Archivo vbe de descargas2020

Hola, me ha pasado exactamente lo mismo que en este caso:

Solo que a mi no me advirtió el antivirus (Avast también) a la hora de abrir el archivo vbe (inocente de mi pensé que era otro tipo de torrent…). He seguido los pasos hasta el uso del Fabar Recovery Scan Tool incluido. Os adjunto los informes. Siguen los síntomas iniciales (bajada drástica del uso del procesador al iniciar el administrador de tareas, entrecortado de los videos reproducidos online y en reproductor). Os agradecería mucho la ayuda.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 9/8/19
Hora del análisis: 22:34
Archivo de registro: 0571abca-bae5-11e9-a9fc-94de80617526.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.11940
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: Alfredo-PC\Alfredo

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 287912
Amenazas detectadas: 200
Amenazas en cuarentena: 200
Tiempo transcurrido: 4 min, 11 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 59
PUP.Optional.AnyProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\APSnotifierPP1, En cuarentena, [857], [235442],1.0.11940
PUP.Optional.AnyProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{75485DA2-AF2A-416C-A00E-EB65C437C306}, En cuarentena, [857], [235442],1.0.11940
PUP.Optional.AnyProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{75485DA2-AF2A-416C-A00E-EB65C437C306}, En cuarentena, [857], [235442],1.0.11940
PUP.Optional.AnyProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\APSnotifierPP2, En cuarentena, [857], [235442],1.0.11940
PUP.Optional.AnyProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{326A8A7A-7E38-4988-946E-B11BF0B73BBC}, En cuarentena, [857], [235442],1.0.11940
PUP.Optional.AnyProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{326A8A7A-7E38-4988-946E-B11BF0B73BBC}, En cuarentena, [857], [235442],1.0.11940
PUP.Optional.AnyProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\APSnotifierPP3, En cuarentena, [857], [235442],1.0.11940
PUP.Optional.AnyProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0C4C16A1-7239-4596-B4D9-852A8CFE1DE5}, En cuarentena, [857], [235442],1.0.11940
PUP.Optional.AnyProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{0C4C16A1-7239-4596-B4D9-852A8CFE1DE5}, En cuarentena, [857], [235442],1.0.11940
PUP.Optional.SmartWeb, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SmartWeb Upgrade Trigger Task, En cuarentena, [2685], [243192],1.0.11940
PUP.Optional.SmartWeb, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F467BB3D-7AD6-444C-A3BA-2E5B6EFD453F}, En cuarentena, [2685], [243192],1.0.11940
PUP.Optional.SmartWeb, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{F467BB3D-7AD6-444C-A3BA-2E5B6EFD453F}, En cuarentena, [2685], [243192],1.0.11940
PUP.Optional.Launchie, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\4882, En cuarentena, [5872], [371289],1.0.11940
PUP.Optional.Launchie, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E0071E36-51C4-4DB8-BB87-F10DD08F7442}, En cuarentena, [5872], [371289],1.0.11940
PUP.Optional.Launchie, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{E0071E36-51C4-4DB8-BB87-F10DD08F7442}, En cuarentena, [5872], [371289],1.0.11940
PUP.Optional.CrossRider, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, En cuarentena, [453], [237370],1.0.11940
PUP.Optional.MySearch123, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}, En cuarentena, [7008], [252841],1.0.11940
PUP.Optional.MiuiTab, HKLM\SOFTWARE\WOW6432NODE\SUPDP, En cuarentena, [3154], [240843],1.0.11940
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0762B65E-08A1-4E9D-80B2-B8C90E0D5EF6}, En cuarentena, [453], [259199],1.0.11940
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, En cuarentena, [453], [237505],1.0.11940
PUP.Optional.AnyProtect, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\ANYPROTECT, En cuarentena, [857], [234600],1.0.11940
PUP.Optional.GlobalUpdate, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY, En cuarentena, [3615], [238772],1.0.11940
PUP.Optional.Taplika, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\LFKJOJACGDJKNINEPEGHAAMNAPDJMLFN, En cuarentena, [409], [243953],1.0.11940
PUP.Optional.Taplika, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\LFKJOJACGDJKNINEPEGHAAMNAPDJMLFN, En cuarentena, [409], [243953],1.0.11940
PUP.Optional.Taplika, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\lfkjojacgdjkninepeghaamnapdjmlfn, En cuarentena, [409], [243953],1.0.11940
PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En cuarentena, [1366], [233681],1.0.11940
PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En cuarentena, [1366], [233681],1.0.11940
PUP.Optional.OurSurfing.ShrtCln, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, En cuarentena, [1366], [233681],1.0.11940
PUP.Optional.Spigot, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{29B296A6-A1B8-4AD6-9923-046AE93320B4}, En cuarentena, [161], [243431],1.0.11940
PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{589B893E-773C-4941-88C2-0DCC718E621C}, En cuarentena, [1366], [233681],1.0.11940
PUP.Optional.OurSurfing.ShrtCln, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{589B893E-773C-4941-88C2-0DCC718E621C}, En cuarentena, [1366], [233681],1.0.11940
PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}, En cuarentena, [1366], [233681],1.0.11940
PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}, En cuarentena, [1366], [233681],1.0.11940
PUP.Optional.OurSurfing.ShrtCln, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}, En cuarentena, [1366], [233681],1.0.11940
PUP.Optional.OurSurfing.ShrtCln, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}, En cuarentena, [1366], [233681],1.0.11940
PUP.Optional.Cinema, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\CinemaP-1.9cV16.03-nv-ie, En cuarentena, [2084], [236453],1.0.11940
PUP.Optional.CouponMarvel, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\lollipop, En cuarentena, [2507], [253334],1.0.11940
PUP.Optional.Taplika, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\Taplika Browser, En cuarentena, [409], [243952],1.0.11940
PUP.Optional.TNT, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\TNT2, En cuarentena, [6641], [244086],1.0.11940
PUP.Optional.Hicosmea, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\toralsup, En cuarentena, [6613], [245427],1.0.11940
PUP.Optional.Tuto4PC, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\TutoTag, En cuarentena, [731], [244265],1.0.11940
PUP.Optional.FFPluginHp, HKLM\SOFTWARE\WOW6432NODE\FFPluginHp, En cuarentena, [6816], [238346],1.0.11940
PUP.Optional.IHProtect, HKLM\SOFTWARE\WOW6432NODE\IHProtect, En cuarentena, [6844], [239373],1.0.11940
PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\oursurfingSoftware, En cuarentena, [1366], [186908],1.0.11940
PUP.Optional.Tuto4PC, HKLM\SOFTWARE\WOW6432NODE\Tutorials, En cuarentena, [731], [315599],1.0.11940
PUP.Optional.WordSurfer, HKLM\SOFTWARE\WOW6432NODE\WordSurfer_1.10.0.19, En cuarentena, [753], [245109],1.0.11940
PUP.Optional.CrossRider, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, En cuarentena, [453], [237370],1.0.11940
PUP.Optional.SmartWeb, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\APPDATALOW\SOFTWARE\SmartWeb, En cuarentena, [2685], [254527],1.0.11940
PUP.Optional.Vitruvian, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\WordSurferAutoUpdateClient_RASAPI32, En cuarentena, [3452], [251355],1.0.11940
PUP.Optional.Vitruvian, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\WordSurferAutoUpdateClient_RASMANCS, En cuarentena, [3452], [251355],1.0.11940
PUP.Optional.SupTab, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, En cuarentena, [1569], [243702],1.0.11940
PUP.Optional.WebCake, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{AF6B0594-6008-4327-93E5-608AD710A6FA}, En cuarentena, [195], [168997],1.0.11940
PUP.Optional.ShopSave, HKLM\SOFTWARE\WOW6432NODE\{6CC4BF79-7708-4ECB-8F2B-A11264A67989}, En cuarentena, [3318], [168780],1.0.11940
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, En cuarentena, [31], [160141],1.0.11940
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, En cuarentena, [31], [160141],1.0.11940
PUP.Optional.WebCake, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{DF84E609-C3A4-49CB-A160-61767DAF8899}, En cuarentena, [195], [168999],1.0.11940
PUP.Optional.WebCake, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{DF84E609-C3A4-49CB-A160-61767DAF8899}, En cuarentena, [195], [168999],1.0.11940
PUP.Optional.WebCake, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}, En cuarentena, [195], [168999],1.0.11940
PUP.Optional.WebCake, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}, En cuarentena, [195], [168999],1.0.11940

Valor del registro: 24
PUP.Optional.GamesDesktop, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GMSD_ES_006010028, En cuarentena, [2604], [238638],1.0.11940
PUP.Optional.SmartWeb, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SMARTWEB, En cuarentena, [2685], [243195],1.0.11940
PUP.Optional.GamesDesktop, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GMSD_ES_005010028, En cuarentena, [2604], [238638],1.0.11940
PUP.Optional.MiuiTab, HKLM\SOFTWARE\WOW6432NODE\SUPDP|DIR, En cuarentena, [3154], [240843],1.0.11940
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0762B65E-08A1-4E9D-80B2-B8C90E0D5EF6}|PATH, En cuarentena, [453], [259199],1.0.11940
PUP.Optional.AnyProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0C4C16A1-7239-4596-B4D9-852A8CFE1DE5}|PATH, En cuarentena, [857], [258180],1.0.11940
PUP.Optional.AnyProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{326A8A7A-7E38-4988-946E-B11BF0B73BBC}|PATH, En cuarentena, [857], [258180],1.0.11940
PUP.Optional.AnyProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{75485DA2-AF2A-416C-A00E-EB65C437C306}|PATH, En cuarentena, [857], [258180],1.0.11940
PUP.Optional.Launchie, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E0071E36-51C4-4DB8-BB87-F10DD08F7442}|PATH, En cuarentena, [5872], [371291],1.0.11940
PUP.Optional.AnyProtect, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\ANYPROTECT|ABTEST, En cuarentena, [857], [234600],1.0.11940
PUP.Optional.GlobalUpdate, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY|SOURCE, En cuarentena, [3615], [238772],1.0.11940
PUP.Optional.Taplika, HKU\S-1-5-18\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|LFKJOJACGDJKNINEPEGHAAMNAPDJMLFN, En cuarentena, [409], [243953],1.0.11940
PUP.Optional.Taplika, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|LFKJOJACGDJKNINEPEGHAAMNAPDJMLFN, En cuarentena, [409], [243953],1.0.11940
PUP.Optional.OurSurfing.ShrtCln, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En cuarentena, [1366], [233681],1.0.11940
PUP.Optional.Taplika, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TOPRESULTURLFALLBACK, En cuarentena, [409], [243955],1.0.11940
PUP.Optional.Taplika, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|, En cuarentena, [409], [243955],1.0.11940
PUP.Optional.Spigot, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{29B296A6-A1B8-4AD6-9923-046AE93320B4}|URL, En cuarentena, [161], [243431],1.0.11940
PUP.Optional.OurSurfing.ShrtCln, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{589B893E-773C-4941-88C2-0DCC718E621C}|URL, En cuarentena, [1366], [233681],1.0.11940
PUP.Optional.OurSurfing.ShrtCln, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}|URL, En cuarentena, [1366], [233681],1.0.11940
PUP.Optional.OurSurfing.ShrtCln, HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}|URL, En cuarentena, [1366], [233681],1.0.11940
PUP.Optional.CouponMarvel, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En cuarentena, [2507], [-1],0.0.0
PUP.Optional.CouponMarvel, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En cuarentena, [2507], [-1],0.0.0
PUP.Optional.Taplika, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|APPPATH, En cuarentena, [409], [243962],1.0.11940
PUP.Optional.SupTab, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|PTID, En cuarentena, [1569], [243702],1.0.11940

Datos del registro: 4
PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|DEFAULT_SEARCH_URL, Sustituido, [1366], [292988],1.0.11940
PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH PAGE, Sustituido, [1366], [292988],1.0.11940
PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|DEFAULT_SEARCH_URL, Sustituido, [1366], [292988],1.0.11940
PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH PAGE, Sustituido, [1366], [292988],1.0.11940

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 13
PUP.Optional.AnyProtect, C:\Users\Alfredo\AppData\Roaming\AnyProtectEx\scan_results, En cuarentena, [857], [175418],1.0.11940
PUP.Optional.AnyProtect, C:\Users\Alfredo\AppData\Roaming\AnyProtectEx\installer, En cuarentena, [857], [175418],1.0.11940
PUP.Optional.AnyProtect, C:\Users\Alfredo\AppData\Roaming\AnyProtectEx\language, En cuarentena, [857], [175418],1.0.11940
PUP.Optional.AnyProtect, C:\Users\Alfredo\AppData\Roaming\AnyProtectEx\logs, En cuarentena, [857], [175418],1.0.11940
PUP.Optional.AnyProtect, C:\Users\Alfredo\AppData\Roaming\AnyProtectEx\swf, En cuarentena, [857], [175418],1.0.11940
PUP.Optional.AnyProtect, C:\USERS\ALFREDO\APPDATA\ROAMING\ANYPROTECTEX, En cuarentena, [857], [175418],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\USERS\ALFREDO\APPDATA\LOCALLOW\SMARTWEB, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.IHProtectUpDate, C:\ProgramData\IHProtectUpDate\update, En cuarentena, [1171], [177733],1.0.11940
PUP.Optional.IHProtectUpDate, C:\PROGRAMDATA\IHPROTECTUPDATE, En cuarentena, [1171], [177733],1.0.11940
PUP.Optional.SupTab, C:\USERS\ALFREDO\SUPTAB, En cuarentena, [1569], [179904],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\USERS\ALFREDO\APPDATA\LOCAL\TNT2, En cuarentena, [181], [180062],1.0.11940

Archivo: 100
PUP.Optional.AnyProtect, C:\WINDOWS\TASKS\APSnotifierPP1.job, En cuarentena, [857], [235442],1.0.11940
PUP.Optional.AnyProtect, C:\WINDOWS\SYSTEM32\TASKS\APSnotifierPP1, En cuarentena, [857], [235442],1.0.11940
PUP.Optional.AnyProtect, C:\WINDOWS\TASKS\APSnotifierPP2.job, En cuarentena, [857], [235442],1.0.11940
PUP.Optional.AnyProtect, C:\WINDOWS\SYSTEM32\TASKS\APSnotifierPP2, En cuarentena, [857], [235442],1.0.11940
PUP.Optional.AnyProtect, C:\WINDOWS\TASKS\APSnotifierPP3.job, En cuarentena, [857], [235442],1.0.11940
PUP.Optional.AnyProtect, C:\WINDOWS\SYSTEM32\TASKS\APSnotifierPP3, En cuarentena, [857], [235442],1.0.11940
PUP.Optional.AnyProtect, C:\Users\Alfredo\AppData\Roaming\AnyProtectEx\installer\ab.test.json, En cuarentena, [857], [175418],1.0.11940
PUP.Optional.AnyProtect, C:\Users\Alfredo\AppData\Roaming\AnyProtectEx\installer\tempfile.t, En cuarentena, [857], [175418],1.0.11940
PUP.Optional.AnyProtect, C:\Users\Alfredo\AppData\Roaming\AnyProtectEx\language\de.xml, En cuarentena, [857], [175418],1.0.11940
PUP.Optional.AnyProtect, C:\Users\Alfredo\AppData\Roaming\AnyProtectEx\language\en.xml, En cuarentena, [857], [175418],1.0.11940
PUP.Optional.AnyProtect, C:\Users\Alfredo\AppData\Roaming\AnyProtectEx\language\fr.xml, En cuarentena, [857], [175418],1.0.11940
PUP.Optional.AnyProtect, C:\Users\Alfredo\AppData\Roaming\AnyProtectEx\scan_results\aps.scan.quick.results, En cuarentena, [857], [175418],1.0.11940
PUP.Optional.AnyProtect, C:\Users\Alfredo\AppData\Roaming\AnyProtectEx\scan_results\aps.scan.results, En cuarentena, [857], [175418],1.0.11940
PUP.Optional.AnyProtect, C:\Users\Alfredo\AppData\Roaming\AnyProtectEx\swf\mov01.swf, En cuarentena, [857], [175418],1.0.11940
PUP.Optional.SmartWeb, C:\WINDOWS\SYSTEM32\TASKS\SmartWeb Upgrade Trigger Task, En cuarentena, [2685], [243192],1.0.11940
PUP.Optional.Taplika, C:\USERS\ALFREDO\APPDATA\LOCALLOW\MICROSOFT\INTERNET EXPLORER\SERVICES\FavIcon.icoWSE_Taplika, En cuarentena, [409], [243949],1.0.11940
PUP.Optional.SmartWeb, C:\USERS\ALFREDO\APPDATA\LOCALLOW\SMARTWEB\DATA\WLU.TXT, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\1.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\1957.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\2365.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\43344.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\4436.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\9953.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\a.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\b.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\c.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\d.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\e.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\f.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\g.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\h.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\i.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\j.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\k.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\l.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\m.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\n.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\o.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\p.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\q.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\r.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\s.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\t.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\u.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\v.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\w.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\x.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\y.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\Users\Alfredo\AppData\LocalLow\SmartWeb\Data\z.txt, En cuarentena, [2685], [234598],1.0.11940
PUP.Optional.SmartWeb, C:\USERS\ALFREDO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\SMARTWEB.LNK, En cuarentena, [2685], [243191],1.0.11940
PUP.Optional.CrossRider, C:\WINDOWS\TASKS\e653cf25-f107-4cbe-b8d1-5dadaea354f2-4.job, En cuarentena, [453], [235119],1.0.11940
PUP.Optional.IHProtectUpDate, C:\ProgramData\IHProtectUpDate\update\conf, En cuarentena, [1171], [177733],1.0.11940
PUP.Optional.Launchie, C:\WINDOWS\SYSTEM32\TASKS\4882, En cuarentena, [5872], [371289],1.0.11940
PUP.Optional.SupTab, C:\Users\Alfredo\SupTab\domain, En cuarentena, [1569], [179904],1.0.11940
PUP.Optional.SupTab, C:\Users\Alfredo\SupTab\expirationDate, En cuarentena, [1569], [179904],1.0.11940
PUP.Optional.SupTab, C:\Users\Alfredo\SupTab\hotsearch, En cuarentena, [1569], [179904],1.0.11940
PUP.Optional.SupTab, C:\Users\Alfredo\SupTab\hotsearch_uptime, En cuarentena, [1569], [179904],1.0.11940
PUP.Optional.SupTab, C:\Users\Alfredo\SupTab\name, En cuarentena, [1569], [179904],1.0.11940
PUP.Optional.SupTab, C:\Users\Alfredo\SupTab\path, En cuarentena, [1569], [179904],1.0.11940
PUP.Optional.SupTab, C:\Users\Alfredo\SupTab\set_country, En cuarentena, [1569], [179904],1.0.11940
PUP.Optional.SupTab, C:\Users\Alfredo\SupTab\set_z, En cuarentena, [1569], [179904],1.0.11940
PUP.Optional.SupTab, C:\Users\Alfredo\SupTab\TABts, En cuarentena, [1569], [179904],1.0.11940
PUP.Optional.SupTab, C:\Users\Alfredo\SupTab\uid, En cuarentena, [1569], [179904],1.0.11940
PUP.Optional.SupTab, C:\Users\Alfredo\SupTab\url, En cuarentena, [1569], [179904],1.0.11940
PUP.Optional.SupTab, C:\Users\Alfredo\SupTab\_ver, En cuarentena, [1569], [179904],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\PARTNER.TNT, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\chromeinst.1.dll, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\crx.tar, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\GLOBALUNINSTALL.TNT, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\hmac.1.dll, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\iestage2.1.dll, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\INSTALL.TNT, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\log.dll, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\pinnedSearch.htm, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\pinnedSearch_FindWide.htm, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\pinnedSearch_Freshy.htm, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\progress.1.dll, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\regsvr.1.dll, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\RemoteSkin.wms, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\sqlite.1.dll, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\tnt2chrome.dll, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\tnt2chrome64.dll, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\TNT2UserPS.dll, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\TntMagicDel.dll, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\tntmoz.xpi, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\UnInjLib.dll, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\UnInjLib64.dll, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\UNINSTALL.TNT, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\UninstallDlg.1.dll, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\untar.1.dll, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\UPDATE.TNT, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\xpi.tar, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.TidyNetwork, C:\Users\Alfredo\AppData\Local\TNT2\2.0.0.2029\zipunzip.1.dll, En cuarentena, [181], [180062],1.0.11940
PUP.Optional.Taplika, C:\USERS\ALFREDO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [409], [243953],1.0.11940
PUP.Optional.Spigot, C:\USERS\ALFREDO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\92H2E97U.DEFAULT\PREFS.JS, Sustituido, [161], [301667],1.0.11940
PUP.Optional.DefaultProtectedSearch, C:\USERS\ALFREDO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\92H2E97U.DEFAULT\PREFS.JS, Sustituido, [14901], [303339],1.0.11940
PUP.Optional.DeskCut, C:\USERS\ALFREDO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\92H2E97U.DEFAULT\PREFS.JS, Sustituido, [1802], [303340],1.0.11940
PUP.Optional.Taplika, C:\USERS\ALFREDO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [409], [455261],1.0.11940
PUP.Optional.Taplika, C:\USERS\ALFREDO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [409], [455261],1.0.11940
PUP.Optional.Taplika, C:\USERS\ALFREDO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [409], [455261],1.0.11940

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build:    07-23-2019
# Database: 2019-08-09.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    08-09-2019
# Duration: 00:00:14
# OS:       Windows 7 Professional
# Scanned:  35457
# Detected: 65


