Desde hace un tiempo, tengo un problema, una ventana que no se puede cerrar aparece en primer plano, diciéndome que actualice mi navegador a Yahoo!, y para quitarla, me toca cerrar el proceso desde el administrador de tareas, tamb8ien, no se si esta relacionado, algunos iconos de algunos programas han desaparecido, no afecta s funcionamiento pero es algo molesto, además, ahora cuando enciendo mi pc, aparecen dos avisos para que le de permisos de administrador, actualmente no me acuerdo, en futuros post publicare el nombre de estos dos programas, si me pudieran ayudar, estaría bastante agradecido. aparte, noto una pequeña relentizacion en el equipo.
Realiza los siguientes pasos, , sin cambiar el orden
1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware,
Manual Malwarebytes, para que sepas usarlo y configurarlo.
- Realiza un Análisis Personalizado,marcando Todas las casillas de la derecha y de la Izquierda actualizando si te lo pide.
- Pulsar en “Eliminar Seleccionados” para enviarlo a la cuarentena y Reinicias el sistema.
- Para acceder posteriormente al informe del análisis : Informes >> Registro de análisis >> Pulsar en >> Exportar >> Copiar al Portapapeles, y lo pegas en tu respuesta
2) Descarga Adwcleaner en el escritorio.
-
Desactiva tu antivirus
Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad. -
Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
-
Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.
-
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
-
Si no encuentra nada, pulsamos “Omitir Reparación”
-
El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"
Puedes mirar su manual >> Manual de Adwcleaner
3) Descarga Ccleaner
Instalalo y ejecútalo. En la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador. Clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad.
Pega los reportes de Malwarebytes, AdwCleaner y comentas como va el problema.
Hola, perdón por no responder mas a tiempo, pero tuve algunas dificultades, espero mandar los reportes unas horas mas tarde cuando llegue de estudiar, escrito con el fin de notificar que, el Windows se me ha desactivado de la nada, y no se si esto esté relacionado, también tengo los nombres de los procesos que me piden autorización al iniciar, estos son svhost.exe y explorer.exe, espero su respuesta y mas tarde mandare los envíos, disculpas de todas maneras.
Primero realiza lo indicado, y vamos viendo,pues sin hacer nada no puedo adivinar de donde vienen los problemas,y para ello necesito los informes que te vaya pidiendo
hola, perdon por la demora, aqui estan los reportes que solicito. uyy.txt (96,8 KB) AdwCleaner[S01].txt (3,4 KB) el que tiene por nombre “uyy” es el de malwarebytes, perdon por el nombre, en cuenato al problema, parece que se soluciono lo de la publicidad, pero aun no se por que se me desactivo el windows. un saludo y gracias por responder. (perdon por la demora)
Antes de nada…Malwarebytes pone “sin acciones por el usuario”…mandaste a cuarentena todos?’
Revisa y comprueba que esos elementos esten en cuarentena, pùes el resultado dice que cancelaste y que no hay nada eliminado
Resultado: Cancelado
Objetos analizados: 200154
Amenazas detectadas: 417
Amenazas en cuarentena: 0
Con Adwcleaner, pulsaste en eliminar después de analizar??
Si es asi tiene que haber otro log
aqui esta el otro log de adwcleaner.
[
Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-09-23.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-24-2019
# Duration: 00:00:10
# OS: Windows 7 Enterprise
# Cleaned: 20
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\ByteFence
Deleted C:\ProgramData\Tencent
Deleted C:\Users\santiago\AppData\Local\28050
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
Not Deleted C:\Users\santiago\AppData\Roaming\Tencent
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\SVCHOST
***** [ Registry ] *****
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE099D03-929E-49A3-9E9A-8FD332BC8A75}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE099D03-929E-49A3-9E9A-8FD332BC8A75}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\svchost
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\updane
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{66FD3A79-2F97-4344-93C5-4CD96B38C517}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{7D1D32AF-F0C5-4E06-8635-122D920E28F0}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{F38A5F7B-2748-4242-94BB-2ACA5BB733F4}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{F9FD2B4E-302E-46F8-9F5C-1766FA0D5FA9}
Deleted HKLM\Software\Classes\METNSD
***** [ Chromium (and derivatives) ] *****
Deleted Search Manager
Deleted Search Manager
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1669 octets] - [27/05/2019 11:35:42]
AdwCleaner[C00].txt - [1743 octets] - [27/05/2019 11:36:20]
AdwCleaner_Debug.log - [18851 octets] - [24/09/2019 13:57:37]
AdwCleaner[S01].txt - [3482 octets] - [24/09/2019 13:58:45]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
y en cuanto a lo de malware bytes, justo salto una actualizacion y se cerro el programa y no me dejo ponerlos en cuarentena.
Los logs debes pegarlos como se indica, luego ya si hay problemas para poner alguno, se indicara.
Pues si Malwarebytes se cerro y no pudiste ponerlos en cuarentena, 400 amenazas que tenias o tienes,que crees que deberías de hacer??’
Repite el análisis y me pegas el log
ya puse en cuarentena las 400 amenazas jajaja, pero me podrias mandar un ejemplo de como poner los logs? es que se me olvida el como hacerlo :C, ademas, no se si volver a activar mi windows con un activador de estos, tengo miedo de que contenga mas virus, y tampoco se porque tenia tantos, suelo ser cuidadoso, y me percato bien de donde descargo mis cosas y si estan infectadas o no.
En esta respuesta te pido unos logs adicionales y te pongo como debes ponerlos.Pon en una respuesta el de Malwarebytes y en otras, las necesarias, los que te pido ahora
En cuanto a lo de activación de windows, en eso no te puedo ayudar, pues la pirateria no esta permitida en el foro.Si tu licencia no es legal, normal que llegado un momento se desactive…la solución…ya sabes
-
Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.
-
Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits)
¿Cómo saber si mi Windows es de 32 o 64 bits? -
Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.
-
En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.
-
Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.
En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST
Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.
bien, perdon por los problemas que te cause, aqui va el informe de malwarebytes.
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 27/9/19
Hora del análisis: 17:13
Archivo de registro: 0e7d4480-e174-11e9-b6c8-003067bdf35a.json
-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.625
Versión del paquete de actualización: 1.0.12663
Licencia: Prueba
-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: System
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Programador de tareas
Resultado: Cancelado
Objetos analizados: 192984
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 9 min, 49 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 0
(No hay elementos maliciosos detectados)
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0y aqui los informes que me dio el programa frst64.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-09-2019
Ran by santiago (administrator) on SANTIAGO-PC (BIOSTAR Group H61MH) (27-09-2019 17:32:39)
Running from C:\Users\santiago\Desktop
Loaded Profiles: santiago (Available Profiles: santiago)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\santiago\AppData\Roaming\uTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\santiago\AppData\Roaming\uTorrent\updates\3.5.5_45341\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\santiago\AppData\Roaming\uTorrent\updates\3.5.5_45341\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\santiago\AppData\Roaming\uTorrent\uTorrent.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lexmark International, Inc. -> ) C:\Windows\System32\lxczcoms.exe
(LogMeIn, Inc. -> LogMeIn Inc.) G:\hjh\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) G:\hjh\x64\LMIGuardianSvc.exe
(Malwarebytes Corporation -> Malwarebytes) G:\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) G:\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\santiago\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Panda Security S.L -> Panda Security) G:\Panda USB Vaccine\USBVaccine.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Tencent Technology(Shenzhen) Company Limited -> Tencent) G:\program files\txgameassistant\appmarket\QMEmulatorService.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391096 2019-01-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Acrotray.exe [1868336 2019-07-26] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => G:\hjh\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKU\S-1-5-21-1066829708-2042649287-4230230453-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1066829708-2042649287-4230230453-1000\...\Run: [uTorrent] => C:\Users\santiago\AppData\Roaming\uTorrent\uTorrent.exe [1823472 2019-09-07] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-1066829708-2042649287-4230230453-1000\...\Run: [EpicGamesLauncher] => G:\epicmierdas\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35941264 2019-09-17] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1066829708-2042649287-4230230453-1000\...\MountPoints2: H - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1066829708-2042649287-4230230453-1000\...\MountPoints2: {5d82d1f6-d8ea-11e9-81c8-003067bdf35a} - H:\Setup.exe
HKU\S-1-5-21-1066829708-2042649287-4230230453-1000\...\MountPoints2: {703d5e00-fe09-11e7-ba36-b3a6e30b9393} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1066829708-2042649287-4230230453-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\Plane9.scr
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-19] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0C060235-0069-4311-83F8-622E6C714C33} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe
Task: {1057A4AB-B801-4968-AF26-5907EF68251E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-01-20] (Google Inc -> Google Inc.)
Task: {3B0BA352-87FF-4AF8-83C2-C273964F2566} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-01-20] (Google Inc -> Google Inc.)
