AdwCleaner log:
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-10-26.1 (Cloud)
# Support:
https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-06-2021
# Duration: 00:00:01
# OS: Windows 7 Ultimate
# Cleaned: 13
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\PCProtect
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{189B4C7D-CB31-4D84-96CE-6BCA38AD365}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6FBDC96C-2B2B-4680-ACA7-22BE27BB4B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB0D9100-DA11-466F-A2F4-1F978AC76CE}
Deleted HKCU\Software\SSProtect
Deleted HKCU\Software\Sunisoft
Deleted HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.pcprotect.passwordvaultassistant
Deleted HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\Software\Classes\totalav
Deleted HKLM\Software\Wow6432Node\BSD
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityServiceMonitor
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [10727 octets] - [19/02/2019 20:50:32]
AdwCleaner[C00].txt - [9264 octets] - [19/02/2019 20:51:26]
AdwCleaner[S01].txt - [2791 octets] - [05/11/2021 19:58:39]
AdwCleaner[S02].txt - [2852 octets] - [06/11/2021 17:26:13]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
FRST log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-11-2021
Ran by Carlos Luna (administrator) on 1989AH (ASUS All Series) (06-11-2021 17:36:33)
Running from C:\Users\Carlos Luna\Desktop
Loaded Profiles: Carlos Luna
: Microsoft Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Borislav Surbat -> MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Logitech -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\Carlos Luna\AppData\Local\Programs\Opera GX\80.0.4170.91\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Users\Carlos Luna\AppData\Local\Programs\Opera GX\opera.exe <12>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9068040 2016-11-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8294680 2014-02-27] (Logitech -> Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-2305226654-651215044-733858041-1000\...\Run: [Opera GX Browser Assistant] => C:\Users\Carlos Luna\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2305226654-651215044-733858041-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (Borislav Surbat -> MyCity)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-03-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1ADD0762-CC79-45E7-B15D-17E123E1BE18} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2206488 2016-08-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {293D7E12-004D-4520-8CE0-C06D21EFB4D1} - System32\Tasks\Opera GX scheduled Autoupdate 1634241479 => C:\Users\Carlos Luna\AppData\Local\Programs\Opera GX\launcher.exe [46162128 2021-11-04] (Opera Software AS -> Opera Software)
Task: {427624A0-6125-446F-84D9-BC6C71027E47} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2225952 2016-08-15] (Microsoft Corporation -> Microsoft)
Task: {45A4D6E9-3EB8-4039-87C0-8EDD5A1CDC23} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1634663272 => C:\Users\Carlos Luna\AppData\Local\Programs\Opera GX\launcher.exe [46162128 2021-11-04] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Carlos Luna\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {4D109734-C672-4DAB-8E1C-0848709181B8} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2305226654-651215044-733858041-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {5918D14A-68E3-4CFE-B21E-E1748D153440} - System32\Tasks\AdobeAAMUpdater-1.0-CarlosLuna-PC-Carlos Luna => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {62A6C492-DB90-48A0-8729-0E9EE4C6AA60} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [998104 2015-07-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {6D10DDD6-E35A-4909-8989-1D5F095840CE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [4624152 2014-06-24] (Piriform Ltd -> Piriform Ltd)
