Laptop se traba al abrir Chrome

#1

Hola a todos,

Tengo el problema de que enciendo mi laptop y todo bien, pero al momento de abrir Chrome se empieza a trabar. Con problemas logro abrir el administrador de tareas (porque se traba y tarda en reaccionar) y me aparecen de 14 a 16 procesos de Chrome, y el Disco anda a 100%.

P.D. Tengo Windows 10

¿Alguien podría ayudarme? Gracias de antemano. :slight_smile:

#2

Hola @Paracitbizkit

Bienvenido a esta etapa de InfoSpyware!!!

Realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga, instala y/o actualiza a las siguientes herramientas:

3.- Ejecutas respetando el orden los pasos:

CCleaner

Lo ejecutas usando su opción Limpiador de acuerdo su Manual:

  • Para borrar Cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.

  • NO necesitamos este reporte

AdwCleaner

Lo ejecutas.

  • Pulsa en el botón Escanear y espera a que se realice el proceso. Luego pulsa sobre el botón Limpiar.
  • Espera a que se complete. Si te pidiera reiniciar el sistema Aceptas.
  • Guarda el reporte que le aparecerá para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también puede encontrarse en “C:\AdwCleaner\AdwCleaner.txt”

Malwarebytes

  • No olvides actualizarlo.
  • Lee detenidamente su Manual
  • Realiza un Análisis Personalizado marcando todas las unidades
  • Pulsa en “Eliminar Seleccionados” para enviar lo encontrado a la cuarentena.
  • Reinicias el Sistema.
  • En el apartado del manual “Historial” >> Registros de Aplicación >> Scan Log/Registro de Análisis encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta.

4.- Nota Importante:

En tu próxima respuesta debes pegar los reportes de AdwCleaner y Malwarebytes.

Guía: ¿Como Pegar reportes en el Foro?

Nos comentas.

Salu2

#3

Hola @SanMar

Ya hice lo que me pediste, sólo que ayer, al finalizar el análisis personalizado con el Malwarebytes, me apareció una actualización de éste y no pude mandar a cuarentena los archivos infectados que encontró (eran 11). Volví a hacer el análisis, el cual tardó como 10 hrs aprox :tired_face: (el primer análisis duró como 3 hrs y media), pero esta vez sólo encontró 2 archivos infectados, los cuales sí pude eliminar.

Te pongo el reporte del AdwCleaner primero, seguido del primer reporte del Malwarebytes (3hrs y media) y después el último reporte (10 hrs).

#4
# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build:    01-30-2019
# Database: 2019-04-01.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-04-2019
# Duration: 00:00:20
# OS:       Windows 10 Home Single Language
# Cleaned:  44
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\IObit\Advanced SystemCare V7
Deleted       C:\Users\User\AppData\Roaming\IObit\Advanced SystemCare V7
Deleted       C:\ProgramData\IOBIT\Driver Booster
Deleted       C:\Program Files (x86)\IOBIT\Driver Booster
Deleted       C:\Users\User\AppData\Roaming\IOBIT\Driver Booster
Deleted       C:\_acestream_cache_
Deleted       C:\Users\User\AppData\LocalLow\.acestream
Deleted       C:\Users\User\AppData\Roaming\.acestream

***** [ Files ] *****

Deleted       C:\Windows\ServiceProfiles\NetworkService\Favorites\Booking.com.url
Deleted       C:\Windows\ServiceProfiles\LocalService\Favorites\Booking.com.url
Deleted       C:\Users\adria\Favorites\Booking.com.url
Deleted       C:\Users\DefaultAppPool\Favorites\Booking.com.url
Deleted       C:\Users\El Papu\Favorites\Booking.com.url
Deleted       C:\Users\User\Favorites\Booking.com.url

