program Files (x86)\MSI Afterburner\Doc\ReadMe.pdf (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\Uninstall.lnk -> C:\Program Files (x86)\MSI Afterburner\Uninstall.exe (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\MSI Afterburner localization reference.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Doc\Localization reference.pdf (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\MSI Afterburner skin format reference.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Doc\USF skin format reference.pdf (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\Samples.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Samples (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Office\Reciente\2. CONDICIONES DE PAGO DE SALARIO 2015.LNK -> C:\Users\Fer 2\Desktop\Hands4events\2. CONDICIONES DE PAGO DE SALARIO 2015.docx (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Office\Reciente\3. Recibí información.LNK -> C:\Users\Fer 2\Desktop\Hands4events\3. Recibí información.docx (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Office\Reciente\Cuestionario PRL Sector Hostelería y Restauración.LNK -> C:\Users\Fer 2\Desktop\Hands4events\Cuestionario PRL Sector Hostelería y Restauración.docx (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Office\Reciente\CV Fernando Gimenez Quilez.LNK -> C:\Users\Fer 2\Documents\CV Fernando Gimenez Quilez.doc (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Office\Reciente\Ejemplo Prueba Escrita B2 Inglés - new for web January 2017 Final version 17-1-17.LNK -> E:\Descargas\Ejemplo Prueba Escrita B2 Inglés - new for web January 2017 Final version 17-1-17.docx (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Office\Reciente\Escritorio.LNK -> C:\Users\Fer 2\Desktop (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Office\Reciente\Gestión de residuos (1).LNK -> E:\Descargas\Gestión de residuos (1).doc (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Office\Reciente\Gestión de residuos.LNK -> C:\Users\Fer 2\Documents\Saona\Gestión de residuos.doc (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Office\Reciente\Hands4events.LNK -> C:\Users\Fer 2\Desktop\Hands4events (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Office\Reciente\INSCRIPCIÓN CARRANCS EL GRAU.LNK -> E:\Descargas\INSCRIPCIÓN CARRANCS EL GRAU.doc (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Office\Reciente\mi cv.LNK -> C:\Users\Fer 2\Documents\mi cv.doc (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Office\Reciente\q9Lfu21eI7 (1).LNK -> E:\Descargas\q9Lfu21eI7 (1).DOC (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Office\Reciente\q9Lfu21eI7.LNK -> E:\Descargas\q9Lfu21eI7.DOC (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Office\Reciente\Saona.LNK -> C:\Users\Fer 2\Documents\Saona (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk -> C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\DS4Windows.lnk -> C:\Users\Admin\Documents\DS4Windows.exe (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\foobar2000.lnk -> C:\Program Files (x86)\foobar2000\foobar2000.exe (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Fraps.lnk -> C:\Program Files (x86)\Fraps\fraps.exe (Beepa P/L)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Spotify.lnk -> C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Uplay launcher.