Task: {6FC4D6E7-AEFA-40A9-9BB7-93CA381DA6F7} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2021-09-21] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {A3B005D3-E9D2-481C-8F83-C314EFE5F8A2} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1665312 2016-08-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D0087371-BA7B-40D8-B082-1AA679E01EE7} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2206488 2016-08-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D0C532E0-D1C5-4939-9A5D-20C1E65CEBAA} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1665312 2016-08-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D685ED40-7570-4DD0-8D05-E36B8F49EF67} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 200.48.225.146 200.48.225.130
Tcpip\..\Interfaces\{4F611090-1E2A-4C0B-B218-CB68014871BD}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{577DA66F-E0C5-4726-8D88-1A73332085A9}: [DhcpNameServer] 200.48.225.146 200.48.225.130
Tcpip\..\Interfaces\{8D58557D-1DB6-4DD8-B77E-9A6F9972990A}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{A27F8B15-26C0-4909-9700-9719E16C3A24}: [DhcpNameServer] 200.48.225.130 200.48.225.146
Tcpip\..\Interfaces\{B67BBEAF-70C7-4ED9-ADCE-DAC65DF532A9}: [DhcpNameServer] 200.48.225.146 200.48.225.130
Opera:
=======
OPR Profile: C:\Users\Carlos Luna\AppData\Roaming\Opera Software\Opera Stable [2021-11-04]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Carlos Luna\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-09-29]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Carlos Luna\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-28]
StartMenuInternet: (HKU\S-1-5-21-2305226654-651215044-733858041-1000) Opera GXStable - "C:\Users\Carlos Luna\AppData\Local\Programs\Opera GX\Launcher.exe"
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
"MBAMChameleon" => service could not be unlocked. <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\MBAMChameleon => \SystemRoot\System32\Drivers\MbamChameleon.sys <==== ATTENTION (Rootkit!/Locked Service)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128 2015-07-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [927232 2012-10-29] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2019-03-11] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-23] (Epic Games Inc. -> Epic Games, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-05] (Malwarebytes Inc -> Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [9473408 2021-01-18] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] (ASUSTeK Computer Inc. -> )
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [320728 2021-09-20] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-09-22] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-09-22] (Disc Soft Ltd -> Disc Soft Ltd)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech -> Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech -> Logitech Inc.)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-11-05] (Malwarebytes Inc -> Malwarebytes)
R3 rtl819xpn64; C:\Windows\System32\DRIVERS\rtl819xp.sys [622624 2010-02-01] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Semiconductor Corp -> Realtek Corporation)
S3 RvNetMP60; C:\Windows\System32\DRIVERS\RvNetMP60.sys [69048 2018-12-25] (Famatech Corp. -> Famatech Corp.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2017-08-30] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 wovad_micarray; C:\Windows\System32\drivers\womic.sys [35696 2017-11-25] (Beijing Wolicheng Technology Co., Ltd. -> Windows (R) Win 7 DDK provider)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Three months (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-11-06 17:36 - 2021-11-06 17:37 - 000013725 _____ C:\Users\Carlos Luna\Desktop\FRST.txt