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Classes\pokki
Deleted       HKCU\Software\Classes\acestream
Deleted       HKCU\Software\RegisteredApplications|AceStream
Deleted       HKLM\Software\Wow6432Node\Classes\AppID\AmazonAppIE.dll
Deleted       HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
Deleted       HKLM\Software\Wow6432Node\IObit\Driver Booster
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Driver Booster_is1
Deleted       HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced
Deleted       HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{630E3475-EC0C-44A7-BB0A-62C7877CE7A9}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A507A455-B835-4C99-ABA5-45111CE9D0D0}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{407D524D-26BE-41F9-85EE-F4FA92B6F8CC}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B5898173-7A5C-40B9-AFED-D9B10CF11A16}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FDA95C8A-69FC-4A53-B9F6-37E6BD3764EA}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E0204DF1-0715-4135-94E2-21DC9BAA9EF7}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{57718529-61B4-4A2D-B650-13E41120B833}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{5FB2943F-AEAD-465A-8810-B560BAFCBF58}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{7EBAE8C0-D333-4CC9-92F3-D0D36CE21D6A}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A248D344-A3F8-461C-AF84-9518F1C0A176}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{04025370-7AF9-4CFE-A465-5EBB4E75683F}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{D0EA9E13-CB7F-4914-ADA5-A1EE6CCDF584}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{2B087707-F52E-461F-878A-B89F6F170D03}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{3D6CEEDA-AE60-4CFB-8E78-C201DDC17357}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{395C0125-4EB2-41A6-BB56-FBF5CC3E50C1}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FF2210B7-5470-46A4-A3EB-FC93FFA0C035}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{5314E56B-6E82-42B1-B51F-4BD877769258}C:\users\user\appdata\roaming\soda player\acestream\engine\ace_engine.exe
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{EB8F5713-0BA0-4E21-B1EE-B1F760162DC1}C:\users\user\appdata\roaming\soda player\acestream\engine\ace_engine.exe
Deleted       HKCU\Software\Classes\.acestream
Deleted       HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}

***** [ Chromium (and derivatives) ] *****

Deleted       MSN Homepage & Bing Search Engine

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6481 octets] - [04/04/2019 00:29:23]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
#5

Primer análisis

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 4/4/19
Hora del análisis: 0:46
Archivo de registro: 55424e56-56a5-11e9-846f-7a79195e1f30.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.538
Versión del paquete de actualización: 1.0.9998
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.648)
CPU: x64
Sistema de archivos: NTFS
Usuario: PC\User

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 391235
Amenazas detectadas: 11
Amenazas en cuarentena: 0
Tiempo transcurrido: 3 hr, 37 min, 25 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 11
RiskWare.ExtensionMismatch, C:\PROGRAMDATA\INSTALL\DMPROFILES\LIVEKERNELREPORTS\V4.0_4.0.0.0__B77A5C561934E089\SYSTEM.WORKFLOW.RUNTIME\V4.0_4.0.0.0__31BF3856AD364E35\APP_DATA\MAPS\RO-RO\ISSUANCE\ES\PROVAUTOLOGGER_DEL.REG, Sin acciones por parte del usuario, [10804], [85604],1.0.9998
RiskWare.ExtensionMismatch, C:\PROGRAMDATA\INSTALL\DMPROFILES\LIVEKERNELREPORTS\V4.0_4.0.0.0__B77A5C561934E089\SYSTEM.WORKFLOW.RUNTIME\V4.0_4.0.0.0__31BF3856AD364E35\APP_DATA\MAPS\RO-RO\ISSUANCE\SCHEMAS\BASE\IMAGES\CORTANAANIMATION.GIF, Sin acciones por parte del usuario, [10804], [79309],1.0.9998
RiskWare.ExtensionMismatch, C:\PROGRAMDATA\INSTALL\DMPROFILES\LIVEKERNELREPORTS\V4.0_4.0.0.0__B77A5C561934E089\SYSTEM.WORKFLOW.RUNTIME\V4.0_4.0.0.0__31BF3856AD364E35\APP_DATA\MAPS\RO-RO\ISSUANCE\SCHEMAS\BASE\IMAGES\CORTANAANIMATIONJA.GIF, Sin acciones por parte del usuario, [10804], [79309],1.0.9998
RiskWare.ExtensionMismatch, C:\PROGRAMDATA\INSTALL\DMPROFILES\LIVEKERNELREPORTS\V4.0_4.0.0.0__B77A5C561934E089\SYSTEM.WORKFLOW.RUNTIME\V4.0_4.0.0.0__31BF3856AD364E35\APP_DATA\MAPS\RO-RO\SKUS\SMBSHARE\DOM\FONTS\OOBE-BOOKEND-CORTANAIN.GIF, Sin acciones por parte del usuario, [10804], [79309],1.0.9998
RiskWare.ExtensionMismatch, C:\PROGRAMDATA\INSTALL\DMPROFILES\LIVEKERNELREPORTS\V4.0_4.0.0.0__B77A5C561934E089\SYSTEM.WORKFLOW.RUNTIME\V4.0_4.0.0.0__31BF3856AD364E35\APP_DATA\MAPS\RO-RO\SKUS\SMBSHARE\DOM\FONTS\OOBE-CORTANA-EXCITED.GIF, Sin acciones por parte del usuario, [10804], [79309],1.0.9998
RiskWare.ExtensionMismatch, C:\PROGRAMDATA\INSTALL\DMPROFILES\LIVEKERNELREPORTS\V4.0_4.0.0.0__B77A5C561934E089\SYSTEM.XML.XMLSERIALIZER\GRADIENT_ONWHITE.GIF, Sin acciones por parte del usuario, [10804], [79309],1.0.9998
RiskWare.ExtensionMismatch, C:\PROGRAMDATA\INSTALL\DMPROFILES\LIVEKERNELREPORTS\V4.0_4.0.0.0__B77A5C561934E089\SYSTEM.XML.XMLSERIALIZER\SELECTEDTAB_RIGHTCORNER.GIF, Sin acciones por parte del usuario, [10804], [79309],1.0.9998
RiskWare.ExtensionMismatch, C:\PROGRAMDATA\INSTALL\DMPROFILES\LIVEKERNELREPORTS\V4.0_4.0.0.0__B77A5C561934E089\SYSTEM.XML.XMLSERIALIZER\SELECTEDTAB_LEFTCORNER.GIF, Sin acciones por parte del usuario, [10804], [79309],1.0.9998
RiskWare.ExtensionMismatch, C:\PROGRAMDATA\INSTALL\DMPROFILES\LIVEKERNELREPORTS\V4.0_4.0.0.0__B77A5C561934E089\XAMLBUILDTASK\FOLDER.GIF, Sin acciones por parte del usuario, [10804], [79309],1.0.9998
RiskWare.Tool.HCK, C:\USERS\USER\DOCUMENTS\MEGASYNC DOWNLOADS\SONY.SOUND.FORGE.PRO.V11 DTG\SONY.SOUND.FORGE.PRO.V11 DTG\SONY.PRODUCTS.MULTIKEYGEN.V2.5.KEYGEN.AND.PATCH.ONLY-DI\KEYGEN.EXE, Sin acciones por parte del usuario, [7631], [64789],1.0.9998
HackTool.FilePatch, C:\USERS\USER\DOWNLOADS\SOFTWARES\AMPED.RAR, Sin acciones por parte del usuario, [7753], [281135],1.0.9998