Task: {3C421EB4-0BAB-4B90-87A6-1F11CFA9E546} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [157144 2019-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {57F11FAD-C306-47C4-A411-36EC5EBF8FD5} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {590D536F-EABE-4575-B70B-6A764F22F80F} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5B38B98F-A996-4469-BF4D-9B6AE0383FD8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5BD124AC-833B-42D2-8516-488F786A5D13} - System32\Tasks\Updane\{662EDBB8-A403-3E38-85DA-0B94D42F2999} => C:\Users\santiago\AppData\Local\662edbb8a4033e3885da0b94d42f2999\Updane.exe [616448 2013-04-27] () [File not signed]
Task: {63E99D1C-AA4F-495B-B7D7-3269C683B29A} - System32\Tasks\{AC27D5EF-B095-48DF-BC55-1FBEA5F9D434} => C:\Windows\system32\pcalua.exe -a "G:\Halo CE\halocesetup_es_1.00.exe" -d "G:\Halo CE"
Task: {69730EDA-6307-4723-A27E-02400013A709} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2174624 2019-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {6AE40135-32C0-49E7-A84E-23964B4DA58E} - System32\Tasks\AdobeGCInvoker-1.0-santiago-PC-santiago => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7DD87A28-8332-47B2-8C7C-12AE9AC59C3F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9F6DAF43-F221-4348-8C17-AC13B3364717} - System32\Tasks\{3EB15C30-92DB-43B2-8C65-04E4D115C26E} => G:\Program Files (x86)\Halo Wars Definitive Edition\xgameFinal.exe
Task: {A323DC46-2010-4A83-87EA-DA3B4F8E4445} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367016 2019-08-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {A50CB166-CE9A-446D-86B1-A02E38A69985} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2174624 2019-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {B0B405CE-9433-48DC-8965-F96850379ED1} - System32\Tasks\PandaUSBVaccine => G:\Panda USB Vaccine\RunInteractiveWin.exe [116544 2010-06-01] (Panda Security S.L -> )
Task: {C3B3B7D4-FD97-47D8-B01B-92522C2A5AE7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe
Task: {C870FB97-5EEE-4972-8910-3693FC50CCAA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CB933001-9E19-4A6E-9505-A303E278F2DD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-01-21] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {D3C96013-37A1-4625-8353-127A6E841E7E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367016 2019-08-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {D5FBC5B9-D15D-43A5-AC86-336C41AC9E49} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D9FCFCE7-567D-4CFE-B609-C479F55C0311} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [157144 2019-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0502CC0-7C23-4637-A1A2-51EEADF62B76} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [960448 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E57C3672-D7FE-4EF0-BF7F-116A1CC7ABCE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1542080 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E63D82FB-992D-49A0-A839-5982A7A25017} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EBE354E9-38A7-4920-A66B-8A0A3B787CBE} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FFF3A07D-42AF-4809-87C0-1DFEAC19F369} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 190.157.8.46 190.157.8.33 100.70.133.50 100.70.133.51
Tcpip\..\Interfaces\{2FFA9CFD-C634-4B26-8195-77323F7B6FA1}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{9AF4832F-39DA-42A5-BD66-267DE275BCEA}: [DhcpNameServer] 190.157.8.46 190.157.8.33 100.70.133.50 100.70.133.51
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1066829708-2042649287-4230230453-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-co/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1066829708-2042649287-4230230453-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll => No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_212\bin\ssv.dll [2019-06-03] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2019-08-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL => No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_212\bin\jp2ssv.dll [2019-06-03] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_212\bin\ssv.dll [2019-06-03] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2019-08-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_212\bin\jp2ssv.dll [2019-06-03] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1066829708-2042649287-4230230453-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-28] (Microsoft Corporation -> Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-01]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @java.com/DTPlugin,version=11.212.2 -> C:\Program Files\Java\jre1.8.0_212\bin\dtplugin\npDeployJava1.dll [2019-06-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.212.2 -> C:\Program Files\Java\jre1.8.0_212\bin\plugin2\npjp2.dll [2019-06-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2019-03-14] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.212.2 -> C:\Program Files (x86)\Java\jre1.8.0_212\bin\dtplugin\npDeployJava1.dll [2019-06-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.212.2 -> C:\Program Files (x86)\Java\jre1.8.0_212\bin\plugin2\npjp2.dll [2019-06-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Air\nppdf32.dll [2019-07-26] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\santiago\AppData\Local\Google\Chrome\User Data\Default [2019-09-27]
CHR DownloadDir: G:\Descargas
CHR Extension: (Presentaciones) - C:\Users\santiago\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-01]
CHR Extension: (Documentos) - C:\Users\santiago\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-20]
CHR Extension: (Google Drive) - C:\Users\santiago\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-20]
CHR Extension: (YouTube) - C:\Users\santiago\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-20]
CHR Extension: (Adobe Acrobat) - C:\Users\santiago\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-08-21]
CHR Extension: (Hojas de cálculo) - C:\Users\santiago\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-01]
CHR Extension: (Escritorio Remoto de Chrome) - C:\Users\santiago\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-17]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\santiago\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-20]
CHR Extension: (Black blue shards) - C:\Users\santiago\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgoflmajhinnohnhkfeggflmmppiilck [2019-01-20]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\santiago\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-02-01]
CHR Extension: (Gmail) - C:\Users\santiago\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\santiago\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-21]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8479904 2019-03-24] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11568144 2019-08-30] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-08-04] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Hamachi2Svc; G:\hjh\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 lxcz_device; C:\Windows\system32\lxczcoms.exe [566192 2007-04-19] (Lexmark International, Inc. -> )
R2 lxcz_device; C:\Windows\SysWOW64\lxczcoms.exe [537520 2007-04-19] (Lexmark International, Inc. -> )
S3 MatSvc; C:\Program Files\Microsoft Fix it Center\Matsvc.exe [343856 2011-06-13] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; G:\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [17224464 2019-04-18] (Mail.Ru LLC -> LLC Mail.Ru)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2019-05-25] (Even Balance, Inc. -> )
R2 QMEmulatorService; G:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [147704 2019-05-31] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aow_drv; G:\Program Files\TxGameAssistant\UI\aow_drv_x64.sys [857648 2019-06-12] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
S3 cpuz143; C:\Users\santiago\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2019-09-19] (CPUID -> CPUID) <==== ATTENTION
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2019-09-24] (Malwarebytes Corporation -> Malwarebytes)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-01-20] (Martin Malik - REALiX -> REALiX(tm))
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-09-24] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [225944 2019-09-27] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2019-09-27] (Malwarebytes Corporation -> Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-09-26] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [106344 2019-09-27] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2019-05-22] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [16462872 2019-04-18] (Mail.Ru LLC -> LLC Mail.Ru)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
S2 iocbios2; \??\C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S1 TBoxDrv; \??\C:\Program Files\AndroidTbox\TBoxDrv.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-27 17:27 - 2019-09-27 17:32 - 000064706 _____ C:\Users\santiago\Desktop\Addition.txt
2019-09-27 17:25 - 2019-09-27 17:36 - 000034917 _____ C:\Users\santiago\Desktop\FRST.txt
2019-09-27 17:24 - 2019-09-27 17:35 - 000000000 ____D C:\FRST
2019-09-27 17:23 - 2019-09-27 17:23 - 000001544 _____ C:\Users\santiago\Desktop\malwarebytes.txt
2019-09-27 17:23 - 2019-09-27 17:19 - 001615872 _____ (Farbar) C:\Users\santiago\Desktop\FRST64.exe
2019-09-27 17:13 - 2019-09-27 17:13 - 000225944 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-09-27 17:13 - 2019-09-27 17:13 - 000106344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-09-27 17:13 - 2019-09-27 17:13 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-09-27 17:13 - 2019-09-27 17:13 - 000000000 ____D C:\Users\santiago\AppData\LocalLow\uTorrent