2021-11-05 20:05 - 2021-11-05 20:05 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-11-05 20:05 - 2021-11-05 20:05 - 000001960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-11-05 20:05 - 2021-11-05 20:05 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-11-05 20:05 - 2021-11-05 20:05 - 000000000 ____D C:\Users\Carlos Luna\AppData\Local\mbam
2021-11-05 20:04 - 2021-11-05 20:04 - 000160176 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-11-05 20:04 - 2021-11-05 20:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-11-05 20:04 - 2021-11-05 20:04 - 000000000 ____D C:\Program Files\Malwarebytes
2021-11-05 20:03 - 2021-11-05 20:03 - 000001415 _____ C:\Users\Carlos Luna\Desktop\steps mwbites.txt
2021-11-05 19:43 - 2021-11-05 19:43 - 008553680 _____ (Malwarebytes) C:\Users\Carlos Luna\Desktop\AdwCleaner.exe
2021-11-05 19:42 - 2021-11-05 19:42 - 002101944 _____ (Malwarebytes) C:\Users\Carlos Luna\Desktop\MBSetup-119967.119967-consumer.exe
2021-11-04 15:43 - 2021-11-04 15:43 - 000000008 __RSH C:\ProgramData\ntuser.pol
2021-11-03 20:02 - 2021-11-03 20:03 - 000001970 _____ C:\Users\Carlos Luna\Desktop\netcfg_2021-11-03_20-02-55.dat
2021-11-03 10:11 - 2021-11-05 20:06 - 000000000 ____D C:\Users\Carlos Luna\AppData\Local\CrashDumps
2021-11-03 01:03 - 2021-11-03 01:03 - 000000031 _____ C:\Users\Carlos Luna\Documents\recover network settings.txt
2021-11-02 19:01 - 2021-11-02 19:01 - 000005478 _____ C:\NetworkSettings.txt
2021-11-02 18:59 - 2021-11-02 19:00 - 000005478 _____ C:\Windows\system32\NetworkSettings.txt
2021-11-02 18:58 - 2021-11-02 18:58 - 001053600 _____ (ESET) C:\Users\Carlos Luna\Desktop\esetuninstaller.exe
2021-11-01 15:33 - 2021-11-06 17:36 - 000000000 ____D C:\Users\Carlos Luna\Desktop\FRST-OlderVersion
2021-10-28 17:52 - 2021-11-06 17:31 - 000000000 ____D C:\ProgramData\MCShield
2021-10-28 17:52 - 2021-10-28 17:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2021-10-28 17:52 - 2021-10-28 17:52 - 000000000 ____D C:\Program Files (x86)\MCShield
2021-10-28 17:44 - 2021-10-28 17:45 - 002856736 _____ (MyCity) C:\Users\Carlos Luna\Desktop\MCShield-Setup.exe
2021-10-25 20:29 - 2021-11-06 17:37 - 000000000 ____D C:\FRST
2021-10-25 19:16 - 2021-11-06 17:36 - 002312192 _____ (Farbar) C:\Users\Carlos Luna\Desktop\FRST64.exe
2021-10-24 19:45 - 2021-10-24 19:48 - 000000000 ____D C:\Users\Carlos Luna\AppData\Local\niemiro
2021-10-24 01:54 - 2021-10-24 01:54 - 002316112 _____ (niemiro) C:\Users\Carlos Luna\Desktop\SFCFix.exe
2021-10-24 01:04 - 2021-10-24 01:05 - 000000000 ____D C:\Users\Carlos Luna\Downloads\Windupdate
2021-10-24 00:28 - 2021-10-28 22:08 - 000000000 ____D C:\Users\Carlos Luna\AppData\Local\ElevatedDiagnostics
2021-10-23 23:01 - 2021-10-23 23:02 - 000000000 ____D C:\Program Files\TEST
2021-10-23 21:43 - 2021-10-23 21:43 - 000000000 ____D C:\Users\Carlos Luna\AppData\Local\EOSUserHelper
2021-10-23 21:42 - 2021-10-23 21:42 - 000000000 ____D C:\Users\Carlos Luna\AppData\Local\Epic Games
2021-10-23 21:30 - 2021-10-23 21:30 - 000000000 ____D C:\Users\Default\AppData\Local\Epic Games
2021-10-21 20:11 - 2021-10-21 20:19 - 000000000 ____D C:\Users\Carlos Luna\Downloads\backups
2021-10-21 18:01 - 2021-10-21 18:01 - 000000000 ____D C:\Users\Carlos Luna\AppData\Local\CEF
2021-10-19 12:08 - 2021-10-19 12:08 - 000004352 _____ C:\Windows\system32\Tasks\Opera GX scheduled assistant Autoupdate 1634663272
2021-10-14 14:58 - 2021-11-04 15:49 - 000004100 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1634241479
2021-10-14 14:58 - 2021-10-14 14:58 - 000001437 _____ C:\Users\Carlos Luna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera GX Browser.lnk
2021-10-12 02:37 - 2021-10-12 02:37 - 000001085 _____ C:\Users\Carlos Luna\Desktop\Windows Media Player.lnk