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Adware.Yontoo                   C:\ProgramData\Tarma Installer
PUP.Optional.Conduit.A          C:\Users\Alfredo\AppData\Roaming\RHEng
PUP.Optional.Legacy             C:\Program Files (x86)\globalUpdate
PUP.Optional.Legacy             C:\Users\Alfredo\AppData\LocalLow\.acestream
PUP.Optional.Legacy             C:\Users\Alfredo\AppData\Local\globalUpdate
PUP.Optional.Legacy             C:\Users\Alfredo\AppData\Roaming\.acestream
PUP.Optional.Legacy             C:\Users\Alfredo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
PUP.Optional.Legacy             C:\Users\Alfredo\AppData\Roaming\acestream
PUP.Optional.Legacy             C:\_acestream_cache_

***** [ Files ] *****

PUP.Optional.Legacy             C:\END

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.ASMagicPlayer      HKCU\Software\Classes\acestream
PUP.Optional.AceStream          HKCU\Software\RegisteredApplications|AceStream
PUP.Optional.Banggood           HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\banggood.com
PUP.Optional.Banggood           HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.banggood.com
PUP.Optional.Conduit            HKCU\Software\Conduit
PUP.Optional.CrossRider         HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
PUP.Optional.CrossRider         HKU\S-1-5-18\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
PUP.Optional.Legacy             HKCU\SOFTWARE\Classes\Applications\ace_player.exe
PUP.Optional.Legacy             HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive
PUP.Optional.Legacy             HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia
PUP.Optional.Legacy             HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream
PUP.Optional.Legacy             HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive
PUP.Optional.Legacy             HKCU\Software\AceStream
PUP.Optional.Legacy             HKCU\Software\Classes\.acelive
PUP.Optional.Legacy             HKCU\Software\Classes\.acemedia
PUP.Optional.Legacy             HKCU\Software\Classes\.acestream
PUP.Optional.Legacy             HKCU\Software\Classes\.tslive
PUP.Optional.Legacy             HKCU\Software\GlobalUpdate
PUP.Optional.Legacy             HKCU\Software\INSTALLPATH\STATUS
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\DOMStorage\eshopcomp.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\DOMStorage\oursurfing.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pstatic.eshopcomp.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ak.staticimgfarm.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\azlyrics.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\chatango.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\eshopcomp.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\metrolyrics.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\oursurfing.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pstatic.eshopcomp.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\st.chatango.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\taplika.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ttdetect.staticimgfarm.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.azlyrics.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.metrolyrics.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Tinstalls
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
PUP.Optional.Legacy             HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{9AD2BFD5-B70B-41EB-BB6F-62ACD0FC36BC}C:\users\alfredo\appdata\roaming\acestream\engine\ace_engine.exe
PUP.Optional.Legacy             HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{41EF4B44-2C6C-4EB7-99FB-C33B751B319C}C:\users\alfredo\appdata\roaming\acestream\engine\ace_engine.exe
PUP.Optional.Legacy             HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{833B7D76-D074-4EB3-8EAA-3A88D064C52C}
PUP.Optional.Legacy             HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{C7F82E97-2B1A-41BD-B465-F2956FE5F3EF}
PUP.Optional.Legacy             HKLM\Software\Classes\.acestream
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\GlobalUpdate
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\DMUninstaller
PUP.Optional.SofTonicAssistant  HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
PUP.Optional.SofTonicAssistant  HKCU\Software\Softonic
PUP.Optional.VOPackage          HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
PUP.Optional.WarThunder         HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\warthunder.com

***** [ Chromium (and derivatives) ] *****

PUP.Optional.WebCake            fjoijdanhaiflhibkljeklcghcmmfffh

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.ASUSProductRegistration 


AdwCleaner[S00].txt - [7818 octets] - [09/08/2019 22:46:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build:    07-23-2019
# Database: 2019-08-09.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    08-09-2019
# Duration: 00:00:03
# OS:       Windows 7 Professional
# Cleaned:  64
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\globalUpdate
Deleted       C:\ProgramData\Tarma Installer
Deleted       C:\Users\Alfredo\AppData\LocalLow\.acestream
Deleted       C:\Users\Alfredo\AppData\Local\globalUpdate
Deleted       C:\Users\Alfredo\AppData\Roaming\.acestream
Deleted       C:\Users\Alfredo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
Deleted       C:\Users\Alfredo\AppData\Roaming\RHEng
Deleted       C:\Users\Alfredo\AppData\Roaming\acestream
Deleted       C:\_acestream_cache_

***** [ Files ] *****

Deleted       C:\END

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\SOFTWARE\Classes\Applications\ace_player.exe
Deleted       HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive
Deleted       HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia
Deleted       HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream
Deleted       HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive
Deleted       HKCU\Software\AceStream
Deleted       HKCU\Software\Classes\.acelive
Deleted       HKCU\Software\Classes\.acemedia
Deleted       HKCU\Software\Classes\.acestream
Deleted       HKCU\Software\Classes\.tslive
Deleted       HKCU\Software\Classes\acestream
Deleted       HKCU\Software\Conduit
Deleted       HKCU\Software\GlobalUpdate
Deleted       HKCU\Software\INSTALLPATH\STATUS
Deleted       HKCU\Software\Microsoft\Internet Explorer\DOMStorage\eshopcomp.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\DOMStorage\oursurfing.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pstatic.eshopcomp.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ak.staticimgfarm.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\azlyrics.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\banggood.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\chatango.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\eshopcomp.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\metrolyrics.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\oursurfing.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pstatic.eshopcomp.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\st.chatango.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\taplika.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ttdetect.staticimgfarm.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\warthunder.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.azlyrics.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.banggood.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.metrolyrics.com
Deleted       HKCU\Software\Microsoft\Tinstalls
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
Deleted       HKCU\Software\RegisteredApplications|AceStream
Deleted       HKCU\Software\Softonic
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{9AD2BFD5-B70B-41EB-BB6F-62ACD0FC36BC}C:\users\alfredo\appdata\roaming\acestream\engine\ace_engine.exe
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{41EF4B44-2C6C-4EB7-99FB-C33B751B319C}C:\users\alfredo\appdata\roaming\acestream\engine\ace_engine.exe
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{833B7D76-D074-4EB3-8EAA-3A88D064C52C}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{C7F82E97-2B1A-41BD-B465-F2956FE5F3EF}
Deleted       HKLM\Software\Classes\.acestream
Deleted       HKLM\Software\Wow6432Node\GlobalUpdate
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\DMUninstaller
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Deleted       HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
Deleted       HKU\S-1-5-18\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_

***** [ Chromium (and derivatives) ] *****

Deleted       fjoijdanhaiflhibkljeklcghcmmfffh

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [7818 octets] - [09/08/2019 22:46:57]
AdwCleaner[S01].txt - [7879 octets] - [09/08/2019 22:49:56]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Hola @RobertPolson

Si que te lo pescaste…!

Realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

3.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-08-2019 02
Ran by Alfredo (administrator) on ALFREDO-PC (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (09-08-2019 23:30:07)
Running from C:\Users\Alfredo\Desktop
Loaded Profiles: Alfredo (Available Profiles: Alfredo)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\GLPCCamera\monitorpad.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Daniel Schmitt -> nerds.de) C:\Program Files (x86)\nerds.de\LoopBe1\loopBeMon.exe
(Elaborate Bytes AG -> Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech, Inc. -> Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\winampa.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Rocket Division Software) [File not signed] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1841496 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [GLSystray] => C:\Program Files (x86)\GLPCCamera\monitorpad.exe [69632 2014-03-11] () [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-08-01] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.) [File not signed]
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-07-12] (LG Electronics Inc. -> Bitleader)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
HKLM-x32\...\Run: [PowerDVD16Agent] => C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD16Agent.exe [525352 2016-08-17] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-285307178-3440860486-1967224458-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-285307178-3440860486-1967224458-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe [205976 2009-09-18] (Alcohol Soft -> Alcohol Soft Development Team)
HKU\S-1-5-21-285307178-3440860486-1967224458-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22691064 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-285307178-3440860486-1967224458-1000\...\MountPoints2: {12d9ba85-60b2-11e8-b9d2-94de80617526} - G:\setup.exe
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [176416 2012-01-18] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [307488 2012-01-18] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-09] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LoopBe1 Monitor.lnk [2015-02-14]
ShortcutTarget: LoopBe1 Monitor.lnk -> C:\Program Files (x86)\nerds.de\LoopBe1\loopBeMon.exe (Daniel Schmitt -> nerds.de)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04FB10CF-171D-49AF-BE05-008A51096857} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-09-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {0731CBE9-78C7-4AC4-9315-F009C387AB0D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0DBB4F59-5715-4064-A310-A6BE9FB16CD3} - System32\Tasks\{D35E88A2-792D-4525-97C6-40AA0ADD7829} => E:\SteamLibrary\SteamApps\common\Lara Croft and the Temple of Osiris\LC2.exe
Task: {1458F5C5-A2C3-4EE8-ADC0-AC60B5E4D7EA} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {15453B55-8332-4C5C-A83F-726CF6025FB9} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1BF2EA8A-4EC9-467C-AD94-9CF45AE12610} - System32\Tasks\{ED1BA117-5776-43E4-BD93-FAD621658F11} => C:\Windows\system32\pcalua.exe -a H:\EASetup.exe -d H:\
Task: {1D1FE431-87F0-45B8-9AD7-A915741D45E1} - System32\Tasks\{CE4181EE-7217-45B4-9A8B-745371A5FA54} => E:\SteamLibrary\SteamApps\common\Medal of Honor\MP\mohmpgame.exe
Task: {34498EFA-45FE-405C-A80F-74E008BBE042} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {364F5EAF-F212-4911-B506-A2DF9D78D0D4} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3C188968-0B05-41C9-B4EF-DE40BFA25A79} - System32\Tasks\0 => c:\program files\internet explorer\iexplore.exe  <==== ATTENTION
Task: {40CD1B6A-F1C6-4FF0-B6FC-18D45EC29CE5} - System32\Tasks\{D9ECB7F5-93FF-4238-83FF-81BB35A1B349} => E:\SteamLibrary\SteamApps\common\Tom Clancy's Rainbow Six Siege - Beta\RainbowSix.exe
Task: {46DEFD27-5C5B-4159-BEF4-1E705149FF83} - System32\Tasks\SafeZone scheduled Autoupdate 1468328142 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {47B242FD-CE5D-41A6-89D1-6C51F09BDEA9} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4EE549D9-7124-4C4B-A9BF-3CB29C376297} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-08-01] (AVAST Software s.r.o. -> AVAST Software)
Task: {506C5717-CC97-43BA-BD77-2E26B3241A5D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {5C62BA1A-A08A-42D4-9543-A99C24AAFCA9} - System32\Tasks\{FAA35615-8DF8-451E-8217-CFE36810C692} => C:\Windows\system32\pcalua.exe -a E:\ZZmega\eMule0.50a-Installer.exe -d E:\ZZmega
Task: {63FFBECF-9BB0-4331-9DCF-8FBF96065824} - System32\Tasks\{8C6723F9-9935-4E88-ADE2-288DA4144738} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.18.85.112/es/abandoninstall?page=tsProgressBar
Task: {723111A6-C239-4EA6-A375-E2792D9D2395} - System32\Tasks\{DED911AB-48C5-4FFC-A50C-0E02BA37948A} => C:\Windows\system32\pcalua.exe -a K:\Setup.exe -d K:\
Task: {7BEB8857-03F9-4BEA-97DF-B908ECA398FE} - System32\Tasks\{B13967F1-C396-4841-8238-D14A8EC11F22} => E:\SteamLibrary\SteamApps\common\Lara Croft and the Temple of Osiris\LC2.exe
Task: {7D1A84B9-965F-42C5-8E17-AFDD5DBEC9B3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9B6917AB-37C0-419A-AC40-4A1CE7F41A83} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [1447936 2018-07-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {9B7FFBB4-8D64-4E6E-8F41-B30D579282E2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B8BE34DD-E221-469E-888C-009545F901AD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B8F16D9B-A6F3-418A-B693-EEDDB7742483} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2049928 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {B9504DE6-190D-4F5F-8C39-BC8FE50D87A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {C146E2F6-FBB4-4D3C-80CC-DCA823E6F58C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C4862227-E032-4482-8002-861C3CCBA847} - System32\Tasks\{6FF9A7A7-2361-40C8-9D70-1DF1E586FC29} => "c:\program files\internet explorer\iexplore.exe" hxxps://ui.skype.com/ui/0/7.33.0.104/es/abandoninstall?page=tsInstall
Task: {CD180E00-DDFE-43E8-82D9-DD5607C237E1} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1551136 2016-01-14] (ASUSTeK Computer Inc. -> ) [File not signed]
Task: {D7CF9324-CDF0-4D64-9AF0-0DB4CF7CA410} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [10982352 2017-11-01] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {E33F9D16-14FC-4555-A4DD-A4608C04FD45} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F4853B22-EA72-4A82-9B8C-E06B0A4E8A76} - System32\Tasks\{9EFFAB6B-26E1-4917-AB69-6404C7A5ED35} => C:\Windows\system32\pcalua.exe -a I:\Setup.exe -d I:\
Task: {FEAADC57-C98D-4455-9ED1-29CB50C3C3F6} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.81.16.213 62.81.29.254
Tcpip\..\Interfaces\{1E45DA88-1D3D-4F9D-9DE2-24203F46C5AB}: [DhcpNameServer] 62.81.16.213 62.81.29.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-285307178-3440860486-1967224458-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.es/?gws_rd=ssl
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-285307178-3440860486-1967224458-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.oursurfing.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=M4-CT128M4SSD2_00000000130609298712&ts=1436645847&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-285307178-3440860486-1967224458-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.oursurfing.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=M4-CT128M4SSD2_00000000130609298712&ts=1436645847&type=default&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-11-07] (Oracle America, Inc. -> Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-06] (Google Inc -> Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-11-07] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-06] (Google Inc -> Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-06] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-06] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-285307178-3440860486-1967224458-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-06] (Google Inc -> Google Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: 92h2e97u.default
FF ProfilePath: C:\Users\Alfredo\AppData\Roaming\Mozilla\Firefox\Profiles\92h2e97u.default [2019-08-09]
FF Homepage: Mozilla\Firefox\Profiles\92h2e97u.default -> hxxps://es.yahoo.com/
FF NetworkProxy: Mozilla\Firefox\Profiles\92h2e97u.default -> type", 0
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Alfredo\AppData\Roaming\Mozilla\Firefox\Profiles\92h2e97u.default\Extensions\[email protected] [2019-06-05]
FF Extension: (Avast Online Security) - C:\Users\Alfredo\AppData\Roaming\Mozilla\Firefox\Profiles\92h2e97u.default\Extensions\[email protected] [2019-08-01]
FF Extension: (Video DownloadHelper) - C:\Users\Alfredo\AppData\Roaming\Mozilla\Firefox\Profiles\92h2e97u.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-07-08]
FF Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Alfredo\AppData\Roaming\Mozilla\Firefox\Profiles\92h2e97u.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-09]
FF HKU\S-1-5-21-285307178-3440860486-1967224458-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\Alfredo\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-10] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2015-11-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-11-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-10] (Adobe Systems Incorporated -> )
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]
FF Plugin-x32: @fxinteractive.com/fxplanet -> C:\ProgramData\FXWebPlayer\npfxplanet.dll [2015-07-15] (FX Interactive -> FX Interactive)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-06-01] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-06-01] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin HKU\S-1-5-21-285307178-3440860486-1967224458-1000: @acestream.net/acestreamplugin,version=3.1.12.1 -> C:\Users\Alfredo\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF Plugin HKU\S-1-5-21-285307178-3440860486-1967224458-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Alfredo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-27] (Unity Technologies SF -> Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-285307178-3440860486-1967224458-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2019-07-22] (Ubisoft Entertainment Sweden AB -> )