2019-09-26 20:00 - 2019-09-26 20:00 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-09-24 23:00 - 2019-09-24 23:00 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-09-24 18:42 - 2019-09-24 18:42 - 000000000 ____D C:\ProgramData\Tencent
2019-09-24 13:57 - 2019-09-24 23:00 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-09-24 13:57 - 2019-09-24 13:57 - 000000598 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-09-24 13:57 - 2019-09-24 13:57 - 000000598 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-09-24 13:57 - 2019-09-24 13:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-09-24 13:57 - 2019-09-24 13:57 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-09-24 13:30 - 2019-09-24 13:30 - 000000760 _____ C:\Users\Public\Desktop\Wondershare Recoverit.lnk
2019-09-24 13:30 - 2019-09-24 13:30 - 000000760 _____ C:\ProgramData\Desktop\Wondershare Recoverit.lnk
2019-09-24 13:30 - 2019-09-24 13:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2019-09-24 13:29 - 2019-09-24 13:31 - 000000000 ____D C:\ProgramData\Wondershare
2019-09-24 13:28 - 2019-09-24 13:30 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2019-09-24 13:28 - 2019-09-24 13:30 - 000000000 ____D C:\ProgramData\Documents\Wondershare
2019-09-21 18:00 - 2019-09-21 18:00 - 000000961 _____ C:\Users\santiago\Desktop\pcsx2 - Acceso directo.lnk
2019-09-19 15:58 - 2019-09-19 15:58 - 000224527 _____ C:\Users\santiago\AppData\Roaming\Sataga
2019-09-19 15:58 - 2019-09-19 15:58 - 000224527 _____ C:\Users\santiago\AppData\Roaming\Didomoma
2019-09-19 15:58 - 2019-09-19 15:58 - 000000266 _____ C:\Users\santiago\AppData\Roaming\WB.CFG
2019-09-13 21:47 - 2019-09-21 16:08 - 000000720 _____ C:\Users\santiago\Desktop\PerformanceTest.lnk
2019-09-13 21:47 - 2019-09-13 21:47 - 000000000 ____D C:\Users\santiago\Documents\PassMark
2019-09-13 21:47 - 2019-09-13 21:47 - 000000000 ____D C:\Users\santiago\AppData\Local\PassMark
2019-09-13 21:47 - 2019-09-13 21:47 - 000000000 ____D C:\ProgramData\Passmark
2019-09-13 21:47 - 2019-09-13 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest
2019-09-10 18:51 - 2019-09-10 23:17 - 000000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2019-09-10 18:51 - 2019-09-10 23:17 - 000000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2019-09-10 18:51 - 2019-09-10 18:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2019-09-10 18:51 - 2019-04-02 15:04 - 000035856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2019-09-10 18:50 - 2019-09-27 17:16 - 000000000 ____D C:\Users\santiago\AppData\Local\LogMeIn Hamachi
2019-09-10 18:11 - 2019-09-10 18:11 - 000000000 ____D C:\Users\santiago\AppData\Local\LogMeIn
2019-09-10 18:11 - 2019-09-10 18:11 - 000000000 ____D C:\ProgramData\LogMeIn
2019-09-05 19:21 - 2019-09-05 19:42 - 000000000 ____D C:\Users\santiago\AppData\Roaming\QCAD
2019-09-05 19:21 - 2019-09-05 19:21 - 000000949 _____ C:\Users\santiago\Desktop\qcad - Acceso directo.lnk
2019-09-04 14:09 - 2019-09-04 14:09 - 000000000 ____D C:\Users\santiago\Desktop\sketch_190904a
2019-09-02 18:22 - 2019-09-02 18:23 - 000000000 ____D C:\Users\santiago\Desktop\blog
2019-09-02 18:21 - 2019-09-02 18:21 - 000001035 _____ C:\Users\santiago\Desktop\HTTrack Website Copier.lnk
2019-09-02 18:21 - 2019-09-02 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
2019-09-02 18:21 - 2019-09-02 18:21 - 000000000 ____D C:\Program Files (x86)\WinHTTrack
2019-09-01 18:38 - 2019-09-01 18:38 - 000000100 _____ C:\Windows\Lexstat.ini
2019-09-01 18:32 - 2019-09-01 18:32 - 000000000 ____D C:\Program Files\Lexmark 1200 Series
2019-09-01 18:26 - 2019-09-01 18:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 1200 Series
2019-09-01 18:26 - 2019-09-01 18:26 - 000000000 ____D C:\Program Files (x86)\Lexmark 1200 Series
2019-09-01 18:26 - 2007-04-19 15:43 - 000537520 _____ ( ) C:\Windows\SysWOW64\lxczcoms.exe
2019-09-01 18:26 - 2007-04-19 15:43 - 000385968 _____ ( ) C:\Windows\SysWOW64\lxczih.exe
2019-09-01 18:26 - 2007-04-19 15:43 - 000381872 _____ ( ) C:\Windows\SysWOW64\lxczcfg.exe
2019-09-01 18:26 - 2007-04-19 15:43 - 000181168 _____ ( ) C:\Windows\SysWOW64\lxczppls.exe
2019-09-01 18:26 - 2007-04-19 15:40 - 000001851 _____ C:\Windows\SysWOW64\lxcz.loc
2019-09-01 18:26 - 2007-01-25 15:43 - 000155648 _____ (Lexmark International Inc.) C:\Windows\SysWOW64\lxczinsb.dll
2019-09-01 18:26 - 2007-01-25 15:43 - 000131072 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxczins.dll
2019-09-01 18:26 - 2007-01-25 15:43 - 000073728 _____ (Lexmark International Inc.) C:\Windows\SysWOW64\lxczcu.dll
2019-09-01 18:26 - 2007-01-25 15:42 - 000413696 _____ C:\Windows\SysWOW64\lxczutil.dll
2019-09-01 18:26 - 2007-01-22 23:30 - 000073728 _____ (Lexmark International) C:\Windows\SysWOW64\LXCZcfg.dll
2019-09-01 18:26 - 2007-01-22 23:10 - 000090112 _____ C:\Windows\SysWOW64\lxczinsr.dll
2019-09-01 18:26 - 2007-01-22 23:09 - 000462848 _____ (Lexmark International Inc.) C:\Windows\SysWOW64\lxczjswr.dll
2019-09-01 18:26 - 2007-01-22 23:09 - 000094208 _____ (Lexmark International Inc.) C:\Windows\SysWOW64\lxczcur.dll
2019-09-01 18:26 - 2006-12-20 18:08 - 000643072 _____ ( ) C:\Windows\SysWOW64\lxczpmui.dll
2019-09-01 18:26 - 2006-12-20 18:06 - 001224704 _____ ( ) C:\Windows\SysWOW64\lxczserv.dll
2019-09-01 18:26 - 2006-12-20 18:01 - 000421888 _____ ( ) C:\Windows\SysWOW64\lxczcomm.dll
2019-09-01 18:26 - 2006-12-20 17:59 - 000585728 _____ ( ) C:\Windows\SysWOW64\lxczlmpm.dll
2019-09-01 18:26 - 2006-12-20 17:58 - 000397312 _____ ( ) C:\Windows\SysWOW64\lxcziesc.dll
2019-09-01 18:26 - 2006-12-20 17:58 - 000274432 _____ C:\Windows\SysWOW64\LXCZinst.dll
2019-09-01 18:26 - 2006-12-20 17:55 - 000094208 _____ ( ) C:\Windows\SysWOW64\lxczpplc.dll
2019-09-01 18:26 - 2006-12-20 17:54 - 000684032 _____ ( ) C:\Windows\SysWOW64\lxczcomc.dll
2019-09-01 18:26 - 2006-12-20 17:54 - 000163840 _____ ( ) C:\Windows\SysWOW64\lxczprox.dll
2019-09-01 18:26 - 2006-12-20 17:47 - 000413696 _____ ( ) C:\Windows\SysWOW64\lxczinpa.dll
2019-09-01 18:26 - 2006-12-20 17:46 - 000991232 _____ ( ) C:\Windows\SysWOW64\lxczusb1.dll
2019-09-01 18:26 - 2006-12-20 17:42 - 000696320 _____ ( ) C:\Windows\SysWOW64\lxczhbn3.dll
2019-09-01 18:26 - 2006-09-18 12:26 - 000983107 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lxczgf.dll
2019-09-01 18:25 - 2019-09-01 18:39 - 000004400 _____ C:\Windows\system32\LexFiles.ulf
2019-09-01 18:25 - 2019-09-01 18:25 - 000000000 ____D C:\lexmark
2019-09-01 18:25 - 2007-04-19 15:43 - 000566192 _____ ( ) C:\Windows\system32\lxczcoms.exe
2019-09-01 18:25 - 2007-04-19 15:43 - 000235952 _____ ( ) C:\Windows\system32\lxczcfg.exe
2019-09-01 18:25 - 2007-04-19 15:43 - 000233392 _____ ( ) C:\Windows\system32\lxczih.exe
2019-09-01 18:25 - 2007-04-19 15:40 - 000001851 _____ C:\Windows\system32\lxcz.loc
2019-09-01 18:25 - 2007-01-25 20:32 - 000177664 _____ (Lexmark International, Inc.) C:\Windows\system32\lxczins.dll
2019-09-01 18:25 - 2007-01-25 20:32 - 000135168 _____ (Lexmark International Inc.) C:\Windows\system32\lxczinsb.dll
2019-09-01 18:25 - 2007-01-25 20:31 - 000079360 _____ (Lexmark International Inc.) C:\Windows\system32\lxczcu.dll
2019-09-01 18:25 - 2007-01-25 20:30 - 000571392 _____ C:\Windows\system32\lxczutil.dll
2019-09-01 18:25 - 2007-01-23 01:35 - 000075776 _____ C:\Windows\system32\lxczinsr.dll
2019-09-01 18:25 - 2007-01-23 01:34 - 000446464 _____ (Lexmark International Inc.) C:\Windows\system32\lxczjswr.dll
2019-09-01 18:25 - 2007-01-23 01:33 - 000078848 _____ (Lexmark International Inc.) C:\Windows\system32\lxczcur.dll
2019-09-01 18:25 - 2007-01-22 23:31 - 000062464 _____ (Lexmark International) C:\Windows\system32\LXCZcfg.dll
2019-09-01 18:25 - 2006-12-20 19:00 - 000409600 _____ ( ) C:\Windows\system32\lxczpmui.dll
2019-09-01 18:25 - 2006-12-20 18:58 - 001417728 _____ ( ) C:\Windows\system32\lxczserv.dll
2019-09-01 18:25 - 2006-12-20 18:51 - 000249856 _____ ( ) C:\Windows\system32\lxczcomm.dll
2019-09-01 18:25 - 2006-12-20 18:48 - 000487424 _____ ( ) C:\Windows\system32\lxczlmpm.dll
2019-09-01 18:25 - 2006-12-20 18:46 - 000194048 _____ C:\Windows\system32\LXCZinst.dll
2019-09-01 18:25 - 2006-12-20 18:45 - 000226816 _____ ( ) C:\Windows\system32\lxcziesc.dll
2019-09-01 18:25 - 2006-12-20 18:43 - 000010752 _____ ( ) C:\Windows\system32\lxczpplc.dll
2019-09-01 18:25 - 2006-12-20 18:41 - 000695808 _____ ( ) C:\Windows\system32\lxczcomc.dll
2019-09-01 18:25 - 2006-12-20 18:40 - 000035328 _____ ( ) C:\Windows\system32\lxczprox.dll
2019-09-01 18:25 - 2006-12-20 18:32 - 000238592 _____ ( ) C:\Windows\system32\lxczinpa.dll
2019-09-01 18:25 - 2006-12-20 18:31 - 001099264 _____ ( ) C:\Windows\system32\lxczusb1.dll
2019-09-01 18:25 - 2006-12-20 18:26 - 000305152 _____ ( ) C:\Windows\system32\LXCZhcp.dll
2019-09-01 18:25 - 2006-12-20 18:24 - 000659456 _____ ( ) C:\Windows\system32\lxczhbn3.dll
2019-08-28 13:46 - 2019-08-28 13:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
==================== One month (modified) ========y el otro que se llama addittion.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2019
Ran by santiago (27-09-2019 17:37:13)
Running from C:\Users\santiago\Desktop
Windows 7 Enterprise Service Pack 1 (X64) (2018-01-20 23:45:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-1066829708-2042649287-4230230453-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-1066829708-2042649287-4230230453-1002 - Limited - Enabled)
Invitado (S-1-5-21-1066829708-2042649287-4230230453-501 - Limited - Disabled)
santiago (S-1-5-21-1066829708-2042649287-4230230453-1000 - Administrator - Enabled) => C:\Users\santiago
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1066829708-2042649287-4230230453-1000\...\uTorrent) (Version: 3.5.5.45341 - BitTorrent Inc.)