2021-10-11 02:36 - 2021-10-11 02:36 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2021-10-11 02:35 - 2021-10-11 02:35 - 000000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2021-10-08 16:24 - 2021-10-08 16:24 - 000000000 ____D C:\.android
2021-10-08 04:10 - 2021-10-08 04:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project64 2.3
2021-10-08 04:10 - 2021-10-08 04:10 - 000000000 ____D C:\Program Files (x86)\Project64 3.0
2021-09-27 15:15 - 2021-09-27 20:37 - 000000000 ____D C:\Users\Carlos Luna\AppData\Local\GUI
2021-09-26 13:30 - 2021-11-05 21:17 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
2021-09-26 13:30 - 2021-09-27 18:10 - 000000000 ____D C:\Program Files\BlueStacks_nxt
2021-09-26 13:26 - 2021-09-26 13:26 - 001168608 _____ (BlueStack Systems Inc.) C:\Users\Carlos Luna\Downloads\BlueStacksMicroInstaller_5.3.70.1004_native.exe
2021-08-30 00:49 - 2021-10-10 23:03 - 000000995 _____ C:\Users\Carlos Luna\Desktop\Genshin Impact.lnk
==================== Three months (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-11-06 17:32 - 2020-07-17 23:22 - 000000000 ____D C:\ProgramData\NVIDIA
2021-11-06 17:31 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-11-06 17:30 - 2009-07-13 23:45 - 000023936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-11-06 17:30 - 2009-07-13 23:45 - 000023936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-11-06 17:22 - 2014-07-04 16:56 - 000000000 ____D C:\Users\Carlos Luna\AppData\Local\Adobe
2021-11-06 01:09 - 2014-06-22 19:37 - 000000000 ____D C:\Program Files (x86)\Steam
2021-11-05 23:07 - 2020-10-21 01:14 - 000000000 ____D C:\Program Files\Genshin Impact
2021-11-05 22:16 - 2017-05-05 20:31 - 000000000 ____D C:\Users\Carlos Luna\AppData\Roaming\discord
2021-11-05 22:16 - 2017-05-05 20:30 - 000000000 ____D C:\Users\Carlos Luna\AppData\Local\Discord
2021-11-05 19:40 - 2018-08-09 13:33 - 000000000 ____D C:\Users\Carlos Luna\Documents\Carlos
2021-11-04 15:05 - 2020-01-20 18:10 - 000000000 ____D C:\Windows\system32\Tasks\MEGA
2021-11-04 15:05 - 2009-07-13 22:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2021-11-04 15:05 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2021-11-03 20:03 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2021-11-03 19:59 - 2016-04-14 00:33 - 000000000 ____D C:\Windows\pss
2021-11-03 10:11 - 2015-04-19 18:58 - 000007630 _____ C:\Users\Carlos Luna\AppData\Local\Resmon.ResmonCfg
2021-11-02 18:52 - 2020-03-13 03:31 - 000000000 ____D C:\Users\Carlos Luna\AppData\Roaming\Sun
2021-11-02 18:52 - 2014-05-10 22:18 - 000000000 ____D C:\Program Files\Java
2021-11-02 18:47 - 2014-03-12 19:31 - 000000000 ____D C:\Windows\system32\Macromed
2021-11-02 18:47 - 2014-03-12 19:26 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2021-11-01 20:53 - 2016-06-08 15:05 - 000000000 ____D C:\Users\Carlos Luna\AppData\Roaming\.minecraft
2021-10-30 17:55 - 2014-08-07 03:52 - 000000132 _____ C:\Users\Carlos Luna\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2021-10-28 18:29 - 2020-03-22 18:03 - 000689126 _____ C:\Windows\system32\perfh007.dat
2021-10-28 18:29 - 2020-03-22 18:03 - 000149098 _____ C:\Windows\system32\perfc007.dat
2021-10-28 18:29 - 2014-03-12 20:39 - 000745504 _____ C:\Windows\system32\perfh00A.dat
2021-10-28 18:29 - 2014-03-12 20:39 - 000158582 _____ C:\Windows\system32\perfc00A.dat
2021-10-28 18:29 - 2009-07-14 00:13 - 002514704 _____ C:\Windows\system32\PerfStringBackup.INI
2021-10-28 18:28 - 2018-08-09 13:46 - 000000000 ____D C:\Users\Carlos Luna\Documents\Hermanos
2021-10-25 19:58 - 2014-04-11 01:54 - 000000000 ____D C:\Users\Carlos Luna\Documents\My Games
2021-10-24 00:28 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF
2021-10-23 02:22 - 2021-08-02 01:56 - 000000000 ____D C:\Users\Carlos Luna\AppData\Roaming\vlc
2021-10-21 02:15 - 2014-03-12 19:32 - 000000000 ____D C:\Users\Carlos Luna\AppData\Roaming\Adobe
2021-10-21 02:04 - 2021-03-11 21:40 - 000000000 ____D C:\Users\Carlos Luna\AppData\Local\Opera Software