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://es.search.yahoo.com/?type=994519&fr=yo-yhp-ch
CHR StartupUrls: Default -> "hxxps://es.search.yahoo.com/?type=994519&fr=yo-yhp-ch","hxxp://www.newpct.com/"
CHR DefaultSearchURL: Default -> hxxps://es.search.yahoo.com/search?fr=chr-yo_gc&ei=utf-8&ilc=12&type=994519&p={searchTerms}
CHR DefaultSearchKeyword: Default -> yahoo.com search
CHR DefaultSuggestURL: Default -> hxxps://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Profile: C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default [2019-08-09]
CHR Extension: (Documentos) - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-10]
CHR Extension: (Google Drive) - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Búsqueda de Google) - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Adobe Acrobat) - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-11]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-29]
CHR Extension: (AdBlock) - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-08-01]
CHR Extension: (Avast Online Security) - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-08-01]
CHR Extension: (anonymoX) - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpklikeghomkemdellmmkoifgfbakio [2017-06-05]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-02-10]
CHR Extension: (Gmail) - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-25]
CHR HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> )
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-08-01] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-08-01] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6076936 2018-11-11] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-05-03] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation -> Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2104840 2016-02-05] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2018-10-14] (Even Balance, Inc. -> )
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [742864 2016-03-21] (Wacom Technology Corporation -> Wacom Technology, Corp.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [41693064 2017-12-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [536968 2017-12-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] (Giga-Byte Technology -> )
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37320 2019-08-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [209256 2019-08-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [263224 2019-08-01] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206056 2019-08-01] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61688 2019-08-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279336 2019-08-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42504 2019-08-01] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [168896 2019-08-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-08-01] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88160 2019-08-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030784 2019-08-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477288 2019-08-01] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225816 2019-08-01] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [387688 2019-08-05] (AVAST Software s.r.o. -> AVAST Software)
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2017-09-02] (Advanced Micro Devices) [File not signed]
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-31] (C-MEDIA ELECTRONICS INC. -> Windows (R) Win 7 DDK provider)
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-06-22] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2015-11-05] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 glavcam; C:\Windows\System32\DRIVERS\glavcam.sys [1711104 2017-04-03] (GENESYS LOGIC, INC. -> Windows (R) Codename Longhorn DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2015-11-04] (GIGA-BYTE TECHNOLOGY CO., LTD -> )
S3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [13776 2016-03-03] (Wacom Technology Corporation -> Windows (R) Win 7 DDK provider)
S3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [30208 2009-04-29] (MLK Technologies Limited -> Windows (R) Codename Longhorn DDK provider)
S3 ladfGSS; C:\Windows\System32\drivers\ladfGSS.sys [45168 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
R3 LoopBeMidi1; C:\Windows\System32\drivers\loopbe1.sys [13824 2011-04-09] (Daniel Schmitt -> nerds.de)
S3 nmwcdnsucx64; C:\Windows\System32\drivers\nmwcdnsucx64.sys [12800 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsux64; C:\Windows\System32\drivers\nmwcdnsux64.sys [171008 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [68112 2018-06-01] (NVIDIA Corporation -> NVIDIA Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2017-09-09] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2013-06-22] () [File not signed]
S3 StMp3Recx64; C:\Windows\System32\Drivers\StMp3Recx64.sys [26112 2007-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Generic)
S3 WacHidRouterPro; C:\Windows\System32\DRIVERS\wachidrouter.sys [102864 2016-03-03] (Wacom Technology Corporation -> Wacom Technology)
R2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; C:\Program Files (x86)\CyberLink\PowerDVD16\Common\NavFilter\000.fcl [38168 2016-08-18] (CyberLink Corp. -> CyberLink Corp.)
U3 a47ccpps; C:\Windows\System32\Drivers\a47ccpps.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
S3 X6va028; \??\C:\Windows\SysWOW64\Drivers\X6va028 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-09 23:30 - 2019-08-09 23:30 - 000039625 _____ C:\Users\Alfredo\Desktop\FRST.txt
2019-08-09 23:30 - 2019-08-09 23:30 - 000000000 ____D C:\FRST
2019-08-09 23:12 - 2019-08-09 23:12 - 000797760 _____ C:\Users\Alfredo\Desktop\delfix.exe
2019-08-09 23:10 - 2019-08-09 23:10 - 002096640 _____ (Farbar) C:\Users\Alfredo\Desktop\FRST64.exe
2019-08-09 22:54 - 2019-08-09 23:24 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-08-09 22:54 - 2019-08-09 23:24 - 000002816 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-08-09 22:54 - 2019-08-09 22:54 - 000000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-08-09 22:54 - 2019-08-09 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-08-09 22:54 - 2019-08-09 22:54 - 000000000 ____D C:\Program Files\CCleaner
2019-08-09 22:53 - 2019-08-09 22:53 - 020638704 _____ (Piriform Software Ltd) C:\Users\Alfredo\Desktop\ccsetup558.exe
2019-08-09 22:46 - 2019-08-09 22:50 - 000000000 ____D C:\AdwCleaner
2019-08-09 22:45 - 2019-08-09 22:45 - 007623880 _____ (Malwarebytes) C:\Users\Alfredo\Desktop\adwcleaner_7.4.exe
2019-08-09 22:33 - 2019-08-09 22:33 - 000001827 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-08-09 22:33 - 2019-08-09 22:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-08-09 22:33 - 2019-08-09 22:33 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-08-09 22:33 - 2019-08-09 22:33 - 000000000 ____D C:\Program Files\Malwarebytes
2019-08-09 22:33 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-08-09 20:03 - 2019-08-09 20:03 - 000000693 _____ C:\Users\Alfredo\Desktop\ESET Online Scanner.lnk
2019-08-09 20:02 - 2019-08-09 20:02 - 000000000 ____D C:\Users\Alfredo\AppData\Local\ESET
2019-08-07 22:04 - 2019-08-07 22:11 - 000000000 ____D C:\Users\Alfredo\Doctor Web
2019-08-07 22:04 - 2019-08-07 22:04 - 000000000 ____D C:\ProgramData\Doctor Web
2019-08-07 15:18 - 2019-08-07 15:18 - 000000000 ____D C:\Users\Alfredo\AppData\Local\mbam
2019-08-07 15:17 - 2019-08-07 15:17 - 000000000 ____D C:\Users\Alfredo\AppData\Local\mbamtray
2019-08-01 08:42 - 2019-08-01 08:42 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-08-01 08:42 - 2019-08-01 08:42 - 000225816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-08-01 08:42 - 2019-08-01 08:42 - 000168896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-07-28 14:20 - 2019-07-28 14:20 - 000000958 _____ C:\Users\Alfredo\Desktop\Subtitle Workshop.lnk
2019-07-28 14:20 - 2019-07-28 14:20 - 000000000 ____D C:\Users\Alfredo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Subtitle Workshop
2019-07-20 17:53 - 2019-07-21 18:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-07-16 22:16 - 2019-07-27 10:39 - 000000590 _____ C:\Users\Alfredo\Desktop\EMP.txt
2019-07-12 22:48 - 2019-07-12 22:49 - 000000000 ____D C:\Users\Alfredo\AppData\Local\Strange Brigade
2019-07-10 15:26 - 2019-06-28 07:24 - 000887808 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-07-10 15:26 - 2019-06-28 07:24 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2019-07-10 15:26 - 2019-06-28 07:24 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2019-07-10 15:26 - 2019-06-28 07:24 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2019-07-10 15:26 - 2019-06-28 07:24 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2019-07-10 15:26 - 2019-06-28 07:23 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2019-07-10 15:26 - 2019-06-28 07:23 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2019-07-10 15:26 - 2019-06-28 07:23 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2019-07-10 15:26 - 2019-06-28 07:23 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2019-07-10 15:26 - 2019-06-21 05:09 - 000806400 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-07-10 15:26 - 2019-06-21 05:05 - 000628224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2019-07-10 15:26 - 2019-06-21 04:44 - 003229696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-07-10 15:26 - 2019-06-21 03:41 - 001251840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-07-10 15:26 - 2019-06-20 11:11 - 000396896 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-07-10 15:26 - 2019-06-20 10:15 - 000348976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-07-10 15:26 - 2019-06-19 05:06 - 006135296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-07-10 15:26 - 2019-06-19 03:52 - 007081984 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-07-10 15:26 - 2019-06-18 08:41 - 001649664 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-07-10 15:26 - 2019-06-18 06:34 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-07-10 15:26 - 2019-06-18 06:21 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-07-10 15:26 - 2019-06-18 06:21 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-07-10 15:26 - 2019-06-18 06:09 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-07-10 15:26 - 2019-06-18 06:08 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-07-10 15:26 - 2019-06-18 06:07 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-07-10 15:26 - 2019-06-18 06:07 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-07-10 15:26 - 2019-06-18 06:07 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-07-10 15:26 - 2019-06-18 06:07 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-07-10 15:26 - 2019-06-18 06:00 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-07-10 15:26 - 2019-06-18 05:59 - 005775872 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-07-10 15:26 - 2019-06-18 05:59 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-07-10 15:26 - 2019-06-18 05:57 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-07-10 15:26 - 2019-06-18 05:56 - 020274688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-07-10 15:26 - 2019-06-18 05:56 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-07-10 15:26 - 2019-06-18 05:56 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-07-10 15:26 - 2019-06-18 05:56 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-07-10 15:26 - 2019-06-18 05:55 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-07-10 15:26 - 2019-06-18 05:51 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-07-10 15:26 - 2019-06-18 05:48 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-07-10 15:26 - 2019-06-18 05:45 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-07-10 15:26 - 2019-06-18 05:39 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-07-10 15:26 - 2019-06-18 05:39 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-07-10 15:26 - 2019-06-18 05:39 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-07-10 15:26 - 2019-06-18 05:38 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-07-10 15:26 - 2019-06-18 05:38 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-07-10 15:26 - 2019-06-18 05:38 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-07-10 15:26 - 2019-06-18 05:38 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-07-10 15:26 - 2019-06-18 05:37 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-07-10 15:26 - 2019-06-18 05:35 - 002297344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-07-10 15:26 - 2019-06-18 05:35 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-07-10 15:26 - 2019-06-18 05:34 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-07-10 15:26 - 2019-06-18 05:32 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-07-10 15:26 - 2019-06-18 05:32 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-07-10 15:26 - 2019-06-18 05:32 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-07-10 15:26 - 2019-06-18 05:30 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-07-10 15:26 - 2019-06-18 05:30 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-07-10 15:26 - 2019-06-18 05:29 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-07-10 15:26 - 2019-06-18 05:29 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-07-10 15:26 - 2019-06-18 05:29 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-07-10 15:26 - 2019-06-18 05:21 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-07-10 15:26 - 2019-06-18 05:21 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-07-10 15:26 - 2019-06-18 05:20 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-07-10 15:26 - 2019-06-18 05:20 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-07-10 15:26 - 2019-06-18 05:19 - 015311872 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-07-10 15:26 - 2019-06-18 05:17 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-07-10 15:26 - 2019-06-18 05:17 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-07-10 15:26 - 2019-06-18 05:16 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-07-10 15:26 - 2019-06-18 05:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-07-10 15:26 - 2019-06-18 05:16 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-07-10 15:26 - 2019-06-18 05:13 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-07-10 15:26 - 2019-06-18 05:13 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-07-10 15:26 - 2019-06-18 05:11 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-07-10 15:26 - 2019-06-18 05:10 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-07-10 15:26 - 2019-06-18 05:07 - 004494336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-07-10 15:26 - 2019-06-18 05:06 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-07-10 15:26 - 2019-06-18 05:04 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-07-10 15:26 - 2019-06-18 05:03 - 013706752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-07-10 15:26 - 2019-06-18 05:03 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-07-10 15:26 - 2019-06-18 05:03 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-07-10 15:26 - 2019-06-18 05:02 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-07-10 15:26 - 2019-06-18 04:55 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-07-10 15:26 - 2019-06-18 04:44 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-07-10 15:26 - 2019-06-18 04:43 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-07-10 15:26 - 2019-06-18 04:41 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-07-10 15:26 - 2019-06-18 04:39 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-07-10 15:26 - 2019-06-13 05:25 - 000160488 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-07-10 15:26 - 2019-06-13 05:21 - 000732160 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-07-10 15:26 - 2019-06-12 17:23 - 004057320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-07-10 15:26 - 2019-06-12 17:23 - 003964136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-07-10 15:26 - 2019-06-12 17:22 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-07-10 15:26 - 2019-06-12 17:21 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-07-10 15:26 - 2019-06-12 17:21 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-07-10 15:26 - 2019-06-12 17:20 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-07-10 15:26 - 2019-06-12 17:20 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-07-10 15:26 - 2019-06-12 17:20 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-07-10 15:26 - 2019-06-12 17:20 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-07-10 15:26 - 2019-06-12 17:20 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-07-10 15:26 - 2019-06-12 17:19 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-07-10 15:26 - 2019-06-12 17:19 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-07-10 15:26 - 2019-06-12 17:15 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-07-10 15:26 - 2019-06-12 17:11 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-07-10 15:26 - 2019-06-12 17:11 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-07-10 15:26 - 2019-06-12 17:11 - 000153832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-07-10 15:26 - 2019-06-12 17:11 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-07-10 15:26 - 2019-06-12 17:10 - 005550824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-07-10 15:26 - 2019-06-12 17:10 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-07-10 15:26 - 2019-06-12 17:09 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-07-10 15:26 - 2019-06-12 17:08 - 014637568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-07-10 15:26 - 2019-06-12 17:08 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-07-10 15:26 - 2019-06-12 17:07 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-07-10 15:26 - 2019-06-12 17:07 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-07-10 15:26 - 2019-06-12 17:07 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-07-10 15:26 - 2019-06-12 17:07 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-07-10 15:26 - 2019-06-12 17:07 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-07-10 15:26 - 2019-06-12 17:07 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-07-10 15:26 - 2019-06-12 17:07 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-07-10 15:26 - 2019-06-12 17:07 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-07-10 15:26 - 2019-06-12 17:06 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-07-10 15:26 - 2019-06-12 17:06 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-07-10 15:26 - 2019-06-12 17:01 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-07-10 15:26 - 2019-06-12 16:49 - 000205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Dism.exe
2019-07-10 15:26 - 2019-06-12 16:37 - 000274944 _____ (Microsoft Corporation) C:\Windows\system32\Dism.exe
2019-07-10 15:26 - 2019-06-11 04:59 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-07-10 15:26 - 2019-06-11 04:59 - 001712640 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-07-10 15:26 - 2019-06-11 04:59 - 000801792 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-07-10 15:26 - 2019-06-11 04:59 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-07-10 15:26 - 2019-06-11 04:59 - 000501760 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-07-10 15:26 - 2019-06-11 04:59 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-07-10 15:26 - 2019-06-11 04:59 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-07-10 15:26 - 2019-06-11 04:59 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-07-10 15:26 - 2019-06-07 17:08 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-07-10 15:26 - 2019-06-02 05:50 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2019-07-10 15:25 - 2019-06-12 17:21 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-07-10 15:25 - 2019-06-12 17:21 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-07-10 15:25 - 2019-06-12 17:21 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-07-10 15:25 - 2019-06-12 17:21 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-07-10 15:25 - 2019-06-12 17:21 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-07-10 15:25 - 2019-06-12 17:21 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-07-10 15:25 - 2019-06-12 17:21 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-07-10 15:25 - 2019-06-12 17:21 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-07-10 15:25 - 2019-06-12 17:21 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-07-10 15:25 - 2019-06-12 17:20 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-07-10 15:25 - 2019-06-12 17:20 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-07-10 15:25 - 2019-06-12 17:20 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-07-10 15:25 - 2019-06-12 17:20 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-07-10 15:25 - 2019-06-12 17:20 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-07-10 15:25 - 2019-06-12 17:20 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-07-10 15:25 - 2019-06-12 17:20 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-07-10 15:25 - 2019-06-12 17:20 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-07-10 15:25 - 2019-06-12 17:20 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-07-10 15:25 - 2019-06-12 17:20 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-07-10 15:25 - 2019-06-12 17:20 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-07-10 15:25 - 2019-06-12 17:20 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-07-10 15:25 - 2019-06-12 17:20 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-07-10 15:25 - 2019-06-12 17:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-07-10 15:25 - 2019-06-12 17:20 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-07-10 15:25 - 2019-06-12 17:20 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-07-10 15:25 - 2019-06-12 17:20 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-07-10 15:25 - 2019-06-12 17:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:08 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-07-10 15:25 - 2019-06-12 17:08 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-07-10 15:25 - 2019-06-12 17:08 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-07-10 15:25 - 2019-06-12 17:08 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-07-10 15:25 - 2019-06-12 17:08 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-07-10 15:25 - 2019-06-12 17:08 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-07-10 15:25 - 2019-06-12 17:08 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-07-10 15:25 - 2019-06-12 17:08 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-07-10 15:25 - 2019-06-12 17:08 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-07-10 15:25 - 2019-06-12 17:08 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-07-10 15:25 - 2019-06-12 17:08 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-07-10 15:25 - 2019-06-12 17:08 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-07-10 15:25 - 2019-06-12 17:08 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-07-10 15:25 - 2019-06-12 17:08 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-07-10 15:25 - 2019-06-12 17:08 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-07-10 15:25 - 2019-06-12 17:08 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-07-10 15:25 - 2019-06-12 17:07 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-07-10 15:25 - 2019-06-12 17:06 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 17:05 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-07-10 15:25 - 2019-06-12 17:04 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-07-10 15:25 - 2019-06-12 16:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-07-10 15:25 - 2019-06-12 16:54 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-07-10 15:25 - 2019-06-12 16:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-07-10 15:25 - 2019-06-12 16:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-07-10 15:25 - 2019-06-12 16:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-07-10 15:25 - 2019-06-12 16:48 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-07-10 15:25 - 2019-06-12 16:48 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-07-10 15:25 - 2019-06-12 16:48 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-07-10 15:25 - 2019-06-12 16:48 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-07-10 15:25 - 2019-06-12 16:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-07-10 15:25 - 2019-06-12 16:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 16:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 16:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 16:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-07-10 15:25 - 2019-06-12 16:42 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-07-10 15:25 - 2019-06-12 16:42 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-07-10 15:25 - 2019-06-12 16:42 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-07-10 15:25 - 2019-06-12 16:42 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-07-10 15:25 - 2019-06-12 16:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-07-10 15:25 - 2019-06-12 16:39 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-07-10 15:25 - 2019-06-12 16:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-07-10 15:25 - 2019-06-12 16:37 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-07-10 15:25 - 2019-06-12 16:37 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-07-10 15:25 - 2019-06-12 16:36 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-07-10 15:25 - 2019-06-12 16:36 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-07-10 15:25 - 2019-06-12 16:36 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-07-10 15:25 - 2019-06-12 16:36 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-07-10 15:25 - 2019-06-12 16:36 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-07-10 15:25 - 2019-06-12 16:36 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-07-10 15:25 - 2019-06-12 16:35 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-07-10 15:25 - 2019-06-12 16:35 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-07-10 15:25 - 2019-06-12 16:35 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-07-10 15:25 - 2019-06-12 16:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-07-10 15:25 - 2019-06-12 16:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-07-10 15:25 - 2019-06-12 16:35 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-07-10 15:25 - 2019-06-12 16:35 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-07-10 15:25 - 2019-06-07 17:18 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-07-10 15:25 - 2019-06-07 17:18 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-07-10 15:25 - 2019-06-07 17:08 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-07-10 15:25 - 2019-06-07 17:08 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-07-10 15:25 - 2019-06-07 17:07 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-07-10 15:25 - 2019-06-07 16:55 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-09 23:30 - 2009-07-14 06:45 - 000032080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-08-09 23:30 - 2009-07-14 06:45 - 000032080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-08-09 23:29 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-08-09 23:24 - 2018-01-16 18:50 - 000002986 _____ C:\Windows\System32\Tasks\GPU Tweak II
2019-08-09 23:24 - 2015-12-03 17:06 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-08-09 23:24 - 2015-05-17 08:59 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-08-09 23:24 - 2013-06-22 10:21 - 000003534 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-08-09 23:24 - 2013-06-22 10:21 - 000003406 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-08-09 22:59 - 2016-11-21 17:03 - 000000000 ____D C:\Users\Alfredo\AppData\LocalLow\Mozilla
2019-08-09 22:58 - 2018-01-17 22:47 - 000000000 ____D C:\Users\Alfredo\AppData\Local\CrashDumps
2019-08-09 22:58 - 2013-07-15 17:39 - 000000000 ____D C:\Users\Alfredo\AppData\Roaming\Azureus
2019-08-09 22:58 - 2013-06-27 13:48 - 000000000 ____D C:\Program Files (x86)\Steam
2019-08-09 22:58 - 2013-06-22 15:07 - 000000000 ____D C:\Windows\Minidump
2019-08-09 22:58 - 2013-06-22 14:05 - 000000000 ____D C:\Users\Alfredo\AppData\Roaming\Media Player Classic
2019-08-09 22:58 - 2013-06-19 22:19 - 000000000 ____D C:\Windows\Panther
2019-08-09 22:56 - 2011-04-12 11:10 - 000747720 _____ C:\Windows\system32\perfh00A.dat
2019-08-09 22:56 - 2011-04-12 11:10 - 000159192 _____ C:\Windows\system32\perfc00A.dat
2019-08-09 22:56 - 2009-07-14 07:13 - 001678218 _____ C:\Windows\system32\PerfStringBackup.INI
2019-08-09 22:50 - 2018-01-16 18:20 - 000000000 ____D C:\ProgramData\NVIDIA
2019-08-09 22:50 - 2015-02-13 16:04 - 000000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2019-08-09 22:50 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-08-09 22:38 - 2013-06-19 21:31 - 000000000 ____D C:\Users\Alfredo
2019-08-09 20:27 - 2014-01-12 12:53 - 000000000 ____D C:\Windows\AutoKMS
2019-08-09 20:23 - 2015-07-11 23:57 - 000000000 ____D C:\Users\Alfredo\AppData\Roaming\03DE0294-1436651870-0561-7506-260700080009
2019-08-09 20:17 - 2014-06-14 10:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas para vídeo
2019-08-09 20:14 - 2013-07-27 08:36 - 000000000 ____D C:\Program Files\Uninstaller
2019-08-09 20:02 - 2015-02-14 11:05 - 000000000 ____D C:\Users\Alfredo\AppData\Local\JDownloader 2.0
2019-08-09 16:54 - 2013-06-22 10:22 - 000002239 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-09 16:54 - 2013-06-22 10:22 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-09 15:11 - 2013-06-22 12:50 - 000000000 ____D C:\Users\Alfredo\AppData\Roaming\Winamp
2019-08-09 15:04 - 2017-08-29 21:01 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-08-08 20:52 - 2014-03-21 20:59 - 000000000 ____D C:\Users\Alfredo\AppData\LocalLow\Adblock Plus for IE
2019-08-07 20:31 - 2018-01-12 21:56 - 000007599 _____ C:\Users\Alfredo\AppData\Local\Resmon.ResmonCfg
2019-08-07 14:59 - 2013-06-22 10:02 - 000000000 ____D C:\ProgramData\Intel
2019-08-05 12:42 - 2013-06-22 10:21 - 000387688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-08-01 08:42 - 2019-03-04 00:36 - 000279336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-08-01 08:42 - 2019-01-25 20:27 - 000263224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-08-01 08:42 - 2019-01-25 20:16 - 000206056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-08-01 08:42 - 2019-01-25 20:16 - 000061688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-08-01 08:42 - 2019-01-25 20:16 - 000037320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-08-01 08:42 - 2018-12-18 10:24 - 000042504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-08-01 08:42 - 2017-11-09 21:42 - 000209256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-08-01 08:42 - 2013-06-22 10:21 - 001030784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-08-01 08:42 - 2013-06-22 10:21 - 000477288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-08-01 08:42 - 2013-06-22 10:21 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-08-01 08:42 - 2013-06-22 10:21 - 000088160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-07-29 22:21 - 2009-07-14 07:08 - 000032586 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-07-27 22:44 - 2016-12-08 19:33 - 000000000 ____D C:\Users\Alfredo\AppData\Roaming\vlc
2019-07-25 21:15 - 2018-07-26 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-07-24 20:48 - 2013-10-27 23:07 - 000000000 ____D C:\Users\Alfredo\AppData\Local\Ubisoft Game Launcher
2019-07-21 18:42 - 2013-07-04 15:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-18 08:44 - 2013-06-22 13:18 - 000117992 _____ C:\Users\Alfredo\AppData\Local\GDIPFONTCACHEV1.DAT
2019-07-18 08:44 - 2009-07-14 06:45 - 005050880 _____ C:\Windows\system32\FNTCACHE.DAT
2019-07-14 12:52 - 2018-01-17 20:27 - 000030017 _____ C:\Users\Alfredo\Desktop\VOLOTEA.txt
2019-07-11 09:42 - 2017-10-15 00:19 - 000000000 ____D C:\Windows\rescache
2019-07-10 23:57 - 2017-03-26 17:27 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-07-10 23:57 - 2017-03-26 17:27 - 000000000 ____D C:\Windows\system32\appraiser
2019-07-10 23:57 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-07-10 23:57 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Dism
2019-07-10 23:42 - 2013-06-22 10:01 - 001651868 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-07-10 23:39 - 2013-08-19 03:00 - 000000000 ____D C:\Windows\system32\MRT
2019-07-10 23:34 - 2013-06-22 16:09 - 136618864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories ================

2015-03-30 22:59 - 2015-03-30 22:59 - 000069109 _____ () C:\Users\Alfredo\AppData\Roaming\icarus-dxdiag.xml
2015-08-25 09:13 - 2015-08-25 09:21 - 000005120 _____ () C:\Users\Alfredo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-01-12 21:56 - 2019-08-07 20:31 - 000007599 _____ () C:\Users\Alfredo\AppData\Local\Resmon.ResmonCfg