0 A.D. (HKU\S-1-5-21-1066829708-2042649287-4230230453-1000\...\0 A.D.) (Version: r21946P-alpha - Wildfire Games)
1.0 (HKLM-x32\...\{4E9DB331-96B7-4C94-9FFC-B9E13B2A0A27}_is1) (Version: - Activision)
3DP Chip Lite v18.12 (HKLM-x32\...\3DP Chip Lite) (Version: v18.12 - 3DP)
Actualización de NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
Adobe Acrobat DC (2015) (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0E0F06755100}) (Version: 15.006.30503 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\{4487064C-F31E-4499-A1EF-9B8E809A0358}) (Version: 12.3.5.205 - Adobe, Inc)
Age of Empires II HD (c) Microsoft Studios version 1 (HKLM-x32\...\QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1) (Version: 1 - )
Age of Empires III (HKLM-x32\...\{993908C2-50E1-4CCB-9846-D663D340896C}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{993908C2-50E1-4CCB-9846-D663D340896C}) (Version: 1.00.0000 - Microsoft Game Studios)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam)
Alan Wake (HKLM-x32\...\Alan Wake_is1) (Version: - )
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.1 - Sereby Corporation)
American Truck Simulator MULTi23 - ElAmigos versión 1.31.2 (HKLM-x32\...\{1E1A283E-DA44-4DCB-BC57-295E54DF18CA}_is1) (Version: 1.31.2 - SCS Software)
Arduino (HKLM-x32\...\Arduino) (Version: 1.8.9 - Arduino LLC)
Audiosurf 2 (HKLM-x32\...\QXVkaW9zdXJmMg==_is1) (Version: 1 - )
Bayonetta (HKLM-x32\...\Bayonetta_is1) (Version: - )
Call of Duty(R) 2 (HKLM-x32\...\{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Call of Juarez - Gunslinger (HKLM-x32\...\Call of Juarez - Gunslinger_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6_is1) (Version: Counter-Strike 1.6 No Steam - KingSOFT DVD)
Crysis WARHEAD(R) (HKLM-x32\...\{7353BAE6-5E49-46C4-A9B5-8A269A313789}) (Version: 1.0 - Crytek) Hidden
Crysis WARHEAD(R) (HKLM-x32\...\Crysis WARHEAD(R)) (Version: - Electronic Arts)
CSS Transformation Pack by DaRkSe7eN (HKLM-x32\...\CSS Transformation Pack by DaRkSe7eN1.0.0) (Version: 1.0.0 - DaRkSe7eN)
Deus Ex Human Revolution - Complete Edition (HKLM-x32\...\Deus Ex Human Revolution - Complete Edition_is1) (Version: - )
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software)
Discord (HKU\S-1-5-21-1066829708-2042649287-4230230453-1000\...\Discord) (Version: 0.0.305 - Discord Inc.)
DmC - Devil May Cry (HKLM-x32\...\DmC - Devil May Cry_is1) (Version: - )
Doom 3 BFG Edition (HKLM-x32\...\Doom 3 BFG Edition_is1) (Version: - )
DriversCloud.com (64 bits) (HKLM\...\{FA34FE8D-3066-4834-A5F9-31D14B3BFDF4}) (Version: 10.0.10.0 - Cybelsoft)
Empire Earth - InTrUsO versión 1.5 (HKLM-x32\...\{B805E355-1F34-4730-9791-ACF015DE94CA}_is1) (Version: 1.5 - Sierra)
EMU360X V1.0 (HKU\S-1-5-21-1066829708-2042649287-4230230453-1000\...\EMU360X V1.0) (Version: - )
Epic Games Launcher (HKLM-x32\...\{D19DBA3B-7451-49DB-98C4-E22F824663D9}) (Version: 1.1.220.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Gears of War versión 1.0 u3 (HKLM-x32\...\{31A6A418-2486-4BE7-B924-555ED89D21D9}_is1) (Version: 1.0 u3 - Microsoft)
GoNNER (HKLM-x32\...\2056546893_is1) (Version: 2.0.0.1 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
GRIS MULTi10 - ElAmigos versión 07.03.2019 (HKLM-x32\...\{664CC3C1-7BD8-4607-BF0B-5C62CC434562}_is1) (Version: 07.03.2019 - Devolver Digital)
Halo Wars Definitive Edition (HKLM-x32\...\Halo Wars Definitive Edition_is1) (Version: - )
Inside (HKLM-x32\...\{9BD4503F-F711-491D-984A-AB4ABD66B8C2}_is1) (Version: - Playdead)
Intel(R) Processor Identification Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
Java 8 Update 212 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180212F0}) (Version: 8.0.2120.10 - Oracle Corporation)
Java 8 Update 212 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180212F0}) (Version: 8.0.2120.10 - Oracle Corporation)
Kerbal Space Program Dressed for Success (HKLM-x32\...\Kerbal Space Program Dressed for Success_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Left 4 Dead 2 versión 2.1.4.0 (HKLM\...\{F30ECD7F-0336-48C8-B484-94F58B9F38AD}_is1) (Version: 2.1.4.0 - Strogino CS Portal)
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version: - LEGO A/S)
Lexmark 1200 Series (HKLM\...\Lexmark 1200 Series) (Version: - Lexmark International, Inc.)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Mad Arrow (HKLM-x32\...\Mad Arrow_is1) (Version: - Shmehao.com)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Mass Effect Ultimate Edition versión 1.02 (HKLM-x32\...\Mass Effect Ultimate Edition_is1) (Version: 1.02 - Bioware)
Microsoft .NET Framework 4.5.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Fix it Center (HKLM\...\{B7588D45-AFDC-4C93-9E2E-A100F3554B64}) (Version: 1.0.0100 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Halo (HKLM-x32\...\Halo) (Version: - Microsoft)
Microsoft Halo Custom Edition (HKLM-x32\...\Halo CE) (Version: - )
Microsoft Office Profesional 2016 - es-es (HKLM\...\ProfessionalRetail - es-es) (Version: 16.0.11929.20300 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1066829708-2042649287-4230230453-1000\...\OneDriveSetup.exe) (Version: 19.152.0801.0008 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{4ffaf7b8-a84a-4813-840c-8b1f1343ae54}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{dd1e9bde-2ad6-4e92-8c07-7d4723eab8b8}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27012 (HKLM-x32\...\{67f67547-9693-4937-aa13-56e296bd40f6}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Moho 12.0 (HKLM\...\Moho1200_is1) (Version: 12.0 - Smith Micro Software, Inc.)
MOTORM4X (HKLM-x32\...\MOTORM4X) (Version: 1.0.821.1 - )
MSI Afterburner 4.6.1 (HKLM-x32\...\Afterburner) (Version: 4.6.1 - MSI Co., LTD)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MTG Arena (HKLM-x32\...\{1D7B6286-BA01-403C-8C1A-3CD6DD99D032}) (Version: 0.1.1529.0 - Wizards of the Coast) Hidden
MTG Arena (HKLM-x32\...\MTG Arena 0.1.1529.0) (Version: 0.1.1529.0 - Wizards of the Coast)
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version: - )
NeoEE (HKU\S-1-5-21-1066829708-2042649287-4230230453-1000\...\NeoEE) (Version: 2.0.0.5 - NeoEE Devloper Team)
NeoEE Installer (HKLM-x32\...\{5D790DAD-55A5-4134-9976-70C561A9B155}) (Version: 2.0.0.5 - NeoEE) Hidden
NeoEE Installer (HKLM-x32\...\{D47F1213-9631-4CD7-9ECE-138489C278AE}) (Version: 2.0.0.5 - NeoEE) Hidden
NFS Underground (HKLM-x32\...\{A99968BE-C155-474C-0089-33239DEE1CE2}) (Version: - )
NVIDIA Controlador de audio HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20300 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20300 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.11929.20300 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
osu! (HKLM-x32\...\{f5875570-6cdc-41ae-9c04-35971f6c1354}) (Version: latest - ppy Pty Ltd)
Outlast (HKLM-x32\...\Outlast_is1) (Version: - )
Panda USB Vaccine 1.0.1.16 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version: - Panda Security)
Panel de control de NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden
Paquete de controladores de Windows - Realtek (RTL8167) Net (12/23/2016 7.104.1223.2016) (HKLM\...\8FE7583BA3BE7DC67C5AE21C06F30A7E65FB3C21) (Version: 12/23/2016 7.104.1223.2016 - Realtek)
PAYDAY 2 (HKLM-x32\...\PAYDAY 2_is1) (Version: - )
PerformanceTest v9.0 (HKLM\...\PerformanceTest 9_is1) (Version: 9.0.1031.0 - Passmark Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8549 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.2.2 (HKLM-x32\...\RTSS) (Version: 7.2.2 - Unwinder)
Roblox Player for santiago (HKU\S-1-5-21-1066829708-2042649287-4230230453-1000\...\roblox-player) (Version: - Roblox Corporation)
Shatter Bot (HKLM-x32\...\Shatter Bot_is1) (Version: - Shmehao.com)
SKYRIM The Elder Scrolls V Repack (HKLM-x32\...\SKYRIM The Elder Scrolls V Repack) (Version: - )
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Tencent Gaming Buddy (HKLM-x32\...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company)
The Orange Box (HKLM-x32\...\{9EF7918F-6283-48D4-8648-9FE84BE9FB41}) (Version: 1.00.0000 - Valvesoftware)
Total War Rome II Rise of the Republic (HKLM-x32\...\Total War Rome II Rise of the Republic_is1) (Version: - )
UltraISO Premium V9.71 (HKLM-x32\...\UltraISO_is1) (Version: - )
VibrateGameDeviceDrivers40 (HKLM\...\{DBB7F606-0C13-4182-AD7F-427A4773580E}) (Version: 4.09.0511G - Nombre de su organizacion)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7 - VideoLAN)
War Thunder Launcher 1.0.3.148 (HKU\S-1-5-21-1066829708-2042649287-4230230453-1000\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinHTTrack Website Copier 3.49-2 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Wondershare Recoverit(Build 8.0.5.24) (HKLM-x32\...\{829555DC-31E5-4FEA-B350-8FCF24CECD95}_is1) (Version: 8.0.5.24 - Wondershare Software Co.,Ltd.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1066829708-2042649287-4230230453-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1066829708-2042649287-4230230453-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => D:\aimp\System\aimp_menu64.dll [2019-01-21] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => G:\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => D:\aimp\System\aimp_menu64.dll [2019-01-21] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => G:\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\santiago\Desktop\juegos\MOTORM4X.lnk -> C:\Program Files (x86)\City Interactive\MOTORM4X Offroad Extreme\MotorM4X.bat ()
Shortcut: C:\Users\santiago\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\0 A.D. alpha\Open logs folder.lnk -> G:\0 A.D. alpha\OpenLogsFolder.bat ()
ShortcutWithArgument: C:\Users\santiago\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
==================== Loaded Modules (Whitelisted) ==============
2015-03-17 02:17 - 2015-03-17 02:17 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\locale\es_es\acrotray.esp
2009-08-18 11:24 - 2009-08-18 11:24 - 000167424 _____ (Microsoft Corporation) [File not signed] c:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
2019-01-22 12:19 - 2019-01-22 12:19 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\AppVIsvSubsystems64.dll
2019-01-22 12:19 - 2019-01-22 12:19 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\c2r64.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2019-08-06 17:54 - 000000921 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-1066829708-2042649287-4230230453-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\santiago\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 190.157.8.46 - 190.157.8.33