2021-10-21 01:46 - 2015-10-24 19:03 - 000000000 ____D C:\Users\Carlos Luna\Downloads\Series
2021-10-20 23:09 - 2014-04-19 03:42 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-10-20 16:10 - 2009-01-01 01:05 - 000000000 ___RD C:\Program Files (x86)\ASUS
2021-10-19 05:17 - 2009-01-01 00:26 - 000154328 _____ C:\Users\Carlos Luna\AppData\Local\GDIPFONTCACHEV1.DAT
2021-10-19 02:57 - 2009-07-13 23:45 - 005165616 _____ C:\Windows\system32\FNTCACHE.DAT
2021-10-19 02:07 - 2016-06-08 15:04 - 000000000 ____D C:\Program Files (x86)\Minecraft
2021-10-19 02:06 - 2014-04-19 03:17 - 000000000 ____D C:\ProgramData\Adobe
2021-10-19 02:03 - 2015-02-16 14:11 - 000000000 ____D C:\Program Files (x86)\Java
2021-10-18 22:24 - 2019-02-06 20:46 - 000000000 ____D C:\Windows\system32\DAX2
2021-10-18 22:23 - 2021-05-01 02:22 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2021-10-18 22:05 - 2015-10-24 19:03 - 000000000 ____D C:\Users\Carlos Luna\Downloads\Archives
2021-10-18 22:02 - 2014-03-12 20:50 - 000000000 ____D C:\Windows\system32\Tasks\Games
2021-10-18 14:41 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\rescache
2021-10-14 14:56 - 2016-01-14 23:46 - 000000000 ____D C:\Users\Carlos Luna\AppData\Roaming\Opera Software
2021-10-12 00:06 - 2009-01-01 03:16 - 000000000 ____D C:\Windows\Panther
2021-10-11 02:35 - 2009-07-14 02:45 - 000000000 ___RD C:\Users\Public\Recorded TV
2021-10-11 02:14 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-10-10 23:03 - 2020-10-21 01:14 - 000000000 ____D C:\Users\Carlos Luna\AppData\Local\miHoYo
2021-10-10 23:03 - 2020-10-21 01:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genshin Impact
2021-10-10 13:31 - 2014-03-12 20:50 - 000018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2021-10-10 01:13 - 2009-07-14 00:08 - 000032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2021-10-08 03:55 - 2015-01-14 14:34 - 000000000 ____D C:\Users\Carlos Luna\Downloads\Zips
==================== Files in the root of some directories ========
2014-10-07 03:30 - 2016-03-28 23:20 - 000000132 _____ () C:\Users\Carlos Luna\AppData\Roaming\Prefs. de formato OpenEXR de Adobe CS6
2014-08-07 03:52 - 2021-10-30 17:55 - 000000132 _____ () C:\Users\Carlos Luna\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2016-02-15 18:17 - 2017-09-18 11:15 - 002447075 _____ () C:\Users\Carlos Luna\AppData\Roaming\PS13_panel.log
2020-06-26 00:10 - 2020-06-26 00:10 - 000000045 _____ () C:\Users\Carlos Luna\AppData\Roaming\WB.CFG
2016-08-03 21:50 - 2017-09-17 09:56 - 000001456 _____ () C:\Users\Carlos Luna\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2021-01-10 12:03 - 2021-01-10 12:04 - 000000774 _____ () C:\Users\Carlos Luna\AppData\Local\install_info.txt
2015-08-07 11:17 - 2015-08-07 11:17 - 013545694 _____ () C:\Users\Carlos Luna\AppData\Local\package.nw.new
2018-08-31 01:09 - 2018-12-29 02:20 - 000000600 _____ () C:\Users\Carlos Luna\AppData\Local\PUTTY.RND
2015-04-19 18:58 - 2021-11-03 10:11 - 000007630 _____ () C:\Users\Carlos Luna\AppData\Local\Resmon.ResmonCfg
2019-10-18 02:55 - 2020-07-25 01:51 - 000000077 _____ () C:\Users\Carlos Luna\AppData\Local\update_progress.txt
2019-12-06 23:13 - 2019-12-06 23:13 - 000017408 _____ () C:\Users\Carlos Luna\AppData\Local\WebpageIcons.db
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Addition log:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-11-2021
Ran by Carlos Luna (06-11-2021 17:37:54)
Running from C:\Users\Carlos Luna\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X64) (2009-01-01 05:23:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2305226654-651215044-733858041-500 - Administrator - Disabled)
Carlos Luna (S-1-5-21-2305226654-651215044-733858041-1000 - Administrator - Enabled) => C:\Users\Carlos Luna