==================== FLock ================

2013-06-19 21:20 C:\Windows\CSC

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-08-02 00:08
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-08-2019 02
Ran by Alfredo (09-08-2019 23:30:47)
Running from C:\Users\Alfredo\Desktop
Windows 7 Professional Service Pack 1 (X64) (2013-06-19 19:31:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-285307178-3440860486-1967224458-500 - Administrator - Disabled)
Alfredo (S-1-5-21-285307178-3440860486-1967224458-1000 - Administrator - Enabled) => C:\Users\Alfredo
HomeGroupUser$ (S-1-5-21-285307178-3440860486-1967224458-1252 - Limited - Enabled)
Invitado (S-1-5-21-285307178-3440860486-1967224458-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Faces of War" (Solo eliminar) (HKLM-x32\...\{2C2F85C4-62C3-4F59-A5E1-AB60E5F76ADF}_is1) (Version: 1.0.1 - Ubisoft)
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.28 - GIGABYTE)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
AACS Updater (HKLM-x32\...\AACS Updater) (Version: 2.1 - labDV)
Actualización de NVIDIA 31.1.10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.1.10.0 - NVIDIA Corporation) Hidden
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{5D782829-1FC7-48D8-B2CB-1FA2851BDC12}) (Version: 1.5 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 30 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Aplicación para detectar Winamp (HKU\S-1-5-21-285307178-3440860486-1967224458-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.5.7.2 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.5.7.2 - ASUSTek COMPUTER INC.)
ASUS Product Register Program (HKLM-x32\...\{54716EA9-F8B4-41E0-801B-9909164F2024}) (Version: 1.1.001 - ASUSTek Computer Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
AutoFirma (HKLM-x32\...\AutoFirma) (Version: 1.6.5 - Gobierno de España)
AutoGreen B12.0206.1 (HKLM-x32\...\{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE) Hidden
AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
calibre (HKLM-x32\...\{5AD205E9-E80E-4F4B-88A5-C6B5CC12BBE4}) (Version: 2.48.0 - Kovid Goyal)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version:  - dvd8n)
Configurador_FNMT (HKLM-x32\...\{438D4C4C-B703-4971-9C3D-33FF8A010ADB}) (Version: 3.5 - FNMT-RCM)
CyberLink PowerDVD 16 (HKLM-x32\...\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}) (Version: 16.0.2011.60 - CyberLink Corp.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.11 - NVIDIA Corporation) Hidden
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
Easy Tune 6 B12.1121.1 (HKLM-x32\...\{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Hidden
Easy Tune 6 B12.1121.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Filelister 3.6 (HKLM-x32\...\Filelister) (Version: 3.6 - True Human Design)
Firmware automatico de actualización de LG ODD (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
FXWebPlayer (HKLM-x32\...\FXWebPlayer) (Version:  - FX Interactive) <==== ATTENTION
GL USB2.0 UVC Camera Device (HKLM-x32\...\{9897BBD8-013A-49F3-928E-866A59B6E00C}) (Version: 1.0.0.0 - Genesys Logic)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
GonVisor 2.43.01 (HKLM-x32\...\GonVisor_is1) (Version:  - GON)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.100 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Earth Pro (HKLM-x32\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Jubler subtitle editor (HKLM\...\Jubler) (Version: 5.0.5 - www.jubler.org)
K-Lite Codec Pack 9.2.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.2.0 - )
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.134 - PandoraTV)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E8266049-8C7B-4A09-9E11-8BD100E0076A}) (Version: 8.0.1.2379 - GenesysLogic)
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
LoopBe1 - Internal MIDI Port (HKLM-x32\...\LoopBe1) (Version:  - )
Lyrics Plugin for Winamp (HKLM-x32\...\{75E9A522-65D2-4200-A95F-C3EF89703263}) (Version: 0.4 - Lyrics Plugin)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 68.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 68.0.1 (x64 es-ES)) (Version: 68.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 68.0.1.7137 - Mozilla)
NVIDIA Controlador de 3D Vision 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 398.11 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.11 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Panel de control de NVIDIA 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 398.11 - NVIDIA Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PQR 5 (HKLM-x32\...\PQR) (Version: 5 - EPPO)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6519 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
SafeZone Stable 1.48.2066.114 (HKLM-x32\...\SafeZone 1.48.2066.114) (Version: 1.48.2066.114 - Avast Software) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype versión 8.50 (HKLM-x32\...\Skype_is1) (Version: 8.50 - Skype Technologies S.A.)
SoulseekQt versión 2017.2.20 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2017.2.20 - Soulseek LLC)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Tableta Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.16-2 - Wacom Technology Corp.)
Tom Clancy's Rainbow Six Vegas 2 (HKLM-x32\...\{FD416706-875C-4B0B-A23A-9E740DAE029E}) (Version: 1.03 - Ubisoft)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-285307178-3440860486-1967224458-1000\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 18.1 - Ubisoft)
VdhCoApp 1.1.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version:  - DownloadHelper)
VideoPad, software para edición de vídeo (HKLM-x32\...\VideoPad) (Version: 3.37 - NCH Software)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.6.0 - Azureus Software, Inc.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623  - Nullsoft, Inc)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
XSplit Gamecaster (HKLM-x32\...\{8915913F-E4AF-46C5-B4EF-3535D83BFFDE}) (Version: 2.5.1507.3018 - SplitmediaLabs)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-285307178-3440860486-1967224458-1000\...\ChromeHTML: ->  <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-285307178-3440860486-1967224458-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Alfredo\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => No File
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-01] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-01] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-01] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AXShlEx.dll [2009-09-18] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2009-02-09] (Alcohol Soft Development Team) [File not signed]
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-01] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-06-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-01] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\Alfredo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --remote-debugging-port=9223
ShortcutWithArgument: C:\Users\Alfredo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --remote-debugging-port=9223
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --remote-debugging-port=9223

==================== Loaded Modules (Whitelisted) ==============

2017-04-03 19:16 - 2014-03-11 15:15 - 000069632 _____ () [File not signed] C:\Program Files (x86)\GLPCCamera\monitorpad.exe
2019-03-01 18:41 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] E:\Program Files\7-Zip\7-zip.dll
2013-06-22 10:03 - 2012-05-20 18:24 - 000073728 ____R (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2011-12-09 19:22 - 2011-12-09 19:22 - 000074752 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\winampa.exe
2007-05-28 18:57 - 2007-05-28 18:57 - 000275968 _____ (Rocket Division Software) [File not signed] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
2018-04-06 20:29 - 2018-04-06 20:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
2018-04-06 20:29 - 2018-04-06 20:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\ssleay32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Alfredo:Heroes & Generals [38]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-285307178-3440860486-1967224458-1000\Software\Classes\.exe:  =>  <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-285307178-3440860486-1967224458-1000\...\fnmt.es -> hxxp://fnmt.es
IE trusted site: HKU\S-1-5-21-285307178-3440860486-1967224458-1000\...\fnmt.es -> hxxps://fnmt.es
IE trusted site: HKU\S-1-5-21-285307178-3440860486-1967224458-1000\...\fnmt.gob.es -> hxxps://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-285307178-3440860486-1967224458-1000\...\fnmt.gob.es -> hxxp://fnmt.gob.es

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-08-07 22:11 - 000000949 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Calibre2\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;E:\Program Files\AutoFirma\AutoFirma
HKU\S-1-5-21-285307178-3440860486-1967224458-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alfredo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.81.16.213 - 62.81.29.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{A3FE4595-0D5E-4167-91AF-B4B625D3B166}C:\program files (x86)\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{F603DC63-2C5C-420A-8CED-F72B755C76AC}C:\program files (x86)\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\jdownloader\jre\bin\javaw.exe
FirewallRules: [TCP Query User{4603E4FF-EDB3-440D-B4E7-DEC3534DD9BD}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{BC0A1313-6206-4E95-84F2-B7EB2B92ACBF}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{F2FEB9BB-6FC0-493C-A188-B06CF39A5483}C:\juegos\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\juegos\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe No File
FirewallRules: [UDP Query User{45AC3FEE-E294-402E-B864-92FBAFCDA1F3}C:\juegos\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\juegos\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe No File
FirewallRules: [{03730138-A073-4EB1-BB10-4B62FD98F87E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0A2C273F-7703-4988-9AE5-4463A7CEEBA4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{4E404AF9-5C23-4903-A5CF-C3F5430B1B42}C:\juegos\ride to hell retribution\binaries\win64\rth.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win64\rth.exe No File
FirewallRules: [UDP Query User{32B71CA1-3D21-47A9-A32D-32C1B96B1E29}C:\juegos\ride to hell retribution\binaries\win64\rth.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win64\rth.exe No File
FirewallRules: [TCP Query User{C5B39CF5-38DB-42DC-B4EB-90A5D2F67816}C:\juegos\ride to hell retribution\binaries\win32\rthgame.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win32\rthgame.exe No File
FirewallRules: [UDP Query User{B28FDE2C-8140-42B1-A5A8-78EA7B7F59C0}C:\juegos\ride to hell retribution\binaries\win32\rthgame.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win32\rthgame.exe No File
FirewallRules: [TCP Query User{CEBB0E24-795C-4920-BCF8-8685DC2F753E}C:\juegos\ride to hell retribution\binaries\win64\rthgame.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win64\rthgame.exe No File
FirewallRules: [UDP Query User{E9226087-C931-4F45-92F4-2DA6D50F6CF8}C:\juegos\ride to hell retribution\binaries\win64\rthgame.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win64\rthgame.exe No File
FirewallRules: [TCP Query User{4CCB1154-C27A-4BFF-ABDF-072A9A9F08DF}C:\juegos\ride to hell retribution\binaries\win32\rth.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win32\rth.exe No File
FirewallRules: [UDP Query User{18A5DE52-81F8-423F-BC4E-1DC6F1E0F2FD}C:\juegos\ride to hell retribution\binaries\win32\rth.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win32\rth.exe No File
FirewallRules: [{8F6A5205-61A6-48A4-ADF3-F1F94A83090F}] => (Allow) C:\JUEGOS\warframe\Downloaded\Public\Warframe.exe No File
FirewallRules: [{F16F56FD-408A-493A-B8BB-E06C16AB61AA}] => (Allow) C:\JUEGOS\warframe\Downloaded\Public\Warframe.x64.exe No File
FirewallRules: [{139AF63F-E713-43B2-B03C-8392B01F438B}] => (Allow) C:\JUEGOS\warframe\Downloaded\Public\Warframe.exe No File
FirewallRules: [{16C12BA5-B874-4C4E-A73C-4AE4126ECAB1}] => (Allow) C:\JUEGOS\warframe\Downloaded\Public\Warframe.x64.exe No File
FirewallRules: [{D681E182-F66E-42CA-8A25-53A981CE8CDA}] => (Allow) C:\JUEGOS\warframe\Downloaded\Public\Warframe.exe No File
FirewallRules: [{61A1CFAE-1332-40E0-829D-C1994C30FBBA}] => (Allow) C:\JUEGOS\warframe\Downloaded\Public\Warframe.x64.exe No File
FirewallRules: [{79234726-A1DE-4643-8217-B0BB362AE36A}] => (Allow) C:\Users\Alfredo\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe No File
FirewallRules: [TCP Query User{10B6B192-C964-43FA-8975-621C2E601A0A}C:\juegos\aliens colonial marines\binaries\win32\acm.exe] => (Block) C:\juegos\aliens colonial marines\binaries\win32\acm.exe No File
FirewallRules: [UDP Query User{FA75C86D-4BCB-40CF-99C7-9245C8C4DDCF}C:\juegos\aliens colonial marines\binaries\win32\acm.exe] => (Block) C:\juegos\aliens colonial marines\binaries\win32\acm.exe No File
FirewallRules: [TCP Query User{C0319196-4D93-477B-B91D-95DE8CB720EE}C:\juegos\mohaa\mohaa.exe] => (Block) C:\juegos\mohaa\mohaa.exe No File
FirewallRules: [UDP Query User{A60A0017-30F8-4740-9E92-B5ECA7A72D30}C:\juegos\mohaa\mohaa.exe] => (Block) C:\juegos\mohaa\mohaa.exe No File
FirewallRules: [TCP Query User{9624B4E7-CA81-4BA4-8FF1-2BEC89F454AA}E:\steamlibrary\steamapps\common\medal of honor\mp\mohmpgame.exe] => (Block) E:\steamlibrary\steamapps\common\medal of honor\mp\mohmpgame.exe No File
FirewallRules: [UDP Query User{33E55FCE-505A-4FD8-A64C-7917CD78CBBC}E:\steamlibrary\steamapps\common\medal of honor\mp\mohmpgame.exe] => (Block) E:\steamlibrary\steamapps\common\medal of honor\mp\mohmpgame.exe No File
FirewallRules: [TCP Query User{32DC5FD2-6788-47B0-95B7-C2BE0E1F9E7A}E:\games\world_of_tanks\worldoftanks.exe] => (Allow) E:\games\world_of_tanks\worldoftanks.exe No File
FirewallRules: [UDP Query User{40C85A53-C094-43CD-AD82-C85C692A5214}E:\games\world_of_tanks\worldoftanks.exe] => (Allow) E:\games\world_of_tanks\worldoftanks.exe No File
FirewallRules: [TCP Query User{E19AEDA4-0299-4EC6-8976-3FF17C99771D}E:\steamlibrary\steamapps\common\medal of honor\binaries\moh.exe] => (Block) E:\steamlibrary\steamapps\common\medal of honor\binaries\moh.exe No File
FirewallRules: [UDP Query User{19078478-934A-44C3-9F29-EBC656DB189F}E:\steamlibrary\steamapps\common\medal of honor\binaries\moh.exe] => (Block) E:\steamlibrary\steamapps\common\medal of honor\binaries\moh.exe No File
FirewallRules: [TCP Query User{C8909647-9958-4A1C-B073-5B9C64E59E48}E:\steamlibrary\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) E:\steamlibrary\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe No File
FirewallRules: [UDP Query User{A6802ADC-945B-4C44-B079-CE35F18752D3}E:\steamlibrary\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) E:\steamlibrary\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe No File
FirewallRules: [{76EBADCF-8C6B-43AF-8FA1-65E12E0144CA}] => (Allow) LPort=47630
FirewallRules: [{1956DDD4-4B58-48AE-B92D-70D796108B11}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{EC8365A9-49A0-405E-94E3-1025BCF50A13}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{2E85CB5D-9416-4B7B-BA9B-D75D468F266C}] => (Allow) E:\SteamLibrary\SteamApps\common\Baldur's Gate Enhanced Edition\BGEE.exe No File
FirewallRules: [{647E1AD0-A30D-48F8-9BD0-664888C792DE}] => (Allow) E:\SteamLibrary\SteamApps\common\Baldur's Gate Enhanced Edition\BGEE.exe No File
FirewallRules: [TCP Query User{5A528708-518D-4EC3-BB32-21D6CA0D37E1}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe No File
FirewallRules: [UDP Query User{DF582426-D422-4DD0-B15F-4F9F1F7A0D65}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe No File
FirewallRules: [TCP Query User{6D6C8067-6FF1-463B-B7DD-70F536A11205}E:\steamlibrary\steamapps\common\the incredible adventures of van helsing\vanhelsing_x64.exe] => (Allow) E:\steamlibrary\steamapps\common\the incredible adventures of van helsing\vanhelsing_x64.exe No File
FirewallRules: [UDP Query User{7BA4B962-2D43-4517-8C1F-361914B928FF}E:\steamlibrary\steamapps\common\the incredible adventures of van helsing\vanhelsing_x64.exe] => (Allow) E:\steamlibrary\steamapps\common\the incredible adventures of van helsing\vanhelsing_x64.exe No File
FirewallRules: [{89A39DF0-BA3A-4D42-9088-681A264E28CB}] => (Allow) E:\SteamLibrary\SteamApps\common\Dollar Dash\Binaries\Win32\PKGame-Win32-Shipping.exe No File
FirewallRules: [{2307AD5B-ED65-4D3C-BCBB-C32E0A392B38}] => (Allow) E:\SteamLibrary\SteamApps\common\Dollar Dash\Binaries\Win32\PKGame-Win32-Shipping.exe No File
FirewallRules: [TCP Query User{D09FA530-1C43-4263-9C2D-EB940D7F5A52}C:\program files (x86)\ci games\enemy front\bin32\enemyfront.exe] => (Block) C:\program files (x86)\ci games\enemy front\bin32\enemyfront.exe No File
FirewallRules: [UDP Query User{0D1695EA-E7EB-4FF7-B3C2-3C27857A3D02}C:\program files (x86)\ci games\enemy front\bin32\enemyfront.exe] => (Block) C:\program files (x86)\ci games\enemy front\bin32\enemyfront.exe No File
FirewallRules: [{D782380D-A73E-4726-A8E8-2586E9604638}] => (Allow) C:\Program Files (x86)\Directory Lister Pro\DirListerPro.exe No File
FirewallRules: [{560F2EF0-3B4E-43BE-BBCE-C20CCE7AA531}] => (Allow) C:\Program Files (x86)\Directory Lister Pro\DirListerPro.exe No File
FirewallRules: [{B269ECC0-2B40-4A56-BF3B-F272B6078760}] => (Allow) C:\Program Files (x86)\Directory Lister Pro\DirListerPro.exe No File
FirewallRules: [{A694C8A2-DA32-48A5-8CF1-6BB7AABC8C64}] => (Allow) C:\Program Files (x86)\Directory Lister Pro\DirListerPro.exe No File
FirewallRules: [{52718102-6BAA-489F-AE1F-545AE83BE6B9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{0022E201-82EB-422E-8EA9-0814BBFDBB08}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [TCP Query User{17A0AA5E-5E24-4CDC-94EF-1E0CD15DF3FF}E:\steamlibrary\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) E:\steamlibrary\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe No File
FirewallRules: [UDP Query User{BE249719-40BD-4A2A-A69E-BF7F8BFC0DD7}E:\steamlibrary\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) E:\steamlibrary\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe No File
FirewallRules: [{8B58F443-2318-4A74-B715-40A5D4330D2F}] => (Allow) E:\SteamLibrary\SteamApps\common\The Scourge Project Ep 1 - 2\Binaries\Win32\ScourgeGame.exe No File
FirewallRules: [{E1F92008-EC75-4E51-B4C0-917F102DE245}] => (Allow) E:\SteamLibrary\SteamApps\common\The Scourge Project Ep 1 - 2\Binaries\Win32\ScourgeGame.exe No File
FirewallRules: [{DAB16C78-20FD-44AD-8BCC-02B46798DD71}] => (Allow) E:\SteamLibrary\SteamApps\common\GodMode\bin\GodMode.exe No File
FirewallRules: [{E391D846-E602-44F3-9385-C2BC14FA47BE}] => (Allow) E:\SteamLibrary\SteamApps\common\GodMode\bin\GodMode.exe No File
FirewallRules: [{0F7E20E2-A888-4F9E-BE03-F92B01B73E1A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7A4D6E97-F324-4F2C-921E-D50B02B010E0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2A2980C1-697A-4359-9410-720EBE437A3D}] => (Allow) E:\SteamLibrary\SteamApps\common\Hazard Ops\UnrealEngine3\Binaries\Win32\InfernumLogin.exe No File
FirewallRules: [{78888B02-1910-424A-B8AA-0DDA75E2DBDF}] => (Allow) E:\SteamLibrary\SteamApps\common\Hazard Ops\UnrealEngine3\Binaries\Win32\InfernumLogin.exe No File
FirewallRules: [TCP Query User{715542AC-15A0-4D43-B38F-9DBADDFDF8DA}E:\steamlibrary\steamapps\common\cry of fear\cof.exe] => (Allow) E:\steamlibrary\steamapps\common\cry of fear\cof.exe No File
FirewallRules: [UDP Query User{C5423FF4-70C4-4195-8296-03C5C113B657}E:\steamlibrary\steamapps\common\cry of fear\cof.exe] => (Allow) E:\steamlibrary\steamapps\common\cry of fear\cof.exe No File
FirewallRules: [TCP Query User{762B49E0-DC27-4E6B-BCB4-BD44597B4908}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{686C0B94-8434-4996-87ED-8743F109731F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{14671F40-BD1A-45CB-A862-C429AD63C897}] => (Allow) E:\SteamLibrary\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe No File
FirewallRules: [{75039FD9-CAEA-4D54-9764-7AFB4C974D92}] => (Allow) E:\SteamLibrary\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe No File
FirewallRules: [{584120B2-E4AD-4624-9B99-419A765BB495}] => (Allow) E:\SteamLibrary\SteamApps\common\TacticalIntervention\bin\tacint.exe No File
FirewallRules: [{6EAE4D56-487B-4A88-B5C0-24F8A68E6C6F}] => (Allow) E:\SteamLibrary\SteamApps\common\TacticalIntervention\bin\tacint.exe No File
FirewallRules: [{27D79A8E-4F24-4A35-8815-137AA68607E5}] => (Allow) E:\RSVEGASSSS2\Binaries\R6Vegas2_Game.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{08A55D98-E0D4-41E0-B291-853B5FB4DDD2}] => (Allow) E:\RSVEGASSSS2\Binaries\R6Vegas2_Game.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{3BFE0D71-60AD-41F3-A93B-3C7DF4077532}] => (Allow) E:\RSVEGASSSS2\Binaries\R6Vegas2_Launcher.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{1AC273FF-4FD8-4005-882B-74DB2C4BC4B9}] => (Allow) E:\RSVEGASSSS2\Binaries\R6Vegas2_Launcher.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{BD0F347C-DD2C-4385-AC98-A7030DDE8126}] => (Allow) E:\GHOSTRECONAW2\Ghost Recon Advanced Warfighter 2\graw2.exe No File
FirewallRules: [{D9A50869-CAA6-4436-8622-636CFEF3475D}] => (Allow) E:\GHOSTRECONAW2\Ghost Recon Advanced Warfighter 2\graw2.exe No File
FirewallRules: [{3369E006-0513-4768-9AEC-97AF9DBF98A3}] => (Allow) E:\GHOSTRECONAW2\Ghost Recon Advanced Warfighter 2\graw2_dedicated.exe No File
FirewallRules: [{52A257B0-AC15-4BCB-A8FA-009270CCEA9C}] => (Allow) E:\GHOSTRECONAW2\Ghost Recon Advanced Warfighter 2\graw2_dedicated.exe No File
FirewallRules: [TCP Query User{B9D72438-1336-4F41-8ED6-DBC9AB35B2A4}E:\faces of war\facesofwar.exe] => (Allow) E:\faces of war\facesofwar.exe ("Bestway" Corp) [File not signed]
FirewallRules: [UDP Query User{C329C84E-761A-48B3-963E-389E9D0F353B}E:\faces of war\facesofwar.exe] => (Allow) E:\faces of war\facesofwar.exe ("Bestway" Corp) [File not signed]
FirewallRules: [{A7C0F9AA-9AB7-438A-B79C-77EBAB1729A2}] => (Allow) E:\SteamLibrary\SteamApps\common\Space\spacegame\Binaries\Win64\spacegame-Win64-Shipping.exe No File
FirewallRules: [{346C46D1-A6ED-42FE-B92D-60FA8C801B3A}] => (Allow) E:\SteamLibrary\SteamApps\common\Space\spacegame\Binaries\Win64\spacegame-Win64-Shipping.exe No File
FirewallRules: [{CD7A6AE8-7A02-45CD-B76B-C6D369290DA6}] => (Allow) E:\OFFICE 2007\Office12\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2C12E774-F716-43CF-8ECD-0C2237E3BC8C}] => (Allow) E:\OFFICE 2007\Office12\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{3E6A1D59-F9B1-4BB0-9F2B-7378C32ED6B6}E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe No File
FirewallRules: [UDP Query User{F97B2ABD-21D0-451F-9C7B-553598A5D332}E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe No File
FirewallRules: [{7291A1C5-A92C-41CB-BCCA-4A400F82BD91}] => (Block) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe No File
FirewallRules: [{7383504E-9504-42BC-8EA9-829841BD98BD}] => (Block) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe No File
FirewallRules: [{08E46379-E0D5-4CD3-A5DE-29902C15B716}] => (Allow) E:\SteamLibrary\SteamApps\common\Warface\live\nw.exe No File
FirewallRules: [{195E6678-F1B1-4933-8122-9632D249CCB9}] => (Allow) E:\SteamLibrary\SteamApps\common\Warface\live\nw.exe No File
FirewallRules: [TCP Query User{1C469F0A-0735-48E4-ACAC-405409B3A828}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{84EF7051-8757-4F79-A9DC-5E760C7E6FE5}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{1208413F-8E9B-41D0-85CF-E9286BEF0B9F}E:\program files (x86)\emule\emule.exe] => (Allow) E:\program files (x86)\emule\emule.exe No File
FirewallRules: [UDP Query User{5A43A938-EAD1-4A68-95F3-DD77191583A7}E:\program files (x86)\emule\emule.exe] => (Allow) E:\program files (x86)\emule\emule.exe No File
FirewallRules: [{0FDA82D1-8D9A-4A08-89BC-6B8CA28A0C08}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE No File
FirewallRules: [{53F4D7AB-1247-4D2B-A383-F139F8ADEBB4}] => (Allow) E:\SteamLibrary\SteamApps\common\Warface\live\nw.exe No File

Hola @RobertPolson

Desinstala con Revo Uninstaller en su Modo Avanzado:

  • FXWebPlayer

Manual de Revo Uninstaller.