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\startupreg: Discord => C:\Users\santiago\AppData\Local\Discord\app-0.0.304\Discord.exe
MSCONFIG\startupreg: Gaijin.Net Updater => "C:\Users\santiago\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\santiago\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{369D67D3-F321-4DFA-AF84-D5E327F46BC6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4C3FF2DE-6E6E-4B62-A965-A87593BF44F3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B243066C-D800-4D90-9F0E-6D8CC7A78214}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CE6EDBB5-8A12-457E-B2F2-CC28EE92DEE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A91AF7D7-65E4-42A1-BA23-BFDE94C1101B}] => (Allow) E:\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0FED5D49-D9AA-4915-8895-AC89105FAC05}] => (Allow) E:\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F318D5FE-6839-4E03-B3A0-4B39A12CFCAC}] => (Allow) E:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{9A1C05D2-849A-4458-9377-F56682B69D4C}] => (Allow) E:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{453CA06E-4F33-43FA-B1DD-C36DA9B9938D}D:\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{E4CD9DBA-E50A-4F7F-B236-A7B95B998097}D:\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [TCP Query User{A8C440F1-D423-4040-A2F8-D8B3F91834DE}E:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) E:\steam\steamapps\common\counter-strike global offensive\csgo.exe (Valve -> )
FirewallRules: [UDP Query User{BDF3696A-3116-44A9-82CE-F8F41486F8EB}E:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) E:\steam\steamapps\common\counter-strike global offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{4A3A324C-810F-4019-8283-E6B2AC52E726}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [UDP Query User{B1D67B0C-45EE-4D4B-9A74-B1BE92357B98}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [TCP Query User{1EB0132B-3AA3-467D-A114-483A78177442}D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe (Mail.Ru, LLC -> Crytek GmbH)
FirewallRules: [UDP Query User{241EB383-8541-4C9E-9169-61D56722835A}D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe (Mail.Ru, LLC -> Crytek GmbH)
FirewallRules: [{AD4A49CD-333F-4F40-A778-F8F7993D71E6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{F54917AE-D346-4167-ABE8-94F1142B65DF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{DEBD9CAA-EF1F-4A4F-A607-45327B0FEBE9}D:\bayonetta\dead space 2\deadspace2.exe] => (Allow) D:\bayonetta\dead space 2\deadspace2.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{57E2C3D3-764D-4045-904A-0DB7CF8D82EB}D:\bayonetta\dead space 2\deadspace2.exe] => (Allow) D:\bayonetta\dead space 2\deadspace2.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [TCP Query User{49260C80-F8DD-4AEA-A84E-38E71A79CDCA}D:\simpleplanes.v1.7.1.0\simpleplanes.exe] => (Allow) D:\simpleplanes.v1.7.1.0\simpleplanes.exe () [File not signed]
FirewallRules: [UDP Query User{5FBC99BD-8507-484B-915D-07B01895A8AE}D:\simpleplanes.v1.7.1.0\simpleplanes.exe] => (Allow) D:\simpleplanes.v1.7.1.0\simpleplanes.exe () [File not signed]
FirewallRules: [TCP Query User{B8B76194-DD0F-4E1F-83D1-9F3496E6655E}E:\grid\grid.exe] => (Allow) E:\grid\grid.exe (Codemasters) [File not signed]
FirewallRules: [UDP Query User{2CE33D81-D8F6-4D1A-BFBE-A43F70B432C2}E:\grid\grid.exe] => (Allow) E:\grid\grid.exe (Codemasters) [File not signed]
FirewallRules: [{6B5BB35B-3259-42AB-B3D6-DC246E5D98B9}] => (Allow) E:\steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{6BEF0744-53F5-4CEF-9BD9-A7B71171B387}] => (Allow) E:\steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{6EDC4F32-72C2-4127-AF31-933591B641EC}] => (Allow) D:\SteamLibrary\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{D63ED8A5-215D-464E-A803-1C5E44EA4020}] => (Allow) D:\SteamLibrary\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{33005302-0C46-480B-A370-36E27C625ECF}] => (Allow) E:\steam\steamapps\common\Robocraft\Robocraft.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{258216D4-39C7-4180-B30A-AAEC8643816A}] => (Allow) E:\steam\steamapps\common\Robocraft\Robocraft.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{6A93B2D3-AAA6-488D-862E-AC1DC1BF2E16}] => (Allow) D:\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> )
FirewallRules: [{912B7D7D-A146-47D1-B6FA-4C20F614F5D0}] => (Allow) D:\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> )
FirewallRules: [{521D5523-1CC3-48B0-9E57-FCFB0113B4B1}] => (Allow) D:\SteamLibrary\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [{E499B7F7-7325-4F68-98E3-AA1756F1F806}] => (Allow) D:\SteamLibrary\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [{D536D9CD-2E43-4E48-A1EF-AF98B8D9B201}] => (Allow) D:\SteamLibrary\steamapps\common\BLOCKPOST\blockpost.exe () [File not signed]
FirewallRules: [{9A144A56-7431-4810-968D-CC416A2766F4}] => (Allow) D:\SteamLibrary\steamapps\common\BLOCKPOST\blockpost.exe () [File not signed]
FirewallRules: [{28279559-2CB3-4968-AA2E-E5E518325EAF}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{3B518131-0269-4B48-8629-6D5A08108856}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{10B1DF1D-6B78-4EF3-B6CD-BBC4A94CB19C}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{A49D0010-8A3C-46B1-87A7-20FB54E0E4A4}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{92452BEB-282A-4A94-A0D0-A7FB7B6B61AD}] => (Allow) D:\SteamLibrary\steamapps\common\WOG\disasm.exe () [File not signed]
FirewallRules: [{F7679DB6-82F3-47A4-A3FF-B3C9F7B2E14B}] => (Allow) D:\SteamLibrary\steamapps\common\WOG\disasm.exe () [File not signed]
FirewallRules: [{0285CC08-776D-4B15-B468-AC6B28224874}] => (Allow) C:\Users\santiago\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{9A61C95E-C28D-4773-81E4-04347A6D3758}] => (Allow) C:\Users\santiago\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1EB565C4-055C-4782-9B1B-496CA0C5564D}] => (Allow) E:\steam\steamapps\common\Battle Tanks\BattleTanks.exe () [File not signed]
FirewallRules: [{C20E80C0-2671-49C6-B393-E78F693DEB29}] => (Allow) E:\steam\steamapps\common\Battle Tanks\BattleTanks.exe () [File not signed]
FirewallRules: [TCP Query User{84DFB153-A088-449B-81F9-9723A59E69D8}C:\program files (x86)\capcom\dmc - devil may cry\binaries\win32\dmc-devilmaycry.exe] => (Allow) C:\program files (x86)\capcom\dmc - devil may cry\binaries\win32\dmc-devilmaycry.exe () [File not signed]
FirewallRules: [UDP Query User{FB483EB0-EBAF-47C5-BAB6-013FC8EB4515}C:\program files (x86)\capcom\dmc - devil may cry\binaries\win32\dmc-devilmaycry.exe] => (Allow) C:\program files (x86)\capcom\dmc - devil may cry\binaries\win32\dmc-devilmaycry.exe () [File not signed]
FirewallRules: [TCP Query User{A87746BE-C03A-4084-9FD5-EBD29DFAF391}D:\castle crashers v2.7 español\data\castle.exe] => (Allow) D:\castle crashers v2.7 español\data\castle.exe () [File not signed]
FirewallRules: [UDP Query User{6D7C2A91-BCDB-42A4-91B7-61DCA0DA3F05}D:\castle crashers v2.7 español\data\castle.exe] => (Allow) D:\castle crashers v2.7 español\data\castle.exe () [File not signed]
FirewallRules: [TCP Query User{FFDB06BD-B180-4840-9F5F-C15ECAAFCCCB}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Allow) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{EF278518-2EEA-4F42-9AE6-295958AD8C1A}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Allow) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [TCP Query User{463CA214-000A-4F1A-9FBA-F49303CD1FEB}C:\program files\strogino cs portal\left 4 dead 2\bin\tools\steamcmd.exe] => (Allow) C:\program files\strogino cs portal\left 4 dead 2\bin\tools\steamcmd.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{106D78E9-C080-435E-8595-8F6DC2681D04}C:\program files\strogino cs portal\left 4 dead 2\bin\tools\steamcmd.exe] => (Allow) C:\program files\strogino cs portal\left 4 dead 2\bin\tools\steamcmd.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{C2FC1CAA-A87F-458D-8DF5-F96B7B561616}C:\program files\strogino cs portal\left 4 dead 2\left4dead2.exe] => (Allow) C:\program files\strogino cs portal\left 4 dead 2\left4dead2.exe () [File not signed]
FirewallRules: [UDP Query User{C80F7935-7CEC-4EFD-8501-183B9C82E212}C:\program files\strogino cs portal\left 4 dead 2\left4dead2.exe] => (Allow) C:\program files\strogino cs portal\left 4 dead 2\left4dead2.exe () [File not signed]
FirewallRules: [TCP Query User{8EBD5067-FDC5-4335-8477-E01F40A2E44D}G:\empire earth\empire earth.exe] => (Allow) G:\empire earth\empire earth.exe () [File not signed]
FirewallRules: [UDP Query User{EFF3AA18-39F5-4F7B-9959-49547D7518B7}G:\empire earth\empire earth.exe] => (Allow) G:\empire earth\empire earth.exe () [File not signed]
FirewallRules: [TCP Query User{2ACD3C14-D361-46EB-A368-48CBF3D95A0F}G:\halo ce\haloce.exe] => (Allow) G:\halo ce\haloce.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{632245D4-02C5-410A-ADA6-B15C1067A5C2}G:\halo ce\haloce.exe] => (Allow) G:\halo ce\haloce.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{055F865C-C61B-4B3D-BA58-35E969073A51}G:\911.operator\911.operator\911.exe] => (Block) G:\911.operator\911.operator\911.exe () [File not signed]
FirewallRules: [UDP Query User{E5692E74-2CE6-43FB-94CF-84D3A34C23AE}G:\911.operator\911.operator\911.exe] => (Block) G:\911.operator\911.operator\911.exe () [File not signed]
FirewallRules: [TCP Query User{DC434A68-DB50-442E-8C18-0A4D6FED7FC5}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{A5EB8557-EA36-4C15-AA84-90CE8C3AB5E2}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{6943CD22-5274-4A36-88EC-ACD9AE70E4DA}] => (Allow) G:\SteamLibrary\steamapps\common\Himno\Himno.exe () [File not signed]
FirewallRules: [{28182D74-69C6-46BF-8F16-1A3E7D13578B}] => (Allow) G:\SteamLibrary\steamapps\common\Himno\Himno.exe () [File not signed]