Guest (S-1-5-21-2305226654-651215044-733858041-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2305226654-651215044-733858041-1005 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 3.9.6 - Mirillis)
Autodesk Maya 2015 SP2 (HKLM\...\Autodesk Maya 2015 SP2) (Version: 15.2.1633.0 - Autodesk)
Autodesk Maya 2016 SP1 (HKLM\...\Autodesk Maya 2016 SP1) (Version: 16.6.2775.0 - Autodesk) Hidden
Autodesk Maya 2016 SP2 (HKLM\...\Autodesk Maya 2016 SP2) (Version: 16.6.2775.0 - Autodesk) Hidden
Autodesk Maya 2016 SP3 (HKLM\...\Autodesk Maya 2016 SP3) (Version: 16.6.2775.0 - Autodesk) Hidden
Autodesk Maya 2016 SP3P02 (HKLM\...\Autodesk Maya 2016 SP3P02) (Version: 16.6.2775.0 - Autodesk) Hidden
Autodesk Maya 2016 SP4 (HKLM\...\Autodesk Maya 2016 SP4) (Version: 16.6.2775.0 - Autodesk) Hidden
Autodesk Maya 2016 SP4P04 (HKLM\...\Autodesk Maya 2016 SP4P04) (Version: 16.6.2775.0 - Autodesk) Hidden
Autodesk Maya 2016 SP4P05 (HKLM\...\Autodesk Maya 2016 SP4P05) (Version: 16.6.2775.0 - Autodesk) Hidden
Autodesk Maya 2016 SP5 (HKLM\...\Autodesk Maya 2016 SP5) (Version: 16.6.2775.0 - Autodesk) Hidden
Autodesk Maya 2016 SP5P06 (HKLM\...\Autodesk Maya 2016 SP5P06) (Version: 16.6.2775.0 - Autodesk) Hidden
Autodesk Maya 2016 SP5P07 (HKLM\...\Autodesk Maya 2016 SP5P07) (Version: 16.6.2775.0 - Autodesk) Hidden
Autodesk Maya 2016 SP5P08 (HKLM\...\Autodesk Maya 2016 SP5P08) (Version: 16.6.2775.0 - Autodesk) Hidden
Autodesk Maya 2016 SP6 (HKLM\...\Autodesk Maya 2016 SP6) (Version: 16.6.2775.0 - Autodesk)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.3.70.1004 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Corel Update Manager (HKLM\...\{9E1EE683-0C7B-46E7-83EC-1F5A1D8F2296}) (Version: 2.9.389 - Corel corporation) Hidden
CorelDRAW Graphics Suite 2017 - IPM (x64) (HKLM\...\{904B10A6-0D9C-4645-9C61-504FA92B9220}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - IPM Content (x64) (HKLM\...\{54F024CB-16AF-4CC0-9BC2-D2507E7C6C01}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Writing Tools (x64) (HKLM\...\{E38357D4-1B80-400F-A6D7-B4D5DD83D979}) (Version: 19.1 - Corel Corporation) Hidden
CrystalDiskInfo 7.6.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.6.1 - Crystal Dew World)
Discord (HKU\S-1-5-21-2305226654-651215044-733858041-1000\...\Discord) (Version: 0.0.309 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{8CAF0391-512D-485C-B141-39D89E7EDCA8}) (Version: 1.2.17.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.12.1.0 - miHoYo Co.,Ltd)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{557D160E-2085-4D38-BDA3-1D5D3F74A3A4}) (Version: 6.0.4 - Intel Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.4.10.144 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.10.144 - Malwarebytes)
MCShield ::Anti-Malware Tool:: (HKLM-x32\...\MCShield) (Version: 3.0.5.28 - MyCity)
Microsoft .NET Framework 4.8 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.8.106.0 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Research Mesh Virtual WIFI (HKLM-x32\...\{034A32D5-699E-4AED-A2EB-2CCB6E7F37F1}) (Version: 1.0.000 - Microsoft Research)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1b103cea-f037-4504-81de-956057b442c3}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{810F1419-7760-402E-8772-B4054FAA2B72}) (Version: 1.0.0.0 - Mojang)
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
NVIDIA Graphics Driver 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.34 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Opera GX Stable 80.0.4170.91 (HKU\S-1-5-21-2305226654-651215044-733858041-1000\...\Opera GX 80.0.4170.91) (Version: 80.0.4170.91 - Opera Software)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Project64 version 3.0.1.5664 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 3.0.1.5664 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7982 - Realtek Semiconductor Corp.)