Luego sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Desactiva Temporalmente tu antivirus.

3.- Abre un nuevo archivo Notepad y copia y pega este contenido:


Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-285307178-3440860486-1967224458-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-285307178-3440860486-1967224458-1000\...\MountPoints2: {12d9ba85-60b2-11e8-b9d2-94de80617526} - G:\setup.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {1BF2EA8A-4EC9-467C-AD94-9CF45AE12610} - System32\Tasks\{ED1BA117-5776-43E4-BD93-FAD621658F11} => C:\Windows\system32\pcalua.exe -a H:\EASetup.exe -d H:\
Task: {3C188968-0B05-41C9-B4EF-DE40BFA25A79} - System32\Tasks\0 => c:\program files\internet explorer\iexplore.exe  <==== ATTENTION
Task: {5C62BA1A-A08A-42D4-9543-A99C24AAFCA9} - System32\Tasks\{FAA35615-8DF8-451E-8217-CFE36810C692} => C:\Windows\system32\pcalua.exe -a E:\ZZmega\eMule0.50a-Installer.exe -d E:\ZZmega
Task: {63FFBECF-9BB0-4331-9DCF-8FBF96065824} - System32\Tasks\{8C6723F9-9935-4E88-ADE2-288DA4144738} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.18.85.112/es/abandoninstall?page=tsProgressBar
Task: {723111A6-C239-4EA6-A375-E2792D9D2395} - System32\Tasks\{DED911AB-48C5-4FFC-A50C-0E02BA37948A} => C:\Windows\system32\pcalua.exe -a K:\Setup.exe -d K:\
Task: {C4862227-E032-4482-8002-861C3CCBA847} - System32\Tasks\{6FF9A7A7-2361-40C8-9D70-1DF1E586FC29} => "c:\program files\internet explorer\iexplore.exe" hxxps://ui.skype.com/ui/0/7.33.0.104/es/abandoninstall?page=tsInstall
Task: {F4853B22-EA72-4A82-9B8C-E06B0A4E8A76} - System32\Tasks\{9EFFAB6B-26E1-4917-AB69-6404C7A5ED35} => C:\Windows\system32\pcalua.exe -a I:\Setup.exe -d I:\
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank
HKU\S-1-5-21-285307178-3440860486-1967224458-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.es/?gws_rd=ssl
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-285307178-3440860486-1967224458-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.oursurfing.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=M4-CT128M4SSD2_00000000130609298712&ts=1436645847&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-285307178-3440860486-1967224458-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.oursurfing.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=M4-CT128M4SSD2_00000000130609298712&ts=1436645847&type=default&q={searchTerms}
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
FF HKU\S-1-5-21-285307178-3440860486-1967224458-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\Alfredo\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin HKU\S-1-5-21-285307178-3440860486-1967224458-1000: @acestream.net/acestreamplugin,version=3.1.12.1 -> C:\Users\Alfredo\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
CHR HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
U3 a47ccpps; C:\Windows\System32\Drivers\a47ccpps.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
S3 X6va028; \??\C:\Windows\SysWOW64\Drivers\X6va028 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
FXWebPlayer (HKLM-x32\...\FXWebPlayer) (Version:  - FX Interactive) <==== ATTENTION
HKU\S-1-5-21-285307178-3440860486-1967224458-1000\...\ChromeHTML: ->  <==== ATTENTION
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
AlternateDataStreams: C:\Users\Alfredo:Heroes & Generals [38]
HKU\S-1-5-21-285307178-3440860486-1967224458-1000\Software\Classes\.exe:  =>  <==== ATTENTION
FirewallRules: [TCP Query User{F2FEB9BB-6FC0-493C-A188-B06CF39A5483}C:\juegos\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\juegos\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe No File
FirewallRules: [UDP Query User{45AC3FEE-E294-402E-B864-92FBAFCDA1F3}C:\juegos\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\juegos\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe No File
FirewallRules: [TCP Query User{4E404AF9-5C23-4903-A5CF-C3F5430B1B42}C:\juegos\ride to hell retribution\binaries\win64\rth.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win64\rth.exe No File
FirewallRules: [UDP Query User{32B71CA1-3D21-47A9-A32D-32C1B96B1E29}C:\juegos\ride to hell retribution\binaries\win64\rth.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win64\rth.exe No File
FirewallRules: [TCP Query User{C5B39CF5-38DB-42DC-B4EB-90A5D2F67816}C:\juegos\ride to hell retribution\binaries\win32\rthgame.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win32\rthgame.exe No File
FirewallRules: [UDP Query User{B28FDE2C-8140-42B1-A5A8-78EA7B7F59C0}C:\juegos\ride to hell retribution\binaries\win32\rthgame.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win32\rthgame.exe No File
FirewallRules: [TCP Query User{CEBB0E24-795C-4920-BCF8-8685DC2F753E}C:\juegos\ride to hell retribution\binaries\win64\rthgame.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win64\rthgame.exe No File
FirewallRules: [UDP Query User{E9226087-C931-4F45-92F4-2DA6D50F6CF8}C:\juegos\ride to hell retribution\binaries\win64\rthgame.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win64\rthgame.exe No File
FirewallRules: [TCP Query User{4CCB1154-C27A-4BFF-ABDF-072A9A9F08DF}C:\juegos\ride to hell retribution\binaries\win32\rth.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win32\rth.exe No File
FirewallRules: [UDP Query User{18A5DE52-81F8-423F-BC4E-1DC6F1E0F2FD}C:\juegos\ride to hell retribution\binaries\win32\rth.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win32\rth.exe No File
FirewallRules: [{8F6A5205-61A6-48A4-ADF3-F1F94A83090F}] => (Allow) C:\JUEGOS\warframe\Downloaded\Public\Warframe.exe No File
FirewallRules: [{F16F56FD-408A-493A-B8BB-E06C16AB61AA}] => (Allow) C:\JUEGOS\warframe\Downloaded\Public\Warframe.x64.exe No File
FirewallRules: [{139AF63F-E713-43B2-B03C-8392B01F438B}] => (Allow) C:\JUEGOS\warframe\Downloaded\Public\Warframe.exe No File
FirewallRules: [{16C12BA5-B874-4C4E-A73C-4AE4126ECAB1}] => (Allow) C:\JUEGOS\warframe\Downloaded\Public\Warframe.x64.exe No File
FirewallRules: [{D681E182-F66E-42CA-8A25-53A981CE8CDA}] => (Allow) C:\JUEGOS\warframe\Downloaded\Public\Warframe.exe No File
FirewallRules: [{61A1CFAE-1332-40E0-829D-C1994C30FBBA}] => (Allow) C:\JUEGOS\warframe\Downloaded\Public\Warframe.x64.exe No File
FirewallRules: [{79234726-A1DE-4643-8217-B0BB362AE36A}] => (Allow) C:\Users\Alfredo\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe No File
FirewallRules: [TCP Query User{10B6B192-C964-43FA-8975-621C2E601A0A}C:\juegos\aliens colonial marines\binaries\win32\acm.exe] => (Block) C:\juegos\aliens colonial marines\binaries\win32\acm.exe No File
FirewallRules: [UDP Query User{FA75C86D-4BCB-40CF-99C7-9245C8C4DDCF}C:\juegos\aliens colonial marines\binaries\win32\acm.exe] => (Block) C:\juegos\aliens colonial marines\binaries\win32\acm.exe No File
FirewallRules: [TCP Query User{C0319196-4D93-477B-B91D-95DE8CB720EE}C:\juegos\mohaa\mohaa.exe] => (Block) C:\juegos\mohaa\mohaa.exe No File
FirewallRules: [UDP Query User{A60A0017-30F8-4740-9E92-B5ECA7A72D30}C:\juegos\mohaa\mohaa.exe] => (Block) C:\juegos\mohaa\mohaa.exe No File
FirewallRules: [TCP Query User{9624B4E7-CA81-4BA4-8FF1-2BEC89F454AA}E:\steamlibrary\steamapps\common\medal of honor\mp\mohmpgame.exe] => (Block) E:\steamlibrary\steamapps\common\medal of honor\mp\mohmpgame.exe No File
FirewallRules: [UDP Query User{33E55FCE-505A-4FD8-A64C-7917CD78CBBC}E:\steamlibrary\steamapps\common\medal of honor\mp\mohmpgame.exe] => (Block) E:\steamlibrary\steamapps\common\medal of honor\mp\mohmpgame.exe No File
FirewallRules: [TCP Query User{32DC5FD2-6788-47B0-95B7-C2BE0E1F9E7A}E:\games\world_of_tanks\worldoftanks.exe] => (Allow) E:\games\world_of_tanks\worldoftanks.exe No File
FirewallRules: [UDP Query User{40C85A53-C094-43CD-AD82-C85C692A5214}E:\games\world_of_tanks\worldoftanks.exe] => (Allow) E:\games\world_of_tanks\worldoftanks.exe No File
FirewallRules: [TCP Query User{E19AEDA4-0299-4EC6-8976-3FF17C99771D}E:\steamlibrary\steamapps\common\medal of honor\binaries\moh.exe] => (Block) E:\steamlibrary\steamapps\common\medal of honor\binaries\moh.exe No File
FirewallRules: [UDP Query User{19078478-934A-44C3-9F29-EBC656DB189F}E:\steamlibrary\steamapps\common\medal of honor\binaries\moh.exe] => (Block) E:\steamlibrary\steamapps\common\medal of honor\binaries\moh.exe No File
FirewallRules: [TCP Query User{C8909647-9958-4A1C-B073-5B9C64E59E48}E:\steamlibrary\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) E:\steamlibrary\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe No File
FirewallRules: [UDP Query User{A6802ADC-945B-4C44-B079-CE35F18752D3}E:\steamlibrary\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) E:\steamlibrary\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe No File
FirewallRules: [{2E85CB5D-9416-4B7B-BA9B-D75D468F266C}] => (Allow) E:\SteamLibrary\SteamApps\common\Baldur's Gate Enhanced Edition\BGEE.exe No File
FirewallRules: [{647E1AD0-A30D-48F8-9BD0-664888C792DE}] => (Allow) E:\SteamLibrary\SteamApps\common\Baldur's Gate Enhanced Edition\BGEE.exe No File
FirewallRules: [TCP Query User{5A528708-518D-4EC3-BB32-21D6CA0D37E1}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe No File
FirewallRules: [UDP Query User{DF582426-D422-4DD0-B15F-4F9F1F7A0D65}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe No File
FirewallRules: [TCP Query User{6D6C8067-6FF1-463B-B7DD-70F536A11205}E:\steamlibrary\steamapps\common\the incredible adventures of van helsing\vanhelsing_x64.exe] => (Allow) E:\steamlibrary\steamapps\common\the incredible adventures of van helsing\vanhelsing_x64.exe No File
FirewallRules: [UDP Query User{7BA4B962-2D43-4517-8C1F-361914B928FF}E:\steamlibrary\steamapps\common\the incredible adventures of van helsing\vanhelsing_x64.exe] => (Allow) E:\steamlibrary\steamapps\common\the incredible adventures of van helsing\vanhelsing_x64.exe No File
FirewallRules: [{89A39DF0-BA3A-4D42-9088-681A264E28CB}] => (Allow) E:\SteamLibrary\SteamApps\common\Dollar Dash\Binaries\Win32\PKGame-Win32-Shipping.exe No File
FirewallRules: [{2307AD5B-ED65-4D3C-BCBB-C32E0A392B38}] => (Allow) E:\SteamLibrary\SteamApps\common\Dollar Dash\Binaries\Win32\PKGame-Win32-Shipping.exe No File
FirewallRules: [TCP Query User{D09FA530-1C43-4263-9C2D-EB940D7F5A52}C:\program files (x86)\ci games\enemy front\bin32\enemyfront.exe] => (Block) C:\program files (x86)\ci games\enemy front\bin32\enemyfront.exe No File
FirewallRules: [UDP Query User{0D1695EA-E7EB-4FF7-B3C2-3C27857A3D02}C:\program files (x86)\ci games\enemy front\bin32\enemyfront.exe] => (Block) C:\program files (x86)\ci games\enemy front\bin32\enemyfront.exe No File
FirewallRules: [{D782380D-A73E-4726-A8E8-2586E9604638}] => (Allow) C:\Program Files (x86)\Directory Lister Pro\DirListerPro.exe No File
FirewallRules: [{560F2EF0-3B4E-43BE-BBCE-C20CCE7AA531}] => (Allow) C:\Program Files (x86)\Directory Lister Pro\DirListerPro.exe No File
FirewallRules: [{B269ECC0-2B40-4A56-BF3B-F272B6078760}] => (Allow) C:\Program Files (x86)\Directory Lister Pro\DirListerPro.exe No File
FirewallRules: [{A694C8A2-DA32-48A5-8CF1-6BB7AABC8C64}] => (Allow) C:\Program Files (x86)\Directory Lister Pro\DirListerPro.exe No File
FirewallRules: [{52718102-6BAA-489F-AE1F-545AE83BE6B9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{0022E201-82EB-422E-8EA9-0814BBFDBB08}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [TCP Query User{17A0AA5E-5E24-4CDC-94EF-1E0CD15DF3FF}E:\steamlibrary\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) E:\steamlibrary\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe No File
FirewallRules: [UDP Query User{BE249719-40BD-4A2A-A69E-BF7F8BFC0DD7}E:\steamlibrary\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) E:\steamlibrary\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe No File
FirewallRules: [{8B58F443-2318-4A74-B715-40A5D4330D2F}] => (Allow) E:\SteamLibrary\SteamApps\common\The Scourge Project Ep 1 - 2\Binaries\Win32\ScourgeGame.exe No File
FirewallRules: [{E1F92008-EC75-4E51-B4C0-917F102DE245}] => (Allow) E:\SteamLibrary\SteamApps\common\The Scourge Project Ep 1 - 2\Binaries\Win32\ScourgeGame.exe No File
FirewallRules: [{DAB16C78-20FD-44AD-8BCC-02B46798DD71}] => (Allow) E:\SteamLibrary\SteamApps\common\GodMode\bin\GodMode.exe No File
FirewallRules: [{E391D846-E602-44F3-9385-C2BC14FA47BE}] => (Allow) E:\SteamLibrary\SteamApps\common\GodMode\bin\GodMode.exe No File
FirewallRules: [{2A2980C1-697A-4359-9410-720EBE437A3D}] => (Allow) E:\SteamLibrary\SteamApps\common\Hazard Ops\UnrealEngine3\Binaries\Win32\InfernumLogin.exe No File
FirewallRules: [{78888B02-1910-424A-B8AA-0DDA75E2DBDF}] => (Allow) E:\SteamLibrary\SteamApps\common\Hazard Ops\UnrealEngine3\Binaries\Win32\InfernumLogin.exe No File
FirewallRules: [TCP Query User{715542AC-15A0-4D43-B38F-9DBADDFDF8DA}E:\steamlibrary\steamapps\common\cry of fear\cof.exe] => (Allow) E:\steamlibrary\steamapps\common\cry of fear\cof.exe No File
FirewallRules: [UDP Query User{C5423FF4-70C4-4195-8296-03C5C113B657}E:\steamlibrary\steamapps\common\cry of fear\cof.exe] => (Allow) E:\steamlibrary\steamapps\common\cry of fear\cof.exe No File
FirewallRules: [{14671F40-BD1A-45CB-A862-C429AD63C897}] => (Allow) E:\SteamLibrary\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe No File
FirewallRules: [{75039FD9-CAEA-4D54-9764-7AFB4C974D92}] => (Allow) E:\SteamLibrary\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe No File
FirewallRules: [{584120B2-E4AD-4624-9B99-419A765BB495}] => (Allow) E:\SteamLibrary\SteamApps\common\TacticalIntervention\bin\tacint.exe No File
FirewallRules: [{6EAE4D56-487B-4A88-B5C0-24F8A68E6C6F}] => (Allow) E:\SteamLibrary\SteamApps\common\TacticalIntervention\bin\tacint.exe No File
FirewallRules: [{BD0F347C-DD2C-4385-AC98-A7030DDE8126}] => (Allow) E:\GHOSTRECONAW2\Ghost Recon Advanced Warfighter 2\graw2.exe No File
FirewallRules: [{D9A50869-CAA6-4436-8622-636CFEF3475D}] => (Allow) E:\GHOSTRECONAW2\Ghost Recon Advanced Warfighter 2\graw2.exe No File
FirewallRules: [{3369E006-0513-4768-9AEC-97AF9DBF98A3}] => (Allow) E:\GHOSTRECONAW2\Ghost Recon Advanced Warfighter 2\graw2_dedicated.exe No File
FirewallRules: [{52A257B0-AC15-4BCB-A8FA-009270CCEA9C}] => (Allow) E:\GHOSTRECONAW2\Ghost Recon Advanced Warfighter 2\graw2_dedicated.exe No File
FirewallRules: [{A7C0F9AA-9AB7-438A-B79C-77EBAB1729A2}] => (Allow) E:\SteamLibrary\SteamApps\common\Space\spacegame\Binaries\Win64\spacegame-Win64-Shipping.exe No File
FirewallRules: [{346C46D1-A6ED-42FE-B92D-60FA8C801B3A}] => (Allow) E:\SteamLibrary\SteamApps\common\Space\spacegame\Binaries\Win64\spacegame-Win64-Shipping.exe No File
FirewallRules: [TCP Query User{3E6A1D59-F9B1-4BB0-9F2B-7378C32ED6B6}E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe No File
FirewallRules: [UDP Query User{F97B2ABD-21D0-451F-9C7B-553598A5D332}E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe No File
FirewallRules: [{7291A1C5-A92C-41CB-BCCA-4A400F82BD91}] => (Block) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe No File
FirewallRules: [{7383504E-9504-42BC-8EA9-829841BD98BD}] => (Block) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe No File
FirewallRules: [{08E46379-E0D5-4CD3-A5DE-29902C15B716}] => (Allow) E:\SteamLibrary\SteamApps\common\Warface\live\nw.exe No File
FirewallRules: [{195E6678-F1B1-4933-8122-9632D249CCB9}] => (Allow) E:\SteamLibrary\SteamApps\common\Warface\live\nw.exe No File
FirewallRules: [TCP Query User{1208413F-8E9B-41D0-85CF-E9286BEF0B9F}E:\program files (x86)\emule\emule.exe] => (Allow) E:\program files (x86)\emule\emule.exe No File
FirewallRules: [UDP Query User{5A43A938-EAD1-4A68-95F3-DD77191583A7}E:\program files (x86)\emule\emule.exe] => (Allow) E:\program files (x86)\emule\emule.exe No File
FirewallRules: [{0FDA82D1-8D9A-4A08-89BC-6B8CA28A0C08}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE No File
FirewallRules: [{53F4D7AB-1247-4D2B-A383-F139F8ADEBB4}] => (Allow) E:\SteamLibrary\SteamApps\common\Warface\live\nw.exe No File
FirewallRules: [{414592AA-02B1-4C42-93AA-B8E0760818F6}] => (Allow) E:\SteamLibrary\SteamApps\common\Warface\live\nw.exe No File
FirewallRules: [TCP Query User{7E01FD73-1309-4530-BA33-9183E016EE01}E:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) E:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe No File
FirewallRules: [UDP Query User{66BB1489-E30B-4794-BFDF-C39DA0B86A94}E:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) E:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe No File
FirewallRules: [TCP Query User{E415D3B8-E910-4195-A58C-6F398880A64E}E:\steamlibrary\steamapps\common\trine 2\trine2_32bit.exe] => (Allow) E:\steamlibrary\steamapps\common\trine 2\trine2_32bit.exe No File
FirewallRules: [UDP Query User{D2799DDD-D3B3-408C-B77D-2A5A83CA4D4A}E:\steamlibrary\steamapps\common\trine 2\trine2_32bit.exe] => (Allow) E:\steamlibrary\steamapps\common\trine 2\trine2_32bit.exe No File
FirewallRules: [TCP Query User{62F8D165-73C1-4797-A9B2-1CC2E6DD3741}E:\steamlibrary\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) E:\steamlibrary\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe No File
FirewallRules: [UDP Query User{3D64CC39-0FA6-42F6-BF76-85316C47AEC1}E:\steamlibrary\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) E:\steamlibrary\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe No File
FirewallRules: [{FD8AA620-7F3E-411D-B214-B73C0473AD2D}] => (Allow) E:\SteamLibrary\SteamApps\common\CSNZ\Bin\cstrike-online.exe No File
FirewallRules: [{4A7FF705-29B8-4AAC-A51B-8877AC11F199}] => (Allow) E:\SteamLibrary\SteamApps\common\CSNZ\Bin\cstrike-online.exe No File
FirewallRules: [{01A71042-414E-47AF-A913-EDEB25034BE9}] => (Allow) E:\SteamLibrary\SteamApps\common\GasGuzzlersExtreme\Bin32\GasGuzzlers.exe No File
FirewallRules: [{BBE248B8-8D0C-4D7C-A29C-AA68F9C99E95}] => (Allow) E:\SteamLibrary\SteamApps\common\GasGuzzlersExtreme\Bin32\GasGuzzlers.exe No File
FirewallRules: [{63034A5A-E449-47DF-B7E7-0B913B40FCC0}] => (Allow) E:\SteamLibrary\SteamApps\common\GasGuzzlersExtreme\Bin32\GGDedicatedServerLauncher.exe No File
FirewallRules: [{24E29700-541D-4B21-8918-CCC29E88DDE3}] => (Allow) E:\SteamLibrary\SteamApps\common\GasGuzzlersExtreme\Bin32\GGDedicatedServerLauncher.exe No File
FirewallRules: [{A4FAF5A2-2CAC-42B5-90D1-BA09B40C3D28}] => (Allow) E:\SteamLibrary\SteamApps\common\GasGuzzlersExtreme\Bin64\GasGuzzlers.exe No File
FirewallRules: [{4FE9C5B0-C24A-4027-9EEA-9BADA8563C08}] => (Allow) E:\SteamLibrary\SteamApps\common\GasGuzzlersExtreme\Bin64\GasGuzzlers.exe No File
FirewallRules: [{971E3438-8EF9-4131-BA17-53A81B3328BB}] => (Allow) E:\SteamLibrary\SteamApps\common\GasGuzzlersExtreme\Bin64\GGDedicatedServerLauncher.exe No File
FirewallRules: [{8E32A6A5-E4BE-4F46-A944-DC840693E9AE}] => (Allow) E:\SteamLibrary\SteamApps\common\GasGuzzlersExtreme\Bin64\GGDedicatedServerLauncher.exe No File
FirewallRules: [TCP Query User{13A32E03-1782-4E94-8977-9ABDC9414642}E:\steamlibrary\steamapps\common\aftermath\amlauncher.exe.new.exe] => (Allow) E:\steamlibrary\steamapps\common\aftermath\amlauncher.exe.new.exe No File
FirewallRules: [UDP Query User{14DBA9C3-07F5-46E8-9E6F-8F15BD92B079}E:\steamlibrary\steamapps\common\aftermath\amlauncher.exe.new.exe] => (Allow) E:\steamlibrary\steamapps\common\aftermath\amlauncher.exe.new.exe No File
FirewallRules: [TCP Query User{D571B168-E8FC-4143-A85A-B384D84646BF}E:\steamlibrary\steamapps\common\aftermath\aftermath.exe] => (Allow) E:\steamlibrary\steamapps\common\aftermath\aftermath.exe No File
FirewallRules: [UDP Query User{A655EDA5-8C29-420B-A7FE-38D99B517B33}E:\steamlibrary\steamapps\common\aftermath\aftermath.exe] => (Allow) E:\steamlibrary\steamapps\common\aftermath\aftermath.exe No File
FirewallRules: [{B9B8C2E6-A705-4282-897C-7FB7177DC1AE}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe No File
FirewallRules: [{5510D096-DFFC-4EF8-9753-E57ACAF3FC7C}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe No File
FirewallRules: [{8436DF7F-3C11-409D-9DD1-803C4D12D9C0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe No File
FirewallRules: [{12F8329A-253D-4EFA-ADA1-70ACE822720F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe No File
FirewallRules: [{42311350-CFAF-4918-8877-26E9CA0EBDED}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe No File
FirewallRules: [{31A91B6D-4805-4C75-85FC-3297EBEA6F0A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe No File
FirewallRules: [{7F00E243-478C-46FA-8C3E-53D3E99C2F37}] => (Allow) E:\SteamLibrary\SteamApps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe No File
FirewallRules: [{F783C78F-E4C1-4F89-854A-2CEF7D2AE76B}] => (Allow) E:\SteamLibrary\SteamApps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe No File
FirewallRules: [TCP Query User{5B8FA03C-E0BC-4076-A64D-00F00327DF0B}E:\program files (x86)\ubisoft\far cry 4\bin\farcry4.exe] => (Block) E:\program files (x86)\ubisoft\far cry 4\bin\farcry4.exe No File
FirewallRules: [UDP Query User{E8BC8CC6-92F3-4846-9C32-842E75BE0E1E}E:\program files (x86)\ubisoft\far cry 4\bin\farcry4.exe] => (Block) E:\program files (x86)\ubisoft\far cry 4\bin\farcry4.exe No File
FirewallRules: [{190B5B1A-8686-41F7-8747-648EDBE3F71F}] => (Allow) E:\JUEGOS\ubi GRFS\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX11.exe No File
FirewallRules: [{86828B89-A5EF-4FB7-A062-1C92F2874AA6}] => (Allow) E:\JUEGOS\ubi GRFS\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX11.exe No File
FirewallRules: [{F0B604F2-353D-49D9-B70B-59158EA63814}] => (Allow) E:\JUEGOS\ubi GRFS\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX9.exe No File
FirewallRules: [{CD32B3B8-8F05-4B46-B8A7-E7B4C0E6A42C}] => (Allow) E:\JUEGOS\ubi GRFS\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX9.exe No File
FirewallRules: [TCP Query User{110F6F5A-007E-43E6-A4E1-9E12EFAE4CA8}E:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) E:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe No File
FirewallRules: [UDP Query User{B01F1546-DF6C-49DE-ADBC-1D8B317F6474}E:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) E:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe No File
FirewallRules: [{198D7E6A-0976-43DA-8A37-988C7E0BC915}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{104C58F6-E864-47C5-BD47-C02543E8605C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{0D4DC6FA-9CE1-4F98-8AB6-19EE00E31264}E:\steamlibrary\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) E:\steamlibrary\steamapps\common\trine 3\trine3_64bit.exe No File
FirewallRules: [UDP Query User{F7D15C6D-DBB2-4FAC-A6FC-554B5729D140}E:\steamlibrary\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) E:\steamlibrary\steamapps\common\trine 3\trine3_64bit.exe No File
FirewallRules: [TCP Query User{D41DDF44-4548-4D26-A33C-4DA0E5FF90DF}E:\juegos\far cry primal\bin\fcprimal.exe] => (Block) E:\juegos\far cry primal\bin\fcprimal.exe No File
FirewallRules: [UDP Query User{B4C66135-9DEB-4E09-B2F8-F4442BB029DD}E:\juegos\far cry primal\bin\fcprimal.exe] => (Block) E:\juegos\far cry primal\bin\fcprimal.exe No File
FirewallRules: [TCP Query User{6A2CF064-3945-4F0E-A2D9-CF9AD225178B}E:\juegos\sameer hirezi\one sole purpose relaunched edition\onesolepurpose\onesolepurpose\binaries\win64\onesolepurpose-win64-shipping.exe] => (Block) E:\juegos\sameer hirezi\one sole purpose relaunched edition\onesolepurpose\onesolepurpose\binaries\win64\onesolepurpose-win64-shipping.exe No File
FirewallRules: [UDP Query User{7E7A91C7-CEEA-4BC9-B7E6-39FA49F96A4D}E:\juegos\sameer hirezi\one sole purpose relaunched edition\onesolepurpose\onesolepurpose\binaries\win64\onesolepurpose-win64-shipping.exe] => (Block) E:\juegos\sameer hirezi\one sole purpose relaunched edition\onesolepurpose\onesolepurpose\binaries\win64\onesolepurpose-win64-shipping.exe No File
FirewallRules: [{AC518C0C-5C63-41A8-BDFF-5D13DDDDD44B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe No File
FirewallRules: [{6AE7FF73-DAB5-43DC-A6A4-A4535AE119DB}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe No File
FirewallRules: [{7D75E167-A37A-4E68-8E97-D021E549D239}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe No File
FirewallRules: [{C7F8E2F2-B8E6-49E3-B1DE-F824D2528D3A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe No File
FirewallRules: [{6804346B-B23E-4326-8CB8-C50F5E1D18E8}] => (Allow) E:\SteamLibrary\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe No File
FirewallRules: [{0A79C651-136E-4774-B52F-962E708FA28E}] => (Allow) E:\SteamLibrary\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe No File
FirewallRules: [{74EC601C-5061-4316-8772-EFA18360AE28}] => (Allow) E:\SteamLibrary\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe No File
FirewallRules: [{818B55F1-E443-4291-9A7B-877444A0255B}] => (Allow) E:\SteamLibrary\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe No File
FirewallRules: [TCP Query User{22C0625C-0A5B-42F1-9917-A9771717A67A}E:\juegos\shadowcomplex\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) E:\juegos\shadowcomplex\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{DDC2F429-75BF-4A55-A4DC-F891E928667F}E:\juegos\shadowcomplex\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) E:\juegos\shadowcomplex\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{67501ADA-ECF1-4EFE-B89B-05BFBD02AD9C}E:\juegos\shadowcomplex\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\juegos\shadowcomplex\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{65CF1DCC-763A-4CCF-BF72-E797365D6F0F}E:\juegos\shadowcomplex\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\juegos\shadowcomplex\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [{E2CF3125-691C-4BFB-BA3A-2165591C5326}] => (Allow) E:\SteamLibrary\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe No File
FirewallRules: [{68E62764-7C12-4535-A5D9-DE112EBE3B31}] => (Allow) E:\SteamLibrary\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe No File
FirewallRules: [TCP Query User{2ED96298-4F78-4F44-8444-FC7F4C48416C}E:\juegos\far cry primal\bin\fcprimal.exe] => (Block) E:\juegos\far cry primal\bin\fcprimal.exe No File
FirewallRules: [UDP Query User{3D46A004-4525-4E76-8434-39268A6090AF}E:\juegos\far cry primal\bin\fcprimal.exe] => (Block) E:\juegos\far cry primal\bin\fcprimal.exe No File
FirewallRules: [{329A2319-1AD5-4EBC-8F09-B99B405175CA}] => (Allow) E:\JUEGOS\Nueva carpeta\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX11.exe No File
FirewallRules: [{7F7A3889-D614-4EA3-ADFB-EE0BB2A6FE4D}] => (Allow) E:\JUEGOS\Nueva carpeta\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX11.exe No File
FirewallRules: [{4140E52A-D9FE-401F-8CA3-A1E38D0E8E3B}] => (Allow) E:\JUEGOS\Nueva carpeta\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX9.exe No File
FirewallRules: [{B8F6468A-26B1-4A15-8A74-A24751DFC1C2}] => (Allow) E:\JUEGOS\Nueva carpeta\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX9.exe No File
FirewallRules: [TCP Query User{8FF79080-D725-44F0-938D-3EC2BA71DED8}E:\steamlibrary\steamapps\common\postal redux\postalredux\binaries\win64\postalredux-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\postal redux\postalredux\binaries\win64\postalredux-win64-shipping.exe No File
FirewallRules: [UDP Query User{4D65D367-18F2-4D93-96D8-63AA56E950B4}E:\steamlibrary\steamapps\common\postal redux\postalredux\binaries\win64\postalredux-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\postal redux\postalredux\binaries\win64\postalredux-win64-shipping.exe No File
FirewallRules: [TCP Query User{623E11FD-F39C-46FC-85E2-180AE543BE29}E:\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) E:\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe No File
FirewallRules: [UDP Query User{C25FD0A9-DD76-4924-A8CB-1EF5063F67ED}E:\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) E:\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe No File
FirewallRules: [TCP Query User{6ECBB39A-AE72-4FD2-B232-F83F3072FD59}E:\steamlibrary\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe] => (Allow) E:\steamlibrary\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe No File
FirewallRules: [UDP Query User{7C8AE55C-8C38-4199-93E8-54DAB1B4BECA}E:\steamlibrary\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe] => (Allow) E:\steamlibrary\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe No File