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\µTorrent.lnk -> C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Software Ltd)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\CrystalDiskInfo.lnk -> C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe (Crystal Dew World)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\DAEMON Tools Lite.lnk -> C:\Program Files\DAEMON Tools Lite\DTLauncher.exe (Disc Soft Ltd)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Kaspersky Security Scan.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Security Essentials.lnk -> C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\MSI Afterburner.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Savu Driver.lnk -> C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe (ROCCAT GmbH)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Smart Switch.lnk -> C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe (Ningún archivo)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\WNetWatcher.lnk -> C:\Program Files\WNetWatcher\WNetWatcher.exe (NirSoft)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Xonar DGX Audio Center.lnk -> C:\Program Files\ASUS Xonar DGX Audio\Customapp\AsusAudioCenter.exe (CMedia)
Shortcut: C:\Users\Fer 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2\$RMEUZFN\Dev-C++.lnk -> C:\Program Files (x86)\Dev-Cpp\devcpp.exe (Ningún archivo)
Shortcut: C:\Users\Fer 2\$RMEUZFN\Fer.lnk -> C:\Users\Admin ()
Shortcut: C:\Users\Fer 2\$RMEUZFN\RE.lnk -> E:\Juegos\Resident Evil HD Remaster\Resident Evil HD Remaster\bhd.exe ()
Shortcut: C:\Users\Fer 2\$RMEUZFN\XCom2.lnk -> E:\Juegos\XCOM 2\Binaries\Win64\XCom2.exe (Ningún archivo)
Shortcut: C:\Users\Fer 2\$R6OTAVO\Desktop.lnk -> C:\Users\Admin\Desktop ()
Shortcut: C:\Users\Fer 2\$R6OTAVO\Downloads.lnk -> C:\Users\Admin\Downloads ()
Shortcut: C:\Users\Fer 2\$R6OTAVO\Google Drive.lnk -> C:\Users\Admin\Google Drive (Ningún archivo)
Shortcut: C:\Users\Fer 2\$R6OTAVO\RecentPlaces.lnk -> [::{22877A6D-37A1-461A-91B0-DBDA5AAEBC99}]
Shortcut: C:\Users\Fer 2_2\Links\Desktop.lnk -> C:\Users\Fer 2_2\Desktop ()
Shortcut: C:\Users\Fer 2_2\Links\Downloads.lnk -> C:\Users\Fer 2_2\Downloads ()
Shortcut: C:\Users\Fer 2_2\Links\Google Drive.lnk -> C:\Users\Fer 2_2\Google Drive ()
Shortcut: C:\Users\Fer 2_2\Links\RecentPlaces.lnk -> [::{22877A6D-37A1-461A-91B0-DBDA5AAEBC99}]
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Word\Fuera%20de%20plazo308246863255935943\Fuera%20de%20plazo.pdf.lnk -> C:\Users\Fer 2_2\Desktop\Fuera de plazo.pdf (Ningún archivo)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -> C:\Users\Fer 2_2\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Users\Fer 2_2\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Ayuda WinRAR.lnk -> C:\Program Files\WinRAR\winrar.chm ()
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual RAR para consola.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Que hay de nuevo en la última versión.lnk -> C:\Program Files\WinRAR\Novedades.txt ()
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\SendTo\Transferencia de archivos Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Office\Reciente\1369753.LNK -> E:\Descargas\1369753.doc (Ningún archivo)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Office\Reciente\carta presentacion ikea.LNK -> C:\Users\Fer 2_2\Desktop\carta presentacion ikea.docx (Ningún archivo)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Office\Reciente\CV Fernando Gimenez Quilez.LNK -> C:\Users\Fer 2_2\Google Drive\Mis Documentos\CV Fernando Gimenez Quilez.docx ()