UE4 Prerequisites (x86) (HKLM-x32\...\{6EAAE1C0-6000-45FA-B46D-D206144925BF}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x86) (HKLM-x32\...\{f1203e43-4ddb-4280-974e-73f14d793dbd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
WO Mic Client (HKLM-x32\...\WOMic) (Version: - )
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2305226654-651215044-733858041-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305226654-651215044-733858041-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305226654-651215044-733858041-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305226654-651215044-733858041-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305226654-651215044-733858041-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305226654-651215044-733858041-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6718864 2011-02-12] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4220304 2011-02-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2004-12-26] () [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-11-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2004-12-26] () [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-07-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-11-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2004-12-26] () [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [652288 2013-05-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] () [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2009-01-01 01:06 - 2021-11-06 17:31 - 000034448 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.01.01\PEbiosinterface32.dll
2019-02-21 21:00 - 2019-02-21 21:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2021-05-01 02:09 - 2013-04-26 10:24 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2014-02-27 17:43 - 2014-02-27 17:43 - 000173568 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files\Logitech Gaming Software\imageformats\qjpeg4.dll
2014-02-27 17:43 - 2014-02-27 17:43 - 001807360 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files\Logitech Gaming Software\QtCLucene4.dll
2014-02-27 17:43 - 2014-02-27 17:43 - 003276288 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files\Logitech Gaming Software\QtCore4.dll
2014-02-27 17:43 - 2014-02-27 17:43 - 012168192 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files\Logitech Gaming Software\QtGui4.dll
2014-02-27 17:43 - 2014-02-27 17:43 - 000750080 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files\Logitech Gaming Software\QtHelp4.dll
2014-02-27 17:43 - 2014-02-27 17:43 - 001085952 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files\Logitech Gaming Software\QtNetwork4.dll
2014-02-27 17:43 - 2014-02-27 17:43 - 000841728 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files\Logitech Gaming Software\QtOpenGL4.dll
2014-02-27 17:43 - 2014-02-27 17:43 - 001990144 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files\Logitech Gaming Software\QtScript4.dll
2014-02-27 17:43 - 2014-02-27 17:43 - 000897024 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files\Logitech Gaming Software\QtSql4.dll
2014-02-27 17:43 - 2014-02-27 17:43 - 000539136 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files\Logitech Gaming Software\QtXml4.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
www.google.com
HKU\S-1-5-21-2305226654-651215044-733858041-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://latam.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&FORM=IE8SRC/f
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&FORM=IE8SRC/f
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&FORM=IE8SRC/f
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2021-10-18 22:12 - 2021-10-18 22:12 - 000000833 ____R C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Autodesk\Backburner\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-2305226654-651215044-733858041-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Carlos Luna\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 200.48.225.146 - 200.48.225.130
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: ACTION_SVC => 3
MSCONFIG\Services: AdAppMgrSvc => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamNetworkSvc => 3
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Stereo Service => 2
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{5CB41C60-5184-4DE4-97E7-47A8CE3C61C2}C:\program files (x86)\womic\womicclient.exe] => (Allow) C:\program files (x86)\womic\womicclient.exe () [File not signed]
FirewallRules: [UDP Query User{C4B58CE0-9B62-4529-B69B-189EF82CB167}C:\program files (x86)\womic\womicclient.exe] => (Allow) C:\program files (x86)\womic\womicclient.exe () [File not signed]