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Nos comentas .

Salu2.

Fix result of Farbar Recovery Scan Tool (x64) Version: 07-08-2019 02
Ran by Alfredo (10-08-2019 11:16:10) Run:1
Running from C:\Users\Alfredo\Desktop
Loaded Profiles: Alfredo (Available Profiles: Alfredo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-285307178-3440860486-1967224458-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-285307178-3440860486-1967224458-1000\...\MountPoints2: {12d9ba85-60b2-11e8-b9d2-94de80617526} - G:\setup.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {1BF2EA8A-4EC9-467C-AD94-9CF45AE12610} - System32\Tasks\{ED1BA117-5776-43E4-BD93-FAD621658F11} => C:\Windows\system32\pcalua.exe -a H:\EASetup.exe -d H:\
Task: {3C188968-0B05-41C9-B4EF-DE40BFA25A79} - System32\Tasks\0 => c:\program files\internet explorer\iexplore.exe  <==== ATTENTION
Task: {5C62BA1A-A08A-42D4-9543-A99C24AAFCA9} - System32\Tasks\{FAA35615-8DF8-451E-8217-CFE36810C692} => C:\Windows\system32\pcalua.exe -a E:\ZZmega\eMule0.50a-Installer.exe -d E:\ZZmega
Task: {63FFBECF-9BB0-4331-9DCF-8FBF96065824} - System32\Tasks\{8C6723F9-9935-4E88-ADE2-288DA4144738} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.18.85.112/es/abandoninstall?page=tsProgressBar
Task: {723111A6-C239-4EA6-A375-E2792D9D2395} - System32\Tasks\{DED911AB-48C5-4FFC-A50C-0E02BA37948A} => C:\Windows\system32\pcalua.exe -a K:\Setup.exe -d K:\
Task: {C4862227-E032-4482-8002-861C3CCBA847} - System32\Tasks\{6FF9A7A7-2361-40C8-9D70-1DF1E586FC29} => "c:\program files\internet explorer\iexplore.exe" hxxps://ui.skype.com/ui/0/7.33.0.104/es/abandoninstall?page=tsInstall
Task: {F4853B22-EA72-4A82-9B8C-E06B0A4E8A76} - System32\Tasks\{9EFFAB6B-26E1-4917-AB69-6404C7A5ED35} => C:\Windows\system32\pcalua.exe -a I:\Setup.exe -d I:\
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank
HKU\S-1-5-21-285307178-3440860486-1967224458-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.es/?gws_rd=ssl
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-285307178-3440860486-1967224458-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.oursurfing.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=M4-CT128M4SSD2_00000000130609298712&ts=1436645847&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-285307178-3440860486-1967224458-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.oursurfing.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=M4-CT128M4SSD2_00000000130609298712&ts=1436645847&type=default&q={searchTerms}
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
FF HKU\S-1-5-21-285307178-3440860486-1967224458-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\Alfredo\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin HKU\S-1-5-21-285307178-3440860486-1967224458-1000: @acestream.net/acestreamplugin,version=3.1.12.1 -> C:\Users\Alfredo\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
CHR HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
U3 a47ccpps; C:\Windows\System32\Drivers\a47ccpps.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
S3 X6va028; \??\C:\Windows\SysWOW64\Drivers\X6va028 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
FXWebPlayer (HKLM-x32\...\FXWebPlayer) (Version:  - FX Interactive) <==== ATTENTION
HKU\S-1-5-21-285307178-3440860486-1967224458-1000\...\ChromeHTML: ->  <==== ATTENTION
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
AlternateDataStreams: C:\Users\Alfredo:Heroes & Generals [38]
HKU\S-1-5-21-285307178-3440860486-1967224458-1000\Software\Classes\.exe:  =>  <==== ATTENTION
FirewallRules: [TCP Query User{F2FEB9BB-6FC0-493C-A188-B06CF39A5483}C:\juegos\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\juegos\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe No File
FirewallRules: [UDP Query User{45AC3FEE-E294-402E-B864-92FBAFCDA1F3}C:\juegos\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\juegos\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe No File
FirewallRules: [TCP Query User{4E404AF9-5C23-4903-A5CF-C3F5430B1B42}C:\juegos\ride to hell retribution\binaries\win64\rth.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win64\rth.exe No File
FirewallRules: [UDP Query User{32B71CA1-3D21-47A9-A32D-32C1B96B1E29}C:\juegos\ride to hell retribution\binaries\win64\rth.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win64\rth.exe No File
FirewallRules: [TCP Query User{C5B39CF5-38DB-42DC-B4EB-90A5D2F67816}C:\juegos\ride to hell retribution\binaries\win32\rthgame.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win32\rthgame.exe No File
FirewallRules: [UDP Query User{B28FDE2C-8140-42B1-A5A8-78EA7B7F59C0}C:\juegos\ride to hell retribution\binaries\win32\rthgame.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win32\rthgame.exe No File
FirewallRules: [TCP Query User{CEBB0E24-795C-4920-BCF8-8685DC2F753E}C:\juegos\ride to hell retribution\binaries\win64\rthgame.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win64\rthgame.exe No File
FirewallRules: [UDP Query User{E9226087-C931-4F45-92F4-2DA6D50F6CF8}C:\juegos\ride to hell retribution\binaries\win64\rthgame.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win64\rthgame.exe No File
FirewallRules: [TCP Query User{4CCB1154-C27A-4BFF-ABDF-072A9A9F08DF}C:\juegos\ride to hell retribution\binaries\win32\rth.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win32\rth.exe No File
FirewallRules: [UDP Query User{18A5DE52-81F8-423F-BC4E-1DC6F1E0F2FD}C:\juegos\ride to hell retribution\binaries\win32\rth.exe] => (Block) C:\juegos\ride to hell retribution\binaries\win32\rth.exe No File
FirewallRules: [{8F6A5205-61A6-48A4-ADF3-F1F94A83090F}] => (Allow) C:\JUEGOS\warframe\Downloaded\Public\Warframe.exe No File
FirewallRules: [{F16F56FD-408A-493A-B8BB-E06C16AB61AA}] => (Allow) C:\JUEGOS\warframe\Downloaded\Public\Warframe.x64.exe No File
FirewallRules: [{139AF63F-E713-43B2-B03C-8392B01F438B}] => (Allow) C:\JUEGOS\warframe\Downloaded\Public\Warframe.exe No File
FirewallRules: [{16C12BA5-B874-4C4E-A73C-4AE4126ECAB1}] => (Allow) C:\JUEGOS\warframe\Downloaded\Public\Warframe.x64.exe No File
FirewallRules: [{D681E182-F66E-42CA-8A25-53A981CE8CDA}] => (Allow) C:\JUEGOS\warframe\Downloaded\Public\Warframe.exe No File
FirewallRules: [{61A1CFAE-1332-40E0-829D-C1994C30FBBA}] => (Allow) C:\JUEGOS\warframe\Downloaded\Public\Warframe.x64.exe No File
FirewallRules: [{79234726-A1DE-4643-8217-B0BB362AE36A}] => (Allow) C:\Users\Alfredo\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe No File
FirewallRules: [TCP Query User{10B6B192-C964-43FA-8975-621C2E601A0A}C:\juegos\aliens colonial marines\binaries\win32\acm.exe] => (Block) C:\juegos\aliens colonial marines\binaries\win32\acm.exe No File
FirewallRules: [UDP Query User{FA75C86D-4BCB-40CF-99C7-9245C8C4DDCF}C:\juegos\aliens colonial marines\binaries\win32\acm.exe] => (Block) C:\juegos\aliens colonial marines\binaries\win32\acm.exe No File
FirewallRules: [TCP Query User{C0319196-4D93-477B-B91D-95DE8CB720EE}C:\juegos\mohaa\mohaa.exe] => (Block) C:\juegos\mohaa\mohaa.exe No File
FirewallRules: [UDP Query User{A60A0017-30F8-4740-9E92-B5ECA7A72D30}C:\juegos\mohaa\mohaa.exe] => (Block) C:\juegos\mohaa\mohaa.exe No File
FirewallRules: [TCP Query User{9624B4E7-CA81-4BA4-8FF1-2BEC89F454AA}E:\steamlibrary\steamapps\common\medal of honor\mp\mohmpgame.exe] => (Block) E:\steamlibrary\steamapps\common\medal of honor\mp\mohmpgame.exe No File
FirewallRules: [UDP Query User{33E55FCE-505A-4FD8-A64C-7917CD78CBBC}E:\steamlibrary\steamapps\common\medal of honor\mp\mohmpgame.exe] => (Block) E:\steamlibrary\steamapps\common\medal of honor\mp\mohmpgame.exe No File
FirewallRules: [TCP Query User{32DC5FD2-6788-47B0-95B7-C2BE0E1F9E7A}E:\games\world_of_tanks\worldoftanks.exe] => (Allow) E:\games\world_of_tanks\worldoftanks.exe No File
FirewallRules: [UDP Query User{40C85A53-C094-43CD-AD82-C85C692A5214}E:\games\world_of_tanks\worldoftanks.exe] => (Allow) E:\games\world_of_tanks\worldoftanks.exe No File
FirewallRules: [TCP Query User{E19AEDA4-0299-4EC6-8976-3FF17C99771D}E:\steamlibrary\steamapps\common\medal of honor\binaries\moh.exe] => (Block) E:\steamlibrary\steamapps\common\medal of honor\binaries\moh.exe No File
FirewallRules: [UDP Query User{19078478-934A-44C3-9F29-EBC656DB189F}E:\steamlibrary\steamapps\common\medal of honor\binaries\moh.exe] => (Block) E:\steamlibrary\steamapps\common\medal of honor\binaries\moh.exe No File
FirewallRules: [TCP Query User{C8909647-9958-4A1C-B073-5B9C64E59E48}E:\steamlibrary\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) E:\steamlibrary\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe No File
FirewallRules: [UDP Query User{A6802ADC-945B-4C44-B079-CE35F18752D3}E:\steamlibrary\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) E:\steamlibrary\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe No File
FirewallRules: [{2E85CB5D-9416-4B7B-BA9B-D75D468F266C}] => (Allow) E:\SteamLibrary\SteamApps\common\Baldur's Gate Enhanced Edition\BGEE.exe No File
FirewallRules: [{647E1AD0-A30D-48F8-9BD0-664888C792DE}] => (Allow) E:\SteamLibrary\SteamApps\common\Baldur's Gate Enhanced Edition\BGEE.exe No File
FirewallRules: [TCP Query User{5A528708-518D-4EC3-BB32-21D6CA0D37E1}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe No File
FirewallRules: [UDP Query User{DF582426-D422-4DD0-B15F-4F9F1F7A0D65}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe No File
FirewallRules: [TCP Query User{6D6C8067-6FF1-463B-B7DD-70F536A11205}E:\steamlibrary\steamapps\common\the incredible adventures of van helsing\vanhelsing_x64.exe] => (Allow) E:\steamlibrary\steamapps\common\the incredible adventures of van helsing\vanhelsing_x64.exe No File
FirewallRules: [UDP Query User{7BA4B962-2D43-4517-8C1F-361914B928FF}E:\steamlibrary\steamapps\common\the incredible adventures of van helsing\vanhelsing_x64.exe] => (Allow) E:\steamlibrary\steamapps\common\the incredible adventures of van helsing\vanhelsing_x64.exe No File
FirewallRules: [{89A39DF0-BA3A-4D42-9088-681A264E28CB}] => (Allow) E:\SteamLibrary\SteamApps\common\Dollar Dash\Binaries\Win32\PKGame-Win32-Shipping.exe No File
FirewallRules: [{2307AD5B-ED65-4D3C-BCBB-C32E0A392B38}] => (Allow) E:\SteamLibrary\SteamApps\common\Dollar Dash\Binaries\Win32\PKGame-Win32-Shipping.exe No File
FirewallRules: [TCP Query User{D09FA530-1C43-4263-9C2D-EB940D7F5A52}C:\program files (x86)\ci games\enemy front\bin32\enemyfront.exe] => (Block) C:\program files (x86)\ci games\enemy front\bin32\enemyfront.exe No File
FirewallRules: [UDP Query User{0D1695EA-E7EB-4FF7-B3C2-3C27857A3D02}C:\program files (x86)\ci games\enemy front\bin32\enemyfront.exe] => (Block) C:\program files (x86)\ci games\enemy front\bin32\enemyfront.exe No File
FirewallRules: [{D782380D-A73E-4726-A8E8-2586E9604638}] => (Allow) C:\Program Files (x86)\Directory Lister Pro\DirListerPro.exe No File
FirewallRules: [{560F2EF0-3B4E-43BE-BBCE-C20CCE7AA531}] => (Allow) C:\Program Files (x86)\Directory Lister Pro\DirListerPro.exe No File
FirewallRules: [{B269ECC0-2B40-4A56-BF3B-F272B6078760}] => (Allow) C:\Program Files (x86)\Directory Lister Pro\DirListerPro.exe No File
FirewallRules: [{A694C8A2-DA32-48A5-8CF1-6BB7AABC8C64}] => (Allow) C:\Program Files (x86)\Directory Lister Pro\DirListerPro.exe No File
FirewallRules: [{52718102-6BAA-489F-AE1F-545AE83BE6B9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{0022E201-82EB-422E-8EA9-0814BBFDBB08}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [TCP Query User{17A0AA5E-5E24-4CDC-94EF-1E0CD15DF3FF}E:\steamlibrary\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) E:\steamlibrary\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe No File
FirewallRules: [UDP Query User{BE249719-40BD-4A2A-A69E-BF7F8BFC0DD7}E:\steamlibrary\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) E:\steamlibrary\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe No File
FirewallRules: [{8B58F443-2318-4A74-B715-40A5D4330D2F}] => (Allow) E:\SteamLibrary\SteamApps\common\The Scourge Project Ep 1 - 2\Binaries\Win32\ScourgeGame.exe No File
FirewallRules: [{E1F92008-EC75-4E51-B4C0-917F102DE245}] => (Allow) E:\SteamLibrary\SteamApps\common\The Scourge Project Ep 1 - 2\Binaries\Win32\ScourgeGame.exe No File
FirewallRules: [{DAB16C78-20FD-44AD-8BCC-02B46798DD71}] => (Allow) E:\SteamLibrary\SteamApps\common\GodMode\bin\GodMode.exe No File
FirewallRules: [{E391D846-E602-44F3-9385-C2BC14FA47BE}] => (Allow) E:\SteamLibrary\SteamApps\common\GodMode\bin\GodMode.exe No File
FirewallRules: [{2A2980C1-697A-4359-9410-720EBE437A3D}] => (Allow) E:\SteamLibrary\SteamApps\common\Hazard Ops\UnrealEngine3\Binaries\Win32\InfernumLogin.exe No File
FirewallRules: [{78888B02-1910-424A-B8AA-0DDA75E2DBDF}] => (Allow) E:\SteamLibrary\SteamApps\common\Hazard Ops\UnrealEngine3\Binaries\Win32\InfernumLogin.exe No File
FirewallRules: [TCP Query User{715542AC-15A0-4D43-B38F-9DBADDFDF8DA}E:\steamlibrary\steamapps\common\cry of fear\cof.exe] => (Allow) E:\steamlibrary\steamapps\common\cry of fear\cof.exe No File
FirewallRules: [UDP Query User{C5423FF4-70C4-4195-8296-03C5C113B657}E:\steamlibrary\steamapps\common\cry of fear\cof.exe] => (Allow) E:\steamlibrary\steamapps\common\cry of fear\cof.exe No File
FirewallRules: [{14671F40-BD1A-45CB-A862-C429AD63C897}] => (Allow) E:\SteamLibrary\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe No File
FirewallRules: [{75039FD9-CAEA-4D54-9764-7AFB4C974D92}] => (Allow) E:\SteamLibrary\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe No File
FirewallRules: [{584120B2-E4AD-4624-9B99-419A765BB495}] => (Allow) E:\SteamLibrary\SteamApps\common\TacticalIntervention\bin\tacint.exe No File
FirewallRules: [{6EAE4D56-487B-4A88-B5C0-24F8A68E6C6F}] => (Allow) E:\SteamLibrary\SteamApps\common\TacticalIntervention\bin\tacint.exe No File
FirewallRules: [{BD0F347C-DD2C-4385-AC98-A7030DDE8126}] => (Allow) E:\GHOSTRECONAW2\Ghost Recon Advanced Warfighter 2\graw2.exe No File
FirewallRules: [{D9A50869-CAA6-4436-8622-636CFEF3475D}] => (Allow) E:\GHOSTRECONAW2\Ghost Recon Advanced Warfighter 2\graw2.exe No File
FirewallRules: [{3369E006-0513-4768-9AEC-97AF9DBF98A3}] => (Allow) E:\GHOSTRECONAW2\Ghost Recon Advanced Warfighter 2\graw2_dedicated.exe No File