FirewallRules: [TCP Query User{74C65571-A71B-4C48-B6F8-3ADAC6C53E7C}G:\gears of war\binaries\wargame-g4wlive.exe] => (Allow) G:\gears of war\binaries\wargame-g4wlive.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{96630785-1676-4F2A-8B3A-A07AC5F9F123}G:\gears of war\binaries\wargame-g4wlive.exe] => (Allow) G:\gears of war\binaries\wargame-g4wlive.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{63B4DAB0-898F-4DFD-AF05-FAF0E8B1BE36}G:\outlast\binaries\win64\olgame.exe] => (Allow) G:\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [UDP Query User{59CFF688-F746-4006-86CA-556F4B1974A0}G:\outlast\binaries\win64\olgame.exe] => (Allow) G:\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [TCP Query User{17CFE6E3-09F7-487C-A499-1B1C39D4E75B}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{E134DD21-F338-4D68-8809-BBCAD155E767}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{A80A75B7-74AC-4E3D-869C-402050BF39A5}G:\program files (x86)\total war rome ii rise of the republic\rome2.exe] => (Allow) G:\program files (x86)\total war rome ii rise of the republic\rome2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{C9DDB652-4337-4437-BA88-AAFF784B015A}G:\program files (x86)\total war rome ii rise of the republic\rome2.exe] => (Allow) G:\program files (x86)\total war rome ii rise of the republic\rome2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [TCP Query User{7E02C007-FCD4-4673-8447-E3222432F52D}G:\doom 3 bfg edition\doom3bfg.exe] => (Allow) G:\doom 3 bfg edition\doom3bfg.exe (id Software LLC, a ZeniMax Media company) [File not signed]
FirewallRules: [UDP Query User{F265CA2C-82AF-4133-B319-F5DB436670CB}G:\doom 3 bfg edition\doom3bfg.exe] => (Allow) G:\doom 3 bfg edition\doom3bfg.exe (id Software LLC, a ZeniMax Media company) [File not signed]
FirewallRules: [TCP Query User{A6DF5DBB-BDA7-42B3-8CDC-CF370F58A831}G:\cartitas\mtgarena\mtga.exe] => (Allow) G:\cartitas\mtgarena\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [UDP Query User{D05B1671-3E97-43D9-94C8-A9C97986E294}G:\cartitas\mtgarena\mtga.exe] => (Allow) G:\cartitas\mtgarena\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [{4B51A9BC-57EA-4F27-B582-A0CC1E7ECC00}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [{544E310B-A808-4131-A68B-6D8BD5C2CE87}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [{1B53E54B-06FA-458C-8A8A-A397741C23D9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{779F188E-FD72-4323-807C-186EC55FE375}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{C73FFDC3-CC81-4644-BFE8-DBCDEA5296EC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{9009D1B3-1A16-4517-B7AA-312E26B5552C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{37A55FA3-72E9-4948-A079-86BA69569A3A}] => (Allow) G:\Descargas\Call Of Duty 4 Modern Warfare [Spanish]WwW.GamesTorrents.CoM\iw3mp.exe () [File not signed]
FirewallRules: [{53586768-C14F-48F7-999D-87AFA5535ED6}] => (Allow) G:\Descargas\Call Of Duty 4 Modern Warfare [Spanish]WwW.GamesTorrents.CoM\iw3mp.exe () [File not signed]
FirewallRules: [TCP Query User{E371816F-985A-475E-AB24-B8F0E6A6F9EF}G:\call of duty modern warfare 2 spanish\iw4mp.exe] => (Allow) G:\call of duty modern warfare 2 spanish\iw4mp.exe (Valve Corporation -> ) [File not signed]
FirewallRules: [UDP Query User{B705BBD9-AB40-4D76-A3A6-EB0C8A4211BF}G:\call of duty modern warfare 2 spanish\iw4mp.exe] => (Allow) G:\call of duty modern warfare 2 spanish\iw4mp.exe (Valve Corporation -> ) [File not signed]
FirewallRules: [TCP Query User{940478A1-A6C6-409C-8304-F5740F3B7221}G:\call of duty modern warfare 2 spanish\iw4sp.exe] => (Allow) G:\call of duty modern warfare 2 spanish\iw4sp.exe (Valve Corporation -> ) [File not signed]
FirewallRules: [UDP Query User{0D243611-2710-404A-AE4B-B4889FDD31A9}G:\call of duty modern warfare 2 spanish\iw4sp.exe] => (Allow) G:\call of duty modern warfare 2 spanish\iw4sp.exe (Valve Corporation -> ) [File not signed]
FirewallRules: [TCP Query User{9A6473DD-4414-4570-8711-3C90C020C834}G:\payday 2\payday2_win32_release.exe] => (Allow) G:\payday 2\payday2_win32_release.exe () [File not signed]
FirewallRules: [UDP Query User{F13067C9-473B-47D6-8379-577E3FC2A380}G:\payday 2\payday2_win32_release.exe] => (Allow) G:\payday 2\payday2_win32_release.exe () [File not signed]
FirewallRules: [{501B11BB-6ED2-4D92-BFF3-AF182B6FABE8}] => (Allow) g:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{28536784-F87E-4613-A88F-67A408DC6333}] => (Allow) g:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{5D0ABE8A-51E7-4CBE-8080-877C12E2994E}] => (Allow) g:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{26D570DB-8D99-4C3C-8490-183DF2C31A87}] => (Allow) g:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{36B878A4-45D9-41E3-9C60-A79233E5CADA}] => (Allow) g:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{B22F774B-4EE0-42AD-A012-3D573CE8312A}] => (Allow) g:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{A5F21BE7-8CF2-445D-A418-EF972B5596FF}] => (Allow) g:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{C63F74E4-4837-4F59-8E34-A50D50A0158C}] => (Allow) g:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{5966BD43-BDA5-4C77-95E5-E5B123DAE1DE}] => (Allow) g:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{2FDCC8FA-662B-46BD-A8A3-47E613D2F084}] => (Allow) g:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{670E51D0-9C1E-4D29-9C95-7D3BE54FD9DF}] => (Allow) g:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [TCP Query User{73FF8F5F-7CA3-48B5-9F96-0D35B5DD6B8D}G:\descargas\forts.v2019.01.11a\forts v2019.01.11a-pivigames.blog\forts.exe] => (Allow) G:\descargas\forts.v2019.01.11a\forts v2019.01.11a-pivigames.blog\forts.exe () [File not signed]
FirewallRules: [UDP Query User{42E13B0A-03CB-451E-85E0-D53B97CA2A90}G:\descargas\forts.v2019.01.11a\forts v2019.01.11a-pivigames.blog\forts.exe] => (Allow) G:\descargas\forts.v2019.01.11a\forts v2019.01.11a-pivigames.blog\forts.exe () [File not signed]
FirewallRules: [{D419D24D-3695-4D6C-831C-02868A13EBA8}] => (Allow) G:\SteamLibrary\steamapps\common\Eve Online\eve.exe (CCP Hf -> )
FirewallRules: [{5BD31984-ED31-4654-BE6F-55807C2FCBD0}] => (Allow) G:\SteamLibrary\steamapps\common\Eve Online\eve.exe (CCP Hf -> )
FirewallRules: [{F682801C-2416-4074-9F17-9F78987BA1A7}] => (Allow) G:\SteamLibrary\steamapps\common\Cyberdrome\Cyberdrome.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{400EB84C-51AB-4871-A982-0BCA90527A51}] => (Allow) G:\SteamLibrary\steamapps\common\Cyberdrome\Cyberdrome.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{78FE416D-8797-4039-948D-19332292AD88}G:\steamlibrary\steamapps\common\cyberdrome\cyberdrome\binaries\win64\cyberdrome-win64-shipping.exe] => (Allow) G:\steamlibrary\steamapps\common\cyberdrome\cyberdrome\binaries\win64\cyberdrome-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{219193B7-7234-4DDC-B284-3E8121E73C93}G:\steamlibrary\steamapps\common\cyberdrome\cyberdrome\binaries\win64\cyberdrome-win64-shipping.exe] => (Allow) G:\steamlibrary\steamapps\common\cyberdrome\cyberdrome\binaries\win64\cyberdrome-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{363F3173-659B-4CCC-B360-C3956DDDE655}C:\users\santiago\desktop\herramientas\processing-3.5.3\java\bin\java.exe] => (Allow) C:\users\santiago\desktop\herramientas\processing-3.5.3\java\bin\java.exe
FirewallRules: [UDP Query User{A62DC1B0-3C8A-4951-94DC-B5FFBA5BFDF8}C:\users\santiago\desktop\herramientas\processing-3.5.3\java\bin\java.exe] => (Allow) C:\users\santiago\desktop\herramientas\processing-3.5.3\java\bin\java.exe
FirewallRules: [{8536D887-D898-4762-965D-8699A624AAF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{836BDE0F-6C56-4F1B-BFEB-2537FF9B829D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{46065C6B-1B0A-401C-BA8D-F2D1C6F3AC2A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2A6603EF-61E6-430A-AA0B-835F29562C7D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{34F326E6-2A37-49F9-B2F6-40A285427901}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{5814747B-16A1-4B8A-BD79-98159E07928C}E:\leage of legends\game\league of legends.exe] => (Allow) E:\leage of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{C0DA6D29-B405-44A9-B3C8-C4CD05E599FF}E:\leage of legends\game\league of legends.exe] => (Allow) E:\leage of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [TCP Query User{7F273ECE-100E-46FC-AC4F-91BFB729C8DA}G:\counter-strike 1.6\hl.exe] => (Allow) G:\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{67EAAD94-FFB9-4584-831A-516FF2AB5DFD}G:\counter-strike 1.6\hl.exe] => (Allow) G:\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{0C98487E-3F5F-4092-B11C-B87510AB745D}G:\counter-strike 1.6\hlds.exe] => (Allow) G:\counter-strike 1.6\hlds.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{E8811432-F760-461C-B483-7520F9EA8EE0}G:\counter-strike 1.6\hlds.exe] => (Allow) G:\counter-strike 1.6\hlds.exe (Valve) [File not signed]
FirewallRules: [{C9E070E8-D9DA-4F39-BACF-4CE21D8879B3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D7E37208-13E7-41FD-B8C0-0815F6D8B759}] => (Allow) C:\Windows\SysWOW64\lxczcoms.exe (Lexmark International, Inc. -> )
FirewallRules: [{1444D500-9A32-4B4F-AC9D-92BE9916BAE1}] => (Allow) C:\Windows\SysWOW64\lxczcoms.exe (Lexmark International, Inc. -> )
FirewallRules: [{D9DE96B5-F2FF-42E0-B195-BDE448F57F88}] => (Allow) C:\Windows\System32\lxczcoms.exe (Lexmark International, Inc. -> )
FirewallRules: [{F509256C-A41A-4AFF-9CBA-E8FE669AC80F}] => (Allow) C:\Windows\System32\lxczcoms.exe (Lexmark International, Inc. -> )
FirewallRules: [TCP Query User{578C8483-E43A-480C-823D-E733F9B76AD7}G:\descargas\terraria v1.3.5.3 -juegoslarkdv\terrariaserver.exe] => (Allow) G:\descargas\terraria v1.3.5.3 -juegoslarkdv\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [UDP Query User{2928C7AF-182C-4B59-B08A-315A9841C513}G:\descargas\terraria v1.3.5.3 -juegoslarkdv\terrariaserver.exe] => (Allow) G:\descargas\terraria v1.3.5.3 -juegoslarkdv\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [{51AC69E8-1C8B-4D4E-8CEB-D8E6AE8E93D1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe No File
FirewallRules: [{677134AD-75E6-4620-9CDC-C756A292FDCA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe No File
FirewallRules: [{4ECB0E51-F8A6-4918-B418-2E0201EDE2DC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe No File
FirewallRules: [{66FE8460-ACBD-4B54-9C02-DFF579593FE3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe No File
FirewallRules: [{BC1DF491-4E17-400E-B11E-5D24E46B7BBE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: TBox Support Driver
Description: TBox Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: TBoxDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================el resto del informe “addition” es que no cabe entero en la respuesta jeje.