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Office\Reciente\Escritorio.LNK -> C:\Users\Fer 2_2\Desktop ()
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Office\Reciente\Fuera de plazo (2).LNK -> C:\Users\Fer 2_2\Desktop\Fuera de plazo.pdf (Ningún archivo)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Office\Reciente\Fuera de plazo.LNK -> C:\Users\Fer 2_2\Desktop\Fuera de plazo.docx (Ningún archivo)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Office\Reciente\Mis Documentos.LNK -> C:\Users\Fer 2_2\Google Drive\Mis Documentos ()
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Office\Reciente\obtenerDocumento.LNK -> C:\Users\Fer 2_2\Desktop\obtenerDocumento.doc (Ningún archivo)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Office\Reciente\Resolver ejercicio.LNK -> C:\Users\Fer 2_2\Desktop\Resolver ejercicio.docx (Ningún archivo)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Office\Reciente\Tratamiento con antibióticos herbáceos.LNK -> C:\Users\Fer 2_2\Desktop\Tratamiento con antibióticos herbáceos.doc (Ningún archivo)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Office\Reciente\Y7zTTj10V3 (1).LNK -> E:\Descargas\Y7zTTj10V3 (1).DOC (Ningún archivo)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Office\Reciente\Y7zTTj10V3.LNK -> E:\Descargas\Y7zTTj10V3.DOC (Ningún archivo)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Spotify.lnk -> C:\Users\Fer 2_2\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\AsusAudioCenter .lnk -> C:\Program Files\ASUS Xonar DGX Audio\Customapp\AsusAudioCenter.exe (CMedia)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (Audacity Team)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Backup and Sync from Google.lnk -> C:\Program Files\Google\Drive\googledrivesync.exe ()
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\CrystalDiskInfo.lnk -> C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe (Crystal Dew World)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\DAEMON Tools Lite.lnk -> C:\Program Files\DAEMON Tools Lite\DTLauncher.exe (Disc Soft Ltd)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\LibreOffice.lnk -> C:\Program Files\LibreOffice\program\soffice.exe (The Document Foundation)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\MSI RAMDisk.lnk -> C:\Program Files (x86)\MSI\MSI RAMDisk\MSI_RAMDisk.exe (Micro-Star Int'l Co., Ltd.)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Oracle VM VirtualBox.lnk -> E:\VirtualBox\VirtualBox.exe (Oracle Corporation)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Savu Driver.lnk -> C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe (ROCCAT GmbH)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\VeraCrypt.lnk -> C:\Program Files\VeraCrypt\VeraCrypt.exe (IDRIX)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\WNetWatcher.lnk -> C:\Program Files\WNetWatcher\WNetWatcher.exe (NirSoft)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\µTorrent.lnk -> C:\Users\Fer 2_2\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Apex Legends.lnk -> E:\Juegos\Apex\r5apex.exe (Respawn Entertainment)
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Software Ltd)


ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeraCrypt\Uninstall VeraCrypt.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> appwiz.cpl
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories\Buscar actualizaciones.lnk -> C:\Program Files\Microsoft Xbox 360 Accessories\AUSetting.exe (Microsoft Corporation) -> -forcecheck
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.2\LibreOffice (Safe Mode).lnk -> C:\Program Files\LibreOffice\program\soffice.exe (The Document Foundation) -> --safe-mode
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Acerca de Java.lnk -> C:\Program Files\Java\jre1.8.0_161\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Comprobar Actualizaciones.lnk -> C:\Program Files\Java\jre1.8.0_161\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google\Google Docs.lnk -> C:\Program Files\Google\Drive\googledrivesync.exe () -> --new_document
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google\Google Sheets.lnk -> C:\Program Files\Google\Drive\googledrivesync.exe () -> --new_spreadsheet
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google\Google Slides.lnk -> C:\Program Files\Google\Drive\googledrivesync.exe () -> --new_presentation
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Fer 2\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Drive.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Fer 2_2\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo


InternetURL: C:\Users\Admin\Favorites\Links for España\AENA aeropuertos.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129708
InternetURL: C:\Users\Admin\Favorites\Links for España\Agencia Estatal de Meteorología.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129707
InternetURL: C:\Users\Admin\Favorites\Links for España\Portal MSN (España).url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129710
InternetURL: C:\Users\Admin\Favorites\Links for España\Protección de menores.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129711
InternetURL: C:\Users\Admin\Favorites\Links for España\Renfe - Ferrocarril.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129709
InternetURL: C:\Users\Admin\Favorites\Links for España\Web oficial de Turismo de España.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129706
InternetURL: C:\Users\Admin\Favorites\Links for España\www.060.es, Portal de la Administración General del Estado.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129705
InternetURL: C:\Users\Admin\Favorites\Links\Galería de Web Slice.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Admin\Favorites\Links\Sitios sugeridos.url -> URL: hxxps://ieonline.microsoft.com/#ieslice
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeraCrypt\VeraCrypt Website.url -> URL: hxxps://veracrypt.codeplex.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller en la Web.url -> URL: hxxps://www.revouninstaller.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\MSI RAMDisk\MSI Website.url -> URL: hxxp://www.msi.com/index.php
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\Fast Boot\MSI Website.url -> URL: hxxp://www.msi.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Obtener Ayuda.url -> URL: hxxp://java.com/help
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visite Java.com.url -> URL: hxxp://java.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> URL: hxxp://www.ccleaner.com/ccleaner
InternetURL: C:\Users\Fer 2\$RMEUZFN\Age of Empires II HD Edition.url -> URL: steam://rungameid/221380
InternetURL: C:\Users\Fer 2\$RMEUZFN\DayZ.url -> URL: steam://rungameid/221100
InternetURL: C:\Users\Fer 2\$RMEUZFN\Resident Evil 7  Biohazard 7 Teaser Beginning Hour.url -> URL: steam://rungameid/530620
InternetURL: C:\Users\Fer 2\$RMEUZFN\Street Fighter V.url -> URL: steam://rungameid/310950
InternetURL: C:\Users\Fer 2\$RMEUZFN\Tom Clancy's Rainbow Six Siege.url -> URL: uplay://launch/635/0
InternetURL: C:\Users\Fer 2\$RM5VWH8\Links for España\AENA aeropuertos.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129708
InternetURL: C:\Users\Fer 2\$RM5VWH8\Links for España\Agencia Estatal de Meteorología.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129707
InternetURL: C:\Users\Fer 2\$RM5VWH8\Links for España\Portal MSN (España).url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129710
InternetURL: C:\Users\Fer 2\$RM5VWH8\Links for España\Protección de menores.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129711
InternetURL: C:\Users\Fer 2\$RM5VWH8\Links for España\Renfe - Ferrocarril.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129709
InternetURL: C:\Users\Fer 2\$RM5VWH8\Links for España\Web oficial de Turismo de España.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129706
InternetURL: C:\Users\Fer 2\$RM5VWH8\Links for España\www.060.es, Portal de la Administración General del Estado.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129705
InternetURL: C:\Users\Fer 2\$RM5VWH8\Links\Galería de Web Slice.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Fer 2\$RM5VWH8\Links\Sitios sugeridos.url -> URL: hxxps://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\Fer 2_2\Favorites\Links for España\AENA aeropuertos.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129708
InternetURL: C:\Users\Fer 2_2\Favorites\Links for España\Agencia Estatal de Meteorología.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129707
InternetURL: C:\Users\Fer 2_2\Favorites\Links for España\Portal MSN (España).url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129710
InternetURL: C:\Users\Fer 2_2\Favorites\Links for España\Protección de menores.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129711
InternetURL: C:\Users\Fer 2_2\Favorites\Links for España\Renfe - Ferrocarril.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129709
InternetURL: C:\Users\Fer 2_2\Favorites\Links for España\Web oficial de Turismo de España.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129706
InternetURL: C:\Users\Fer 2_2\Favorites\Links for España\www.060.es, Portal de la Administración General del Estado.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129705
InternetURL: C:\Users\Fer 2_2\Favorites\Links\Galería de Web Slice.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Fer 2_2\Favorites\Links\Sitios sugeridos.url -> URL: hxxps://ieonline.microsoft.com/#ieslice