FirewallRules: [{52A257B0-AC15-4BCB-A8FA-009270CCEA9C}] => (Allow) E:\GHOSTRECONAW2\Ghost Recon Advanced Warfighter 2\graw2_dedicated.exe No File
FirewallRules: [{A7C0F9AA-9AB7-438A-B79C-77EBAB1729A2}] => (Allow) E:\SteamLibrary\SteamApps\common\Space\spacegame\Binaries\Win64\spacegame-Win64-Shipping.exe No File
FirewallRules: [{346C46D1-A6ED-42FE-B92D-60FA8C801B3A}] => (Allow) E:\SteamLibrary\SteamApps\common\Space\spacegame\Binaries\Win64\spacegame-Win64-Shipping.exe No File
FirewallRules: [TCP Query User{3E6A1D59-F9B1-4BB0-9F2B-7378C32ED6B6}E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe No File
FirewallRules: [UDP Query User{F97B2ABD-21D0-451F-9C7B-553598A5D332}E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe No File
FirewallRules: [{7291A1C5-A92C-41CB-BCCA-4A400F82BD91}] => (Block) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe No File
FirewallRules: [{7383504E-9504-42BC-8EA9-829841BD98BD}] => (Block) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe No File
FirewallRules: [{08E46379-E0D5-4CD3-A5DE-29902C15B716}] => (Allow) E:\SteamLibrary\SteamApps\common\Warface\live\nw.exe No File
FirewallRules: [{195E6678-F1B1-4933-8122-9632D249CCB9}] => (Allow) E:\SteamLibrary\SteamApps\common\Warface\live\nw.exe No File
FirewallRules: [TCP Query User{1208413F-8E9B-41D0-85CF-E9286BEF0B9F}E:\program files (x86)\emule\emule.exe] => (Allow) E:\program files (x86)\emule\emule.exe No File
FirewallRules: [UDP Query User{5A43A938-EAD1-4A68-95F3-DD77191583A7}E:\program files (x86)\emule\emule.exe] => (Allow) E:\program files (x86)\emule\emule.exe No File
FirewallRules: [{0FDA82D1-8D9A-4A08-89BC-6B8CA28A0C08}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE No File
FirewallRules: [{53F4D7AB-1247-4D2B-A383-F139F8ADEBB4}] => (Allow) E:\SteamLibrary\SteamApps\common\Warface\live\nw.exe No File
FirewallRules: [{414592AA-02B1-4C42-93AA-B8E0760818F6}] => (Allow) E:\SteamLibrary\SteamApps\common\Warface\live\nw.exe No File
FirewallRules: [TCP Query User{7E01FD73-1309-4530-BA33-9183E016EE01}E:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) E:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe No File
FirewallRules: [UDP Query User{66BB1489-E30B-4794-BFDF-C39DA0B86A94}E:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) E:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe No File
FirewallRules: [TCP Query User{E415D3B8-E910-4195-A58C-6F398880A64E}E:\steamlibrary\steamapps\common\trine 2\trine2_32bit.exe] => (Allow) E:\steamlibrary\steamapps\common\trine 2\trine2_32bit.exe No File
FirewallRules: [UDP Query User{D2799DDD-D3B3-408C-B77D-2A5A83CA4D4A}E:\steamlibrary\steamapps\common\trine 2\trine2_32bit.exe] => (Allow) E:\steamlibrary\steamapps\common\trine 2\trine2_32bit.exe No File
FirewallRules: [TCP Query User{62F8D165-73C1-4797-A9B2-1CC2E6DD3741}E:\steamlibrary\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) E:\steamlibrary\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe No File
FirewallRules: [UDP Query User{3D64CC39-0FA6-42F6-BF76-85316C47AEC1}E:\steamlibrary\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) E:\steamlibrary\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe No File
FirewallRules: [{FD8AA620-7F3E-411D-B214-B73C0473AD2D}] => (Allow) E:\SteamLibrary\SteamApps\common\CSNZ\Bin\cstrike-online.exe No File
FirewallRules: [{4A7FF705-29B8-4AAC-A51B-8877AC11F199}] => (Allow) E:\SteamLibrary\SteamApps\common\CSNZ\Bin\cstrike-online.exe No File
FirewallRules: [{01A71042-414E-47AF-A913-EDEB25034BE9}] => (Allow) E:\SteamLibrary\SteamApps\common\GasGuzzlersExtreme\Bin32\GasGuzzlers.exe No File
FirewallRules: [{BBE248B8-8D0C-4D7C-A29C-AA68F9C99E95}] => (Allow) E:\SteamLibrary\SteamApps\common\GasGuzzlersExtreme\Bin32\GasGuzzlers.exe No File
FirewallRules: [{63034A5A-E449-47DF-B7E7-0B913B40FCC0}] => (Allow) E:\SteamLibrary\SteamApps\common\GasGuzzlersExtreme\Bin32\GGDedicatedServerLauncher.exe No File
FirewallRules: [{24E29700-541D-4B21-8918-CCC29E88DDE3}] => (Allow) E:\SteamLibrary\SteamApps\common\GasGuzzlersExtreme\Bin32\GGDedicatedServerLauncher.exe No File
FirewallRules: [{A4FAF5A2-2CAC-42B5-90D1-BA09B40C3D28}] => (Allow) E:\SteamLibrary\SteamApps\common\GasGuzzlersExtreme\Bin64\GasGuzzlers.exe No File
FirewallRules: [{4FE9C5B0-C24A-4027-9EEA-9BADA8563C08}] => (Allow) E:\SteamLibrary\SteamApps\common\GasGuzzlersExtreme\Bin64\GasGuzzlers.exe No File
FirewallRules: [{971E3438-8EF9-4131-BA17-53A81B3328BB}] => (Allow) E:\SteamLibrary\SteamApps\common\GasGuzzlersExtreme\Bin64\GGDedicatedServerLauncher.exe No File
FirewallRules: [{8E32A6A5-E4BE-4F46-A944-DC840693E9AE}] => (Allow) E:\SteamLibrary\SteamApps\common\GasGuzzlersExtreme\Bin64\GGDedicatedServerLauncher.exe No File
FirewallRules: [TCP Query User{13A32E03-1782-4E94-8977-9ABDC9414642}E:\steamlibrary\steamapps\common\aftermath\amlauncher.exe.new.exe] => (Allow) E:\steamlibrary\steamapps\common\aftermath\amlauncher.exe.new.exe No File
FirewallRules: [UDP Query User{14DBA9C3-07F5-46E8-9E6F-8F15BD92B079}E:\steamlibrary\steamapps\common\aftermath\amlauncher.exe.new.exe] => (Allow) E:\steamlibrary\steamapps\common\aftermath\amlauncher.exe.new.exe No File
FirewallRules: [TCP Query User{D571B168-E8FC-4143-A85A-B384D84646BF}E:\steamlibrary\steamapps\common\aftermath\aftermath.exe] => (Allow) E:\steamlibrary\steamapps\common\aftermath\aftermath.exe No File
FirewallRules: [UDP Query User{A655EDA5-8C29-420B-A7FE-38D99B517B33}E:\steamlibrary\steamapps\common\aftermath\aftermath.exe] => (Allow) E:\steamlibrary\steamapps\common\aftermath\aftermath.exe No File
FirewallRules: [{B9B8C2E6-A705-4282-897C-7FB7177DC1AE}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe No File
FirewallRules: [{5510D096-DFFC-4EF8-9753-E57ACAF3FC7C}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe No File
FirewallRules: [{8436DF7F-3C11-409D-9DD1-803C4D12D9C0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe No File
FirewallRules: [{12F8329A-253D-4EFA-ADA1-70ACE822720F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe No File
FirewallRules: [{42311350-CFAF-4918-8877-26E9CA0EBDED}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe No File
FirewallRules: [{31A91B6D-4805-4C75-85FC-3297EBEA6F0A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe No File
FirewallRules: [{7F00E243-478C-46FA-8C3E-53D3E99C2F37}] => (Allow) E:\SteamLibrary\SteamApps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe No File
FirewallRules: [{F783C78F-E4C1-4F89-854A-2CEF7D2AE76B}] => (Allow) E:\SteamLibrary\SteamApps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe No File
FirewallRules: [TCP Query User{5B8FA03C-E0BC-4076-A64D-00F00327DF0B}E:\program files (x86)\ubisoft\far cry 4\bin\farcry4.exe] => (Block) E:\program files (x86)\ubisoft\far cry 4\bin\farcry4.exe No File
FirewallRules: [UDP Query User{E8BC8CC6-92F3-4846-9C32-842E75BE0E1E}E:\program files (x86)\ubisoft\far cry 4\bin\farcry4.exe] => (Block) E:\program files (x86)\ubisoft\far cry 4\bin\farcry4.exe No File
FirewallRules: [{190B5B1A-8686-41F7-8747-648EDBE3F71F}] => (Allow) E:\JUEGOS\ubi GRFS\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX11.exe No File
FirewallRules: [{86828B89-A5EF-4FB7-A062-1C92F2874AA6}] => (Allow) E:\JUEGOS\ubi GRFS\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX11.exe No File
FirewallRules: [{F0B604F2-353D-49D9-B70B-59158EA63814}] => (Allow) E:\JUEGOS\ubi GRFS\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX9.exe No File
FirewallRules: [{CD32B3B8-8F05-4B46-B8A7-E7B4C0E6A42C}] => (Allow) E:\JUEGOS\ubi GRFS\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX9.exe No File
FirewallRules: [TCP Query User{110F6F5A-007E-43E6-A4E1-9E12EFAE4CA8}E:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) E:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe No File
FirewallRules: [UDP Query User{B01F1546-DF6C-49DE-ADBC-1D8B317F6474}E:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) E:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe No File
FirewallRules: [{198D7E6A-0976-43DA-8A37-988C7E0BC915}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{104C58F6-E864-47C5-BD47-C02543E8605C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{0D4DC6FA-9CE1-4F98-8AB6-19EE00E31264}E:\steamlibrary\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) E:\steamlibrary\steamapps\common\trine 3\trine3_64bit.exe No File
FirewallRules: [UDP Query User{F7D15C6D-DBB2-4FAC-A6FC-554B5729D140}E:\steamlibrary\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) E:\steamlibrary\steamapps\common\trine 3\trine3_64bit.exe No File
FirewallRules: [TCP Query User{D41DDF44-4548-4D26-A33C-4DA0E5FF90DF}E:\juegos\far cry primal\bin\fcprimal.exe] => (Block) E:\juegos\far cry primal\bin\fcprimal.exe No File
FirewallRules: [UDP Query User{B4C66135-9DEB-4E09-B2F8-F4442BB029DD}E:\juegos\far cry primal\bin\fcprimal.exe] => (Block) E:\juegos\far cry primal\bin\fcprimal.exe No File
FirewallRules: [TCP Query User{6A2CF064-3945-4F0E-A2D9-CF9AD225178B}E:\juegos\sameer hirezi\one sole purpose relaunched edition\onesolepurpose\onesolepurpose\binaries\win64\onesolepurpose-win64-shipping.exe] => (Block) E:\juegos\sameer hirezi\one sole purpose relaunched edition\onesolepurpose\onesolepurpose\binaries\win64\onesolepurpose-win64-shipping.exe No File
FirewallRules: [UDP Query User{7E7A91C7-CEEA-4BC9-B7E6-39FA49F96A4D}E:\juegos\sameer hirezi\one sole purpose relaunched edition\onesolepurpose\onesolepurpose\binaries\win64\onesolepurpose-win64-shipping.exe] => (Block) E:\juegos\sameer hirezi\one sole purpose relaunched edition\onesolepurpose\onesolepurpose\binaries\win64\onesolepurpose-win64-shipping.exe No File
FirewallRules: [{AC518C0C-5C63-41A8-BDFF-5D13DDDDD44B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe No File
FirewallRules: [{6AE7FF73-DAB5-43DC-A6A4-A4535AE119DB}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe No File
FirewallRules: [{7D75E167-A37A-4E68-8E97-D021E549D239}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe No File
FirewallRules: [{C7F8E2F2-B8E6-49E3-B1DE-F824D2528D3A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe No File
FirewallRules: [{6804346B-B23E-4326-8CB8-C50F5E1D18E8}] => (Allow) E:\SteamLibrary\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe No File
FirewallRules: [{0A79C651-136E-4774-B52F-962E708FA28E}] => (Allow) E:\SteamLibrary\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe No File
FirewallRules: [{74EC601C-5061-4316-8772-EFA18360AE28}] => (Allow) E:\SteamLibrary\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe No File
FirewallRules: [{818B55F1-E443-4291-9A7B-877444A0255B}] => (Allow) E:\SteamLibrary\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe No File
FirewallRules: [TCP Query User{22C0625C-0A5B-42F1-9917-A9771717A67A}E:\juegos\shadowcomplex\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) E:\juegos\shadowcomplex\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{DDC2F429-75BF-4A55-A4DC-F891E928667F}E:\juegos\shadowcomplex\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) E:\juegos\shadowcomplex\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{67501ADA-ECF1-4EFE-B89B-05BFBD02AD9C}E:\juegos\shadowcomplex\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\juegos\shadowcomplex\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{65CF1DCC-763A-4CCF-BF72-E797365D6F0F}E:\juegos\shadowcomplex\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\juegos\shadowcomplex\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [{E2CF3125-691C-4BFB-BA3A-2165591C5326}] => (Allow) E:\SteamLibrary\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe No File
FirewallRules: [{68E62764-7C12-4535-A5D9-DE112EBE3B31}] => (Allow) E:\SteamLibrary\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe No File
FirewallRules: [TCP Query User{2ED96298-4F78-4F44-8444-FC7F4C48416C}E:\juegos\far cry primal\bin\fcprimal.exe] => (Block) E:\juegos\far cry primal\bin\fcprimal.exe No File
FirewallRules: [UDP Query User{3D46A004-4525-4E76-8434-39268A6090AF}E:\juegos\far cry primal\bin\fcprimal.exe] => (Block) E:\juegos\far cry primal\bin\fcprimal.exe No File
FirewallRules: [{329A2319-1AD5-4EBC-8F09-B99B405175CA}] => (Allow) E:\JUEGOS\Nueva carpeta\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX11.exe No File
FirewallRules: [{7F7A3889-D614-4EA3-ADFB-EE0BB2A6FE4D}] => (Allow) E:\JUEGOS\Nueva carpeta\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX11.exe No File
FirewallRules: [{4140E52A-D9FE-401F-8CA3-A1E38D0E8E3B}] => (Allow) E:\JUEGOS\Nueva carpeta\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX9.exe No File
FirewallRules: [{B8F6468A-26B1-4A15-8A74-A24751DFC1C2}] => (Allow) E:\JUEGOS\Nueva carpeta\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX9.exe No File
FirewallRules: [TCP Query User{8FF79080-D725-44F0-938D-3EC2BA71DED8}E:\steamlibrary\steamapps\common\postal redux\postalredux\binaries\win64\postalredux-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\postal redux\postalredux\binaries\win64\postalredux-win64-shipping.exe No File
FirewallRules: [UDP Query User{4D65D367-18F2-4D93-96D8-63AA56E950B4}E:\steamlibrary\steamapps\common\postal redux\postalredux\binaries\win64\postalredux-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\postal redux\postalredux\binaries\win64\postalredux-win64-shipping.exe No File
FirewallRules: [TCP Query User{623E11FD-F39C-46FC-85E2-180AE543BE29}E:\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) E:\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe No File
FirewallRules: [UDP Query User{C25FD0A9-DD76-4924-A8CB-1EF5063F67ED}E:\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) E:\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe No File
FirewallRules: [TCP Query User{6ECBB39A-AE72-4FD2-B232-F83F3072FD59}E:\steamlibrary\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe] => (Allow) E:\steamlibrary\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe No File
FirewallRules: [UDP Query User{7C8AE55C-8C38-4199-93E8-54DAB1B4BECA}E:\steamlibrary\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe] => (Allow) E:\steamlibrary\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe No File