Application errors:
==================
Error: (09/24/2019 04:56:49 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows no puede tener acceso al archivo por alguna de las siguientes razones:
Hay un problema con la conexión de red, con el disco donde se almacena este archivo o con los controladores
de almacenamiento instalados en este equipo; o bien no se encuentra el disco.
Windows cerró el programa mbam.exe por este error.
Programa: mbam.exe
Archivo:
El valor del error se muestra en la sección Datos adicionales.
Acción del usuario
1. Abra el archivo de nuevo.
Podría ser sólo un problema temporal que se corrige al ejecutar el programa de nuevo.
2.
Si todavía no se puede tener acceso al archivo y
- Está en la red,
el administrador de red debe comprobar que no exista ningún problema con la red y que es posible ponerse en contacto con el servidor.
- Está en un disco extraíble, como un disquete o un CD-ROM, compruebe que el disco esté insertado en el equipo.
3. Compruebe y repare el sistema de archivos ejecutando CHKDSK. Para ejecutar CHKDSK, haga clic en Inicio y después en Ejecutar; escriba CMD y después haga clic en Aceptar. En el símbolo del sistema, escriba CHKDSK /F y después presione Entrar.
4. Si el problema continúa, restaure el archivo a partir de una copia de seguridad.
5. Compruebe si se pueden abrir otros archivos en el mismo disco. Si no se pueden abrir, el disco podría estar dañado. Si se trata de un disco duro, póngase en contacto con el administrador o con el fabricante del hardware del equipo
para obtener ayuda adicional.
Datos adicionales
Valor del error:C000026E
Tipo de disco: 0
Error: (09/24/2019 04:56:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbam.exe, versión: 0.0.0.0, marca de tiempo: 0x5d13b1a3
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.17514, marca de tiempo: 0x4ce7ba58
Código de excepción: 0xc0000006
Desplazamiento de errores: 0x00046882
Id. del proceso con errores: 0x1b8c
Hora de inicio de la aplicación con errores: 0x01d5730a08bff2dd
Ruta de acceso de la aplicación con errores: G:\Anti-Malware\mbam.exe
Ruta de acceso del módulo con errores: C:\Windows\SysWOW64\ntdll.dll
Id. del informe: 34e4abdc-df16-11e9-95d4-003067bdf35a
Error: (09/24/2019 04:56:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamtray.exe, versión: 0.0.0.0, marca de tiempo: 0x5d13b12f
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc00000fd
Desplazamiento de errores: 0x7526e294
Id. del proceso con errores: 0x14b8
Hora de inicio de la aplicación con errores: 0x01d57309f8c06875
Ruta de acceso de la aplicación con errores: G:\Anti-Malware\mbamtray.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: 344227ea-df16-11e9-95d4-003067bdf35a
Error: (09/24/2019 04:56:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamservice.exe, versión: 0.0.0.0, marca de tiempo: 0x5d10ed55
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.17514, marca de tiempo: 0x4ce7c8f9
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000018e3d
Id. del proceso con errores: 0x13d0
Hora de inicio de la aplicación con errores: 0x01d57309ed5607bb
Ruta de acceso de la aplicación con errores: G:\Anti-Malware\mbamservice.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Id. del informe: 2a0e9e0d-df16-11e9-95d4-003067bdf35a
Error: (09/24/2019 04:46:08 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows no puede tener acceso al archivo por alguna de las siguientes razones:
Hay un problema con la conexión de red, con el disco donde se almacena este archivo o con los controladores
de almacenamiento instalados en este equipo; o bien no se encuentra el disco.
Windows cerró el programa Proceso host de Windows (Rundll32) por este error.
Programa: Proceso host de Windows (Rundll32)
Archivo:
El valor del error se muestra en la sección Datos adicionales.
Acción del usuario
1. Abra el archivo de nuevo.
Podría ser sólo un problema temporal que se corrige al ejecutar el programa de nuevo.
2.
Si todavía no se puede tener acceso al archivo y
- Está en la red,
el administrador de red debe comprobar que no exista ningún problema con la red y que es posible ponerse en contacto con el servidor.
- Está en un disco extraíble, como un disquete o un CD-ROM, compruebe que el disco esté insertado en el equipo.
3. Compruebe y repare el sistema de archivos ejecutando CHKDSK. Para ejecutar CHKDSK, haga clic en Inicio y después en Ejecutar; escriba CMD y después haga clic en Aceptar. En el símbolo del sistema, escriba CHKDSK /F y después presione Entrar.
4. Si el problema continúa, restaure el archivo a partir de una copia de seguridad.
5. Compruebe si se pueden abrir otros archivos en el mismo disco. Si no se pueden abrir, el disco podría estar dañado. Si se trata de un disco duro, póngase en contacto con el administrador o con el fabricante del hardware del equipo
para obtener ayuda adicional.
Datos adicionales
Valor del error:C00000C0
Tipo de disco: 0
Error: (09/24/2019 04:46:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: rundll32.exe_aepdu.dll, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc9e0
Nombre del módulo con errores: aeinv.dll, versión: 6.1.7601.17514, marca de tiempo: 0x4ce7c45b
Código de excepción: 0xc0000006
Desplazamiento de errores: 0x0000000000051811
Id. del proceso con errores: 0x129c
Hora de inicio de la aplicación con errores: 0x01d5731f2e93d0cc
Ruta de acceso de la aplicación con errores: C:\Windows\system32\rundll32.exe
Ruta de acceso del módulo con errores: C:\Windows\system32\aeinv.dll
Id. del informe: b6e6a77b-df14-11e9-95d4-003067bdf35a
Error: (09/21/2019 06:08:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: pcsx2.exe, versión: 0.0.0.0, marca de tiempo: 0x5b12791a
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x08010000
Id. del proceso con errores: 0x1dc
Hora de inicio de la aplicación con errores: 0x01d570d0573fc33e
Ruta de acceso de la aplicación con errores: G:\Descargas\Emulador PS2 + Bios\pcsx2-v1.5.0-dev-2400-g9c1224b04-windows-x86\pcsx2.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: c60459f8-dcc4-11e9-b0a7-003067bdf35a
Error: (09/19/2019 05:24:02 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows no puede tener acceso al archivo por alguna de las siguientes razones:
Hay un problema con la conexión de red, con el disco donde se almacena este archivo o con los controladores
de almacenamiento instalados en este equipo; o bien no se encuentra el disco.
Windows cerró el programa LMIGuardianSvc.exe por este error.
Programa: LMIGuardianSvc.exe
Archivo:
El valor del error se muestra en la sección Datos adicionales.
Acción del usuario
1. Abra el archivo de nuevo.
Podría ser sólo un problema temporal que se corrige al ejecutar el programa de nuevo.
2.
Si todavía no se puede tener acceso al archivo y
- Está en la red,
el administrador de red debe comprobar que no exista ningún problema con la red y que es posible ponerse en contacto con el servidor.
- Está en un disco extraíble, como un disquete o un CD-ROM, compruebe que el disco esté insertado en el equipo.
3. Compruebe y repare el sistema de archivos ejecutando CHKDSK. Para ejecutar CHKDSK, haga clic en Inicio y después en Ejecutar; escriba CMD y después haga clic en Aceptar. En el símbolo del sistema, escriba CHKDSK /F y después presione Entrar.
4. Si el problema continúa, restaure el archivo a partir de una copia de seguridad.
5. Compruebe si se pueden abrir otros archivos en el mismo disco. Si no se pueden abrir, el disco podría estar dañado. Si se trata de un disco duro, póngase en contacto con el administrador o con el fabricante del hardware del equipo
para obtener ayuda adicional.
Datos adicionales
Valor del error:C000026E
Tipo de disco: 0
System errors:
=============
Error: (09/27/2019 05:43:36 PM) (Source: atapi) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Ide\IdePort3.
Error: (09/27/2019 05:43:36 PM) (Source: atapi) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Ide\IdePort3.
Error: (09/27/2019 05:43:35 PM) (Source: atapi) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Ide\IdePort3.
Error: (09/27/2019 05:43:33 PM) (Source: atapi) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Ide\IdePort3.
Error: (09/27/2019 05:43:31 PM) (Source: atapi) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Ide\IdePort3.