FirewallRules: [TCP Query User{53066240-262C-4D89-AD40-374FC9C37118}C:\users\carlos luna\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\carlos luna\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{4FE1146C-6B94-4A3F-B3B9-03B3D4234638}C:\users\carlos luna\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\carlos luna\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{DFCFD19C-91C2-40C7-946E-3EE01B712C2E}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{6A80C201-3B27-4588-98EE-E01BBA7533C3}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{36077DE1-8476-401E-8EA6-52CBF9065A7D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D025ADD2-4276-4691-B046-73FA0D984488}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{586D1D22-7153-4987-97D8-B77472B9AF71}C:\program files\epic games\amongus\among us.exe] => (Allow) C:\program files\epic games\amongus\among us.exe () [File not signed]
FirewallRules: [UDP Query User{CC6FE1C3-7381-4122-8B0F-95493109FF5E}C:\program files\epic games\amongus\among us.exe] => (Allow) C:\program files\epic games\amongus\among us.exe () [File not signed]
FirewallRules: [TCP Query User{5CBDF2E0-CB20-4AE0-9BA2-CE78F6BDF0AE}C:\program files\genshin impact\genshin impact game\genshinimpact.exe] => (Allow) C:\program files\genshin impact\genshin impact game\genshinimpact.exe (miHoYo Co.,Ltd. -> )
FirewallRules: [UDP Query User{985CB71C-5064-4898-8B6F-1A4B83F251E0}C:\program files\genshin impact\genshin impact game\genshinimpact.exe] => (Allow) C:\program files\genshin impact\genshin impact game\genshinimpact.exe (miHoYo Co.,Ltd. -> )
FirewallRules: [{9BCB1DAC-4A40-44C1-BA83-D5E1CF1DD096}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RISK Global Domination\RISK.exe () [File not signed]
FirewallRules: [{2D9C3240-87F7-414B-A498-1A6238A99B0D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RISK Global Domination\RISK.exe () [File not signed]
FirewallRules: [TCP Query User{01F7E6D7-6831-4E02-AC98-14FC7C0AC9C8}C:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe () [File not signed]
FirewallRules: [UDP Query User{53A32A65-3F71-4320-9C6C-D832023AA22C}C:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{0E255199-C3C4-4F02-88FD-FC94100871C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Action Taimanin\ActionTaimanin.exe () [File not signed]
FirewallRules: [{FD9C28AB-F010-407B-B017-0D6B689E01CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Action Taimanin\ActionTaimanin.exe () [File not signed]
FirewallRules: [TCP Query User{33001C23-34A2-484A-B476-E23DFAD5ABE6}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{F4584F73-C6BE-4460-AAA4-1C76B08DEB29}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{6765061F-677B-4DBE-A273-09BAC861F1ED}] => (Allow) C:\Users\Carlos Luna\AppData\Local\Programs\Opera GX\80.0.4170.86\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{324AD36E-790D-4E4C-853C-D1E1DB37E1EE}] => (Allow) C:\Users\Carlos Luna\AppData\Local\Programs\Opera GX\80.0.4170.91\opera.exe (Opera Software AS -> Opera Software)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (11/05/2021 08:06:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 4.0.0.1162, time stamp: 0x61783b28
Faulting module name: Qt5Core.dll, version: 5.14.1.0, time stamp: 0x603971ce
Exception code: 0xc0000005
Fault offset: 0x0000000000219dc5
Faulting process id: 0xccc
Faulting application start time: 0x01d7d2aa86888b35
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: c5321d78-3e9d-11ec-85a1-d850e63c46b2
Error: (11/05/2021 07:49:08 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {f9c2217e-9e3d-4114-b3dc-2f49d95edd69}
System errors:
=============
Error: (11/06/2021 05:40:59 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} did not register with DCOM within the required timeout.
Error: (11/06/2021 05:26:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (11/06/2021 05:26:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (11/06/2021 05:26:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (11/06/2021 05:26:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s).
Error: (11/06/2021 05:26:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel(R) Capability Licensing Service Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (11/06/2021 05:26:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Error: (11/06/2021 05:26:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ASUS Com Service service terminated unexpectedly. It has done this 1 time(s).
==================== Memory info ===========================
BIOS: American Megatrends Inc. 2003 10/15/2014
Motherboard: ASUSTeK COMPUTER INC. H87-PLUS
Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 46%
Total physical RAM: 8130.46 MB
Available physical RAM: 4350.41 MB
Total Virtual: 16259.06 MB
Available Virtual: 10378.11 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:463.61 GB) NTFS
Drive h: (CarlosLuna) (Fixed) (Total:465.76 GB) (Free:253.9 GB) NTFS
\\?\Volume{6f327824-d7c3-11dd-893f-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 319F4949)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 844382C4)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================