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************
Processes closed successfully.
Restore point was successfully created.
"HKU\S-1-5-21-285307178-3440860486-1967224458-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{12d9ba85-60b2-11e8-b9d2-94de80617526} => removed successfully
HKLM\Software\Classes\CLSID\{12d9ba85-60b2-11e8-b9d2-94de80617526} => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1BF2EA8A-4EC9-467C-AD94-9CF45AE12610}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BF2EA8A-4EC9-467C-AD94-9CF45AE12610}" => removed successfully
C:\Windows\System32\Tasks\{ED1BA117-5776-43E4-BD93-FAD621658F11} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ED1BA117-5776-43E4-BD93-FAD621658F11}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3C188968-0B05-41C9-B4EF-DE40BFA25A79}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C188968-0B05-41C9-B4EF-DE40BFA25A79}" => removed successfully
C:\Windows\System32\Tasks\0 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C62BA1A-A08A-42D4-9543-A99C24AAFCA9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C62BA1A-A08A-42D4-9543-A99C24AAFCA9}" => removed successfully
C:\Windows\System32\Tasks\{FAA35615-8DF8-451E-8217-CFE36810C692} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FAA35615-8DF8-451E-8217-CFE36810C692}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63FFBECF-9BB0-4331-9DCF-8FBF96065824}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63FFBECF-9BB0-4331-9DCF-8FBF96065824}" => removed successfully
C:\Windows\System32\Tasks\{8C6723F9-9935-4E88-ADE2-288DA4144738} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8C6723F9-9935-4E88-ADE2-288DA4144738}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{723111A6-C239-4EA6-A375-E2792D9D2395}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{723111A6-C239-4EA6-A375-E2792D9D2395}" => removed successfully
C:\Windows\System32\Tasks\{DED911AB-48C5-4FFC-A50C-0E02BA37948A} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DED911AB-48C5-4FFC-A50C-0E02BA37948A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C4862227-E032-4482-8002-861C3CCBA847}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4862227-E032-4482-8002-861C3CCBA847}" => removed successfully
C:\Windows\System32\Tasks\{6FF9A7A7-2361-40C8-9D70-1DF1E586FC29} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6FF9A7A7-2361-40C8-9D70-1DF1E586FC29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F4853B22-EA72-4A82-9B8C-E06B0A4E8A76}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4853B22-EA72-4A82-9B8C-E06B0A4E8A76}" => removed successfully
C:\Windows\System32\Tasks\{9EFFAB6B-26E1-4917-AB69-6404C7A5ED35} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9EFFAB6B-26E1-4917-AB69-6404C7A5ED35}" => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-285307178-3440860486-1967224458-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removed successfully
HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => removed successfully
HKLM\Software\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => not found
HKLM\Software\Classes\PROTOCOLS\Handler\skype4com => removed successfully
HKLM\Software\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} => not found
"HKU\S-1-5-21-285307178-3440860486-1967224458-1000\Software\Mozilla\Firefox\Extensions\\[email protected]" => removed successfully
HKU\S-1-5-21-285307178-3440860486-1967224458-1000\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=3.1.12.1 => removed successfully
"C:\Users\Alfredo\AppData\Roaming\ACEStream\player\npace_plugin.dll" => not found
HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\Google\Chrome\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully
a47ccpps => service not found.
IOMap => Unable to stop service.
HKLM\System\CurrentControlSet\Services\IOMap => not found
IOMap => service removed successfully
HKLM\System\CurrentControlSet\Services\X6va028 => removed successfully
X6va028 => service removed successfully
HKLM\System\CurrentControlSet\Services\xhunter1 => removed successfully
xhunter1 => service removed successfully
FXWebPlayer (HKLM-x32\...\FXWebPlayer) (Version:  - FX Interactive) <==== ATTENTION => Error: No automatic fix found for this entry.
HKU\S-1-5-21-285307178-3440860486-1967224458-1000_Classes\ChromeHTML => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1 => removed successfully
HKLM\Software\Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2 => removed successfully
HKLM\Software\Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3 => removed successfully
HKLM\Software\Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4 => removed successfully
HKLM\Software\Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => not found
"CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"" => removed successfully
"BVTFilter" => removed successfully
"BVTConsumer" => removed successfully
C:\Users\Alfredo => ":Heroes & Generals" ADS removed successfully
HKU\S-1-5-21-285307178-3440860486-1967224458-1000\Software\Classes\.exe => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F2FEB9BB-6FC0-493C-A188-B06CF39A5483}C:\juegos\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{45AC3FEE-E294-402E-B864-92FBAFCDA1F3}C:\juegos\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4E404AF9-5C23-4903-A5CF-C3F5430B1B42}C:\juegos\ride to hell retribution\binaries\win64\rth.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{32B71CA1-3D21-47A9-A32D-32C1B96B1E29}C:\juegos\ride to hell retribution\binaries\win64\rth.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C5B39CF5-38DB-42DC-B4EB-90A5D2F67816}C:\juegos\ride to hell retribution\binaries\win32\rthgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B28FDE2C-8140-42B1-A5A8-78EA7B7F59C0}C:\juegos\ride to hell retribution\binaries\win32\rthgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CEBB0E24-795C-4920-BCF8-8685DC2F753E}C:\juegos\ride to hell retribution\binaries\win64\rthgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E9226087-C931-4F45-92F4-2DA6D50F6CF8}C:\juegos\ride to hell retribution\binaries\win64\rthgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4CCB1154-C27A-4BFF-ABDF-072A9A9F08DF}C:\juegos\ride to hell retribution\binaries\win32\rth.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{18A5DE52-81F8-423F-BC4E-1DC6F1E0F2FD}C:\juegos\ride to hell retribution\binaries\win32\rth.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8F6A5205-61A6-48A4-ADF3-F1F94A83090F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F16F56FD-408A-493A-B8BB-E06C16AB61AA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{139AF63F-E713-43B2-B03C-8392B01F438B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{16C12BA5-B874-4C4E-A73C-4AE4126ECAB1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D681E182-F66E-42CA-8A25-53A981CE8CDA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{61A1CFAE-1332-40E0-829D-C1994C30FBBA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{79234726-A1DE-4643-8217-B0BB362AE36A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{10B6B192-C964-43FA-8975-621C2E601A0A}C:\juegos\aliens colonial marines\binaries\win32\acm.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FA75C86D-4BCB-40CF-99C7-9245C8C4DDCF}C:\juegos\aliens colonial marines\binaries\win32\acm.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C0319196-4D93-477B-B91D-95DE8CB720EE}C:\juegos\mohaa\mohaa.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A60A0017-30F8-4740-9E92-B5ECA7A72D30}C:\juegos\mohaa\mohaa.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9624B4E7-CA81-4BA4-8FF1-2BEC89F454AA}E:\steamlibrary\steamapps\common\medal of honor\mp\mohmpgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{33E55FCE-505A-4FD8-A64C-7917CD78CBBC}E:\steamlibrary\steamapps\common\medal of honor\mp\mohmpgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{32DC5FD2-6788-47B0-95B7-C2BE0E1F9E7A}E:\games\world_of_tanks\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{40C85A53-C094-43CD-AD82-C85C692A5214}E:\games\world_of_tanks\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E19AEDA4-0299-4EC6-8976-3FF17C99771D}E:\steamlibrary\steamapps\common\medal of honor\binaries\moh.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{19078478-934A-44C3-9F29-EBC656DB189F}E:\steamlibrary\steamapps\common\medal of honor\binaries\moh.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C8909647-9958-4A1C-B073-5B9C64E59E48}E:\steamlibrary\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A6802ADC-945B-4C44-B079-CE35F18752D3}E:\steamlibrary\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2E85CB5D-9416-4B7B-BA9B-D75D468F266C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{647E1AD0-A30D-48F8-9BD0-664888C792DE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5A528708-518D-4EC3-BB32-21D6CA0D37E1}C:\windows\kmsemulator.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DF582426-D422-4DD0-B15F-4F9F1F7A0D65}C:\windows\kmsemulator.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6D6C8067-6FF1-463B-B7DD-70F536A11205}E:\steamlibrary\steamapps\common\the incredible adventures of van helsing\vanhelsing_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7BA4B962-2D43-4517-8C1F-361914B928FF}E:\steamlibrary\steamapps\common\the incredible adventures of van helsing\vanhelsing_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{89A39DF0-BA3A-4D42-9088-681A264E28CB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2307AD5B-ED65-4D3C-BCBB-C32E0A392B38}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D09FA530-1C43-4263-9C2D-EB940D7F5A52}C:\program files (x86)\ci games\enemy front\bin32\enemyfront.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0D1695EA-E7EB-4FF7-B3C2-3C27857A3D02}C:\program files (x86)\ci games\enemy front\bin32\enemyfront.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D782380D-A73E-4726-A8E8-2586E9604638}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{560F2EF0-3B4E-43BE-BBCE-C20CCE7AA531}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B269ECC0-2B40-4A56-BF3B-F272B6078760}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A694C8A2-DA32-48A5-8CF1-6BB7AABC8C64}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{52718102-6BAA-489F-AE1F-545AE83BE6B9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0022E201-82EB-422E-8EA9-0814BBFDBB08}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{17A0AA5E-5E24-4CDC-94EF-1E0CD15DF3FF}E:\steamlibrary\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BE249719-40BD-4A2A-A69E-BF7F8BFC0DD7}E:\steamlibrary\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8B58F443-2318-4A74-B715-40A5D4330D2F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E1F92008-EC75-4E51-B4C0-917F102DE245}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DAB16C78-20FD-44AD-8BCC-02B46798DD71}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E391D846-E602-44F3-9385-C2BC14FA47BE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2A2980C1-697A-4359-9410-720EBE437A3D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{78888B02-1910-424A-B8AA-0DDA75E2DBDF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{715542AC-15A0-4D43-B38F-9DBADDFDF8DA}E:\steamlibrary\steamapps\common\cry of fear\cof.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C5423FF4-70C4-4195-8296-03C5C113B657}E:\steamlibrary\steamapps\common\cry of fear\cof.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{14671F40-BD1A-45CB-A862-C429AD63C897}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{75039FD9-CAEA-4D54-9764-7AFB4C974D92}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{584120B2-E4AD-4624-9B99-419A765BB495}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6EAE4D56-487B-4A88-B5C0-24F8A68E6C6F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BD0F347C-DD2C-4385-AC98-A7030DDE8126}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D9A50869-CAA6-4436-8622-636CFEF3475D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3369E006-0513-4768-9AEC-97AF9DBF98A3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{52A257B0-AC15-4BCB-A8FA-009270CCEA9C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A7C0F9AA-9AB7-438A-B79C-77EBAB1729A2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{346C46D1-A6ED-42FE-B92D-60FA8C801B3A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3E6A1D59-F9B1-4BB0-9F2B-7378C32ED6B6}E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F97B2ABD-21D0-451F-9C7B-553598A5D332}E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7291A1C5-A92C-41CB-BCCA-4A400F82BD91}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7383504E-9504-42BC-8EA9-829841BD98BD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{08E46379-E0D5-4CD3-A5DE-29902C15B716}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{195E6678-F1B1-4933-8122-9632D249CCB9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1208413F-8E9B-41D0-85CF-E9286BEF0B9F}E:\program files (x86)\emule\emule.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5A43A938-EAD1-4A68-95F3-DD77191583A7}E:\program files (x86)\emule\emule.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0FDA82D1-8D9A-4A08-89BC-6B8CA28A0C08}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{53F4D7AB-1247-4D2B-A383-F139F8ADEBB4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{414592AA-02B1-4C42-93AA-B8E0760818F6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7E01FD73-1309-4530-BA33-9183E016EE01}E:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{66BB1489-E30B-4794-BFDF-C39DA0B86A94}E:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E415D3B8-E910-4195-A58C-6F398880A64E}E:\steamlibrary\steamapps\common\trine 2\trine2_32bit.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D2799DDD-D3B3-408C-B77D-2A5A83CA4D4A}E:\steamlibrary\steamapps\common\trine 2\trine2_32bit.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{62F8D165-73C1-4797-A9B2-1CC2E6DD3741}E:\steamlibrary\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3D64CC39-0FA6-42F6-BF76-85316C47AEC1}E:\steamlibrary\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FD8AA620-7F3E-411D-B214-B73C0473AD2D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4A7FF705-29B8-4AAC-A51B-8877AC11F199}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{01A71042-414E-47AF-A913-EDEB25034BE9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BBE248B8-8D0C-4D7C-A29C-AA68F9C99E95}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{63034A5A-E449-47DF-B7E7-0B913B40FCC0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{24E29700-541D-4B21-8918-CCC29E88DDE3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A4FAF5A2-2CAC-42B5-90D1-BA09B40C3D28}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4FE9C5B0-C24A-4027-9EEA-9BADA8563C08}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{971E3438-8EF9-4131-BA17-53A81B3328BB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8E32A6A5-E4BE-4F46-A944-DC840693E9AE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{13A32E03-1782-4E94-8977-9ABDC9414642}E:\steamlibrary\steamapps\common\aftermath\amlauncher.exe.new.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{14DBA9C3-07F5-46E8-9E6F-8F15BD92B079}E:\steamlibrary\steamapps\common\aftermath\amlauncher.exe.new.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D571B168-E8FC-4143-A85A-B384D84646BF}E:\steamlibrary\steamapps\common\aftermath\aftermath.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A655EDA5-8C29-420B-A7FE-38D99B517B33}E:\steamlibrary\steamapps\common\aftermath\aftermath.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B9B8C2E6-A705-4282-897C-7FB7177DC1AE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5510D096-DFFC-4EF8-9753-E57ACAF3FC7C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8436DF7F-3C11-409D-9DD1-803C4D12D9C0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{12F8329A-253D-4EFA-ADA1-70ACE822720F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{42311350-CFAF-4918-8877-26E9CA0EBDED}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{31A91B6D-4805-4C75-85FC-3297EBEA6F0A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7F00E243-478C-46FA-8C3E-53D3E99C2F37}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F783C78F-E4C1-4F89-854A-2CEF7D2AE76B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5B8FA03C-E0BC-4076-A64D-00F00327DF0B}E:\program files (x86)\ubisoft\far cry 4\bin\farcry4.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E8BC8CC6-92F3-4846-9C32-842E75BE0E1E}E:\program files (x86)\ubisoft\far cry 4\bin\farcry4.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{190B5B1A-8686-41F7-8747-648EDBE3F71F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{86828B89-A5EF-4FB7-A062-1C92F2874AA6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F0B604F2-353D-49D9-B70B-59158EA63814}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CD32B3B8-8F05-4B46-B8A7-E7B4C0E6A42C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{110F6F5A-007E-43E6-A4E1-9E12EFAE4CA8}E:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B01F1546-DF6C-49DE-ADBC-1D8B317F6474}E:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{198D7E6A-0976-43DA-8A37-988C7E0BC915}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{104C58F6-E864-47C5-BD47-C02543E8605C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0D4DC6FA-9CE1-4F98-8AB6-19EE00E31264}E:\steamlibrary\steamapps\common\trine 3\trine3_64bit.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F7D15C6D-DBB2-4FAC-A6FC-554B5729D140}E:\steamlibrary\steamapps\common\trine 3\trine3_64bit.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D41DDF44-4548-4D26-A33C-4DA0E5FF90DF}E:\juegos\far cry primal\bin\fcprimal.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B4C66135-9DEB-4E09-B2F8-F4442BB029DD}E:\juegos\far cry primal\bin\fcprimal.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6A2CF064-3945-4F0E-A2D9-CF9AD225178B}E:\juegos\sameer hirezi\one sole purpose relaunched edition\onesolepurpose\onesolepurpose\binaries\win64\onesolepurpose-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7E7A91C7-CEEA-4BC9-B7E6-39FA49F96A4D}E:\juegos\sameer hirezi\one sole purpose relaunched edition\onesolepurpose\onesolepurpose\binaries\win64\onesolepurpose-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AC518C0C-5C63-41A8-BDFF-5D13DDDDD44B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6AE7FF73-DAB5-43DC-A6A4-A4535AE119DB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7D75E167-A37A-4E68-8E97-D021E549D239}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C7F8E2F2-B8E6-49E3-B1DE-F824D2528D3A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6804346B-B23E-4326-8CB8-C50F5E1D18E8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0A79C651-136E-4774-B52F-962E708FA28E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{74EC601C-5061-4316-8772-EFA18360AE28}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{818B55F1-E443-4291-9A7B-877444A0255B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{22C0625C-0A5B-42F1-9917-A9771717A67A}E:\juegos\shadowcomplex\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DDC2F429-75BF-4A55-A4DC-F891E928667F}E:\juegos\shadowcomplex\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{67501ADA-ECF1-4EFE-B89B-05BFBD02AD9C}E:\juegos\shadowcomplex\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{65CF1DCC-763A-4CCF-BF72-E797365D6F0F}E:\juegos\shadowcomplex\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E2CF3125-691C-4BFB-BA3A-2165591C5326}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{68E62764-7C12-4535-A5D9-DE112EBE3B31}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2ED96298-4F78-4F44-8444-FC7F4C48416C}E:\juegos\far cry primal\bin\fcprimal.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3D46A004-4525-4E76-8434-39268A6090AF}E:\juegos\far cry primal\bin\fcprimal.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{329A2319-1AD5-4EBC-8F09-B99B405175CA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7F7A3889-D614-4EA3-ADFB-EE0BB2A6FE4D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4140E52A-D9FE-401F-8CA3-A1E38D0E8E3B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B8F6468A-26B1-4A15-8A74-A24751DFC1C2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8FF79080-D725-44F0-938D-3EC2BA71DED8}E:\steamlibrary\steamapps\common\postal redux\postalredux\binaries\win64\postalredux-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4D65D367-18F2-4D93-96D8-63AA56E950B4}E:\steamlibrary\steamapps\common\postal redux\postalredux\binaries\win64\postalredux-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{623E11FD-F39C-46FC-85E2-180AE543BE29}E:\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C25FD0A9-DD76-4924-A8CB-1EF5063F67ED}E:\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6ECBB39A-AE72-4FD2-B232-F83F3072FD59}E:\steamlibrary\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7C8AE55C-8C38-4199-93E8-54DAB1B4BECA}E:\steamlibrary\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe" => removed successfully

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


Adaptador de Ethernet Conexi¢n de  rea local:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::2d11:da2f:1ce5:213f%11
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.11
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.0.1

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-285307178-3440860486-1967224458-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19655912 B
Java, Flash, Steam htmlcache => 524473914 B
Windows/system/drivers => 2922093 B
Edge => 0 B
Chrome => 193575 B
Firefox => 705111062 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 76416996 B
systemprofile32 => 5077947 B
LocalService => 0 B
NetworkService => 0 B
Alfredo => 268744748 B

RecycleBin => 1630073 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:16:45 ====

Hola @RobertPolson

Y cómo sigue el equipo?

Salu2

Hola, disculpa por no responder antes. Parece que está todo OK. Ya no presenta ninguno de los síntomas que tenía. Muchísimas gracias!!!. Una duda, ¿qué hacía el FXWebPlayer?, porque creo que lo tenía instalado hace años…:flushed:

Hola @RobertPolson

Estaba marcado para que sea desinstalado.


Para eliminar las herramientas utilizadas:

Descargas >> Delfix, a tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >> “Ejecutar como Administrador”)
  • Marca las casilla Remove disinfection tools y Purgue Sistem Restore
  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


Que bueno que hayamos podido resolver tu consulta…:+1:

Para otros problemas, ya sabes donde encontrarnos. :wink:

Tema Solucionado

Salu2.