Error: (09/27/2019 05:43:30 PM) (Source: atapi) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Ide\IdePort3.
Error: (09/27/2019 05:43:28 PM) (Source: atapi) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Ide\IdePort3.
Error: (09/27/2019 05:43:28 PM) (Source: atapi) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Ide\IdePort3.
CodeIntegrity:
===================================
Date: 2019-09-26 21:40:43.241
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Cheat Engine 6.7\dbk64.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2019-09-26 21:40:43.230
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Cheat Engine 6.7\dbk64.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2019-09-26 21:40:43.194
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Cheat Engine 6.7\dbk32.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2019-09-26 21:40:43.184
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Cheat Engine 6.7\dbk32.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2019-09-21 17:22:52.844
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Cheat Engine 6.7\dbk64.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2019-09-21 17:22:52.835
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Cheat Engine 6.7\dbk64.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2019-09-21 17:22:52.814
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Cheat Engine 6.7\dbk32.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2019-09-21 17:22:52.805
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Cheat Engine 6.7\dbk32.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 4.6.4 04/07/2011
Motherboard: BIOSTAR Group H61MH
Processor: Intel(R) Pentium(R) CPU G620 @ 2.60GHz
Percentage of memory in use: 92%
Total physical RAM: 4078.67 MB
Available physical RAM: 307.57 MB
Total Virtual: 10067.68 MB
Available Virtual: 1121.96 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:132.28 GB) (Free:3.55 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (discoduro) (Fixed) (Total:149.01 GB) (Free:37.32 GB) NTFS
Drive e: () (Fixed) (Total:100.6 GB) (Free:26.6 GB) NTFS
Drive g: () (Fixed) (Total:931.51 GB) (Free:164.1 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149 GB) (Disk ID: 2BD2C32A)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: C12ACD25)
Partition 1: (Active) - (Size=132.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100.6 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 1DAF632F)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================Por favor,revisa lo que pones.Mira el de Malwarebytes…no es ese…este no pone ni que eliminó nada,ni es el tipo de análisis indicado,esta cancelado…
Ademas el primer log de Fabar,esta incompleto…falta apartir de ,One Month Modificated…
perdom, lo que falta del farbar.
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-27 17:35 - 2019-01-22 18:19 - 000000000 ____D C:\Users\santiago\AppData\Roaming\uTorrent
2019-09-27 17:15 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF
2019-09-27 17:13 - 2019-03-16 12:06 - 000000000 ____D C:\Users\santiago\AppData\Local\BitTorrentHelper
2019-09-27 17:12 - 2019-01-20 19:56 - 000000000 ____D C:\ProgramData\NVIDIA
2019-09-27 17:12 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-09-26 21:59 - 2009-07-13 23:45 - 000012560 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-09-26 21:59 - 2009-07-13 23:45 - 000012560 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-09-26 20:20 - 2019-05-25 22:35 - 000103736 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2019-09-26 20:01 - 2019-05-13 16:34 - 000000000 ___SD C:\Users\santiago\AppData\LocalLow\Temp
2019-09-25 19:36 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\Resources
2019-09-24 19:07 - 2019-01-21 12:26 - 000000000 ____D C:\Users\santiago\AppData\Roaming\AIMP
2019-09-24 18:45 - 2018-01-20 18:59 - 000114336 _____ C:\Users\santiago\AppData\Local\GDIPFONTCACHEV1.DAT
2019-09-24 18:43 - 2009-07-13 23:45 - 000462168 _____ C:\Windows\system32\FNTCACHE.DAT
2019-09-24 18:41 - 2019-01-22 15:19 - 000000000 ____D C:\Users\santiago\AppData\Local\CrashDumps
2019-09-24 13:50 - 2019-02-03 18:06 - 000000000 ____D C:\Users\santiago\Desktop\trabajos
2019-09-24 13:23 - 2019-03-10 22:25 - 000000000 ____D C:\Users\santiago\AppData\LocalLow\Adobe
2019-09-22 00:31 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2019-09-21 23:13 - 2019-02-15 23:15 - 000000000 ____D C:\Users\santiago\AppData\Roaming\vlc
2019-09-21 19:47 - 2019-05-05 16:18 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2019-09-19 18:14 - 2019-01-21 12:34 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-09-19 15:46 - 2018-01-20 19:09 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-16 22:02 - 2019-02-28 20:12 - 000000000 ____D C:\Users\santiago\AppData\Local\GeometryDash
2019-09-16 20:43 - 2019-01-22 12:32 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-09-16 20:41 - 2019-01-22 12:06 - 000000000 ____D C:\Program Files\Microsoft Office
2019-09-14 21:27 - 2019-02-14 21:35 - 000000000 ____D C:\Users\santiago\AppData\Roaming\Discord
2019-09-14 20:08 - 2019-01-22 12:37 - 000003186 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1066829708-2042649287-4230230453-1000
2019-09-14 20:08 - 2019-01-22 12:37 - 000002206 _____ C:\Users\santiago\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2019-09-14 20:08 - 2019-01-22 12:37 - 000000000 ___RD C:\Users\santiago\OneDrive
2019-09-14 13:25 - 2019-05-05 16:17 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-09-09 18:35 - 2019-02-02 16:24 - 000000000 ____D C:\Users\santiago\BrawlhallaReplays
2019-09-09 15:44 - 2019-01-20 19:55 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-09-04 15:12 - 2019-03-23 15:38 - 000000000 ____D C:\Windows\SysWOW64\directx
2019-09-04 15:06 - 2019-05-23 12:57 - 000000000 ____D C:\Users\santiago\AppData\Roaming\Processing
2019-09-04 13:06 - 2019-05-22 21:06 - 000018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2019-09-02 18:29 - 2009-07-14 05:30 - 000747720 _____ C:\Windows\system32\perfh00A.dat
2019-09-02 18:29 - 2009-07-14 05:30 - 000159192 _____ C:\Windows\system32\perfc00A.dat
2019-09-02 18:29 - 2009-07-14 00:13 - 001678218 _____ C:\Windows\system32\PerfStringBackup.INI
2019-09-02 18:14 - 2019-01-20 21:02 - 000000000 ___RD C:\Users\santiago\Desktop\juegos
2019-09-02 18:04 - 2019-01-20 21:06 - 000000000 ____D C:\Users\santiago\Documents\My Games
2019-09-02 15:07 - 2019-03-23 19:28 - 000000000 ____D C:\Program Files (x86)\Age of Empires II HD
2019-09-01 21:11 - 2019-07-28 09:54 - 000000000 ____D C:\Users\santiago\AppData\Local\ElevatedDiagnostics
2019-08-31 16:37 - 2019-05-25 21:10 - 000000000 ____D C:\Temp
2019-08-28 16:54 - 2019-03-10 16:44 - 000000000 ____D C:\Users\santiago\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2019-08-28 16:50 - 2019-03-10 16:42 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-08-28 16:48 - 2019-04-14 18:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2019-08-28 13:48 - 2009-07-13 22:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2019-08-28 13:46 - 2019-06-07 13:02 - 000002370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive para la Empresa.lnk
2019-08-28 13:46 - 2019-06-07 13:02 - 000002324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-08-28 13:46 - 2019-06-07 13:02 - 000002234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Empresarial 2016.lnk
2019-08-28 13:23 - 2019-08-03 14:04 - 000212992 _____ C:\Windows\system32\ClickToRun_Pipeline16
==================== Files in the root of some directories ================
2019-05-14 21:55 - 2019-05-14 21:55 - 006922240 _____ () C:\Program Files (x86)\GUT2F5A.tmp
2019-09-19 15:58 - 2019-09-19 15:58 - 000224527 _____ () C:\Users\santiago\AppData\Roaming\Didomoma
2019-09-19 15:58 - 2019-09-19 15:58 - 000224527 _____ () C:\Users\santiago\AppData\Roaming\Sataga
2019-09-19 15:58 - 2019-09-19 15:58 - 000000266 _____ () C:\Users\santiago\AppData\Roaming\WB.CFG
2019-03-12 19:07 - 2019-03-12 19:07 - 000000000 _____ () C:\Users\santiago\AppData\Local\oobelibMkey.log
2019-01-26 22:14 - 2019-04-06 00:14 - 000007605 _____ () C:\Users\santiago\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-09-21 17:20
==================== End of FRST.txt ============================
y en cuantoal informe del malwarebytes no me sale ningun otro aparte de ese, ya ejecute el analisis varias veces y ya no me detecta amenazas.
Ok, en cuanto revise todo, te digo
Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :
-
Para hacerlo descarga Delfix en tu escritorio.
-
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")
-
Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
En el equipo con los demas programas cerrados:
Inicio >>> Ejecutar >>>Escribes notepad.exe.
Ahora copia y pega estos archivos dentro del Notepad:
Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1066829708-2042649287-4230230453-1000\...\MountPoints2: H - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1066829708-2042649287-4230230453-1000\...\MountPoints2: {5d82d1f6-d8ea-11e9-81c8-003067bdf35a} - H:\Setup.exe
HKU\S-1-5-21-1066829708-2042649287-4230230453-1000\...\MountPoints2: {703d5e00-fe09-11e7-ba36-b3a6e30b9393} - H:\HiSuiteDownLoader.exe
GroupPolicy: Restriction ? <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-05-24] (VideoLAN -> VideoLAN)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S1 TBoxDrv; \??\C:\Program Files\AndroidTbox\TBoxDrv.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
Shortcut: C:\Users\santiago\Desktop\juegos\MOTORM4X.lnk -> C:\Program Files (x86)\City Interactive\MOTORM4X Offroad Extreme\MotorM4X.bat ()
Shortcut: C:\Users\santiago\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\0 A.D. alpha\Open logs folder.lnk -> G:\0 A.D. alpha\OpenLogsFolder.bat ()
ShortcutWithArgument: C:\Users\santiago\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<
Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.
-
Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro?, para trabajar desde ese modo de windows.
-
Ejecutas Frst.exe.
-
Presionas el botón Fix y aguardas a que termine.
-
La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
Lo pegas en tu próxima respuesta, comentado como va el pc
1 me gusta
vale, puede que los resultados esten para mañana o pasado mañana, es que tengo asuntos que resolver antes, lamento mi falta de compromiso con este proceso, pero espero que me comprendas.
No hay problema…por aquí esperando…