==================== Final  Shortcut.txt =============================

Comentarte que tras finalizar todos los análisis, el puntero me sigue haciendo movimientos extraños.

JavierHF · 7 Agosto, 2020 16:24

Bien… y ahora sigue estos pasos, MUY Importante Realiza una copia de seguridad del registro :

Para hacerlo descarga DelFix.exe(en tu escritorio).
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
Atención, ahora marca/selecciona únicamente la casilla Create registry backup, las demás casillas NO.
Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.

Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Ningún archivo
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [468]
MSCONFIG\startupreg: AceStream => C:\Users\Fer 2_2\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-570404620-873943029-220001324-1004\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-570404620-873943029-220001324-1005\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
Task: {0EE54A22-B400-42C0-9043-A284411CD3DA} - System32\Tasks\{B266CC71-D486-41E6-BA29-F41AE2927BCE} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.17.0.106&LastError=404
Task: {2147C284-CB09-48A7-9A49-58B2765091A2} - System32\Tasks\{5F99CCBD-3403-4955-81D2-B9E02FA1538C} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.22.0.109/es/go/help.faq.installer?LastError=1603
Task: {4C5CB531-41AB-4117-85DD-28999D6EACD2} - System32\Tasks\{1F15607F-8A16-4F3A-B374-E9A3654A55C8} => C:\Windows\system32\pcalua.exe -a E:\Descargas\Xbox360_64Esp.exe -d E:\Descargas
Task: {711A782B-61F5-46AE-B180-65D14AFA39A5} - System32\Tasks\{93BAEC50-88A8-4C49-AB88-61872235CCDF} => C:\Windows\system32\pcalua.exe -a "D:\OtherDriver\Intel SBA\IntelSba_4.0.40.exe" -d "D:\OtherDriver\Intel SBA" -c -silent
Task: {8DB9422B-9DBD-4763-BD5F-9B3D1362CBEE} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Fer 2_2\Desktop\adwcleaner_8.0.7.exe [8414384 2020-07-31] (Malwarebytes Inc -> Malwarebytes)
Task: {AFFE5551-6479-4263-87A7-7CFB4FF00FFB} - System32\Tasks\{F9D6761A-D299-4EA5-8275-CA6B26370472} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.17.0.106&LastError=404
Task: {E0D78689-56A1-4403-B3DD-EF82AFDC0AF2} - System32\Tasks\{174BA62B-B699-4F39-98D9-F5FF62D51231} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.22.0.109/es/go/help.faq.installer?LastError=1603
Task: {FD753E27-41DC-42E9-AF14-0D80025C807B} - System32\Tasks\{6424C860-4833-4C3B-9266-86976B5533C9} => C:\Windows\system32\pcalua.exe -a C:\Users\Fer\Desktop\wlsetup-web.exe -d C:\Users\Fer\Desktop
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-02-26] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-26] (Oracle America, Inc. -> Oracle Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll Ningún archivo
HKU\S-1-5-18\...\Run: [KSS] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun
FF NewTab: Mozilla\Firefox\Profiles\e3s140rg.default -> hxxps://defaultsearch.co/homepage?hp=1&pId=BT171001&iDate=2019-12-22 07:44:14&bName=&bitmask=0300
FF NewTab: Mozilla\Firefox\Profiles\cai9e4w4.default-release -> hxxps://defaultsearch.co/homepage?hp=1&pId=BT171001&iDate=2019-12-22 07:44:14&bName=&bitmask=0300
FF HKU\S-1-5-21-570404620-873943029-220001324-1004\...\Firefox\Extensions: [[email protected]] - C:\Users\Fer 2_2\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => no encontrado
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin HKU\S-1-5-21-570404620-873943029-220001324-1004: @acestream.net/acestreamplugin,version=3.1.16.1 -> C:\Users\Fer 2_2\AppData\Roaming\ACEStream\player\npace_plugin.dll [Ningún archivo]
CHR DefaultSearchURL: Default -> hxxps://es.search.yahoo.com/search?fr=mcafee&type=E210ES91082G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://es.search.yahoo.com/sugg/gossip/gossip-es-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR HKU\S-1-5-21-570404620-873943029-220001324-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-570404620-873943029-220001324-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
S2 kss; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" -r [X]
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
S3 BEDaisy; \??\C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
C:\Program Files (x86)\Kaspersky Lab
C:\Program Files\McAfee
2020-08-07 17:23 - 2020-08-07 17:23 - 000003102 _____ C:\Windows\system32\Tasks\AdwCleaner_onReboot
2020-08-07 17:24 - 2016-04-15 17:43 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-07-31 17:00 - 2016-04-24 16:55 - 000000000 ____D C:\ProgramData\AVG
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.

Nota Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora inicia tu equipo desde el Modo Seguro – con funciones de Red, de Windows

Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
Presionar el botón FIX/Corregir y aguardar a que termine.
La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.