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
#6

Segundo análisis

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 4/4/19
Hora del análisis: 10:50
Archivo de registro: cbbb64ce-56f9-11e9-a352-7a79195e1f30.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.563
Versión del paquete de actualización: 1.0.10004
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.648)
CPU: x64
Sistema de archivos: NTFS
Usuario: PC\User

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 652920
Amenazas detectadas: 2
Amenazas en cuarentena: 2
Tiempo transcurrido: 10 hr, 58 min, 52 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 2
RiskWare.Tool.HCK, C:\USERS\USER\DOCUMENTS\MEGASYNC DOWNLOADS\SONY.SOUND.FORGE.PRO.V11 DTG\SONY.SOUND.FORGE.PRO.V11 DTG\SONY.PRODUCTS.MULTIKEYGEN.V2.5.KEYGEN.AND.PATCH.ONLY-DI\KEYGEN.EXE, En cuarentena, [7633], [64789],1.0.10004
HackTool.FilePatch, C:\USERS\USER\DOWNLOADS\SOFTWARES\AMPED.RAR, En cuarentena, [7755], [281135],1.0.10004

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
#7

Inicia el Chrome en modo incognito Ve a Opciones Avanzadas y “restaura los valores predeterminados originales de la configuracion” Suerte

1 me gusta
#8

Hola @Paracitbizkit

Tal como te comenta @inorganico0 restaura tu navegador Google Chrome pero de acuerdo a los valores del siguiente enlace:

PUP/Adware en: Google Chrome

Luego realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

3.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

#9

Te dejo los reportes del análisis. Como ambos son muy largos, te los dejo en dos post cada uno.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by User (administrator) on PC (05-04-2019 17:25:50)
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User & El Papu & adria & DefaultAppPool)
Platform: Windows 10 Home Single Language Version 1803 17134.648 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Nitro Software, Inc. -> Nitro PDF Software) C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(DEVGURU CO LTD -> DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\MsMpEng.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\NisSrv.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Google Inc -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(File-New-Project) [File not signed] C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.1.1.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5258552 2018-09-25] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4357560 2017-06-13] (Stardock Corporation -> Stardock Corporation) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4426560 2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46504696 2018-12-07] (Google Inc -> )
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [15596200 2018-02-01] (SAND STUDIO LIMITED -> Sand Studio)
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\Run: [BingSvc] => C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2017-12-26] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\Run: [Discord] => C:\Users\User\AppData\Local\Discord\app-0.0.304\Discord.exe [81747288 2019-01-15] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\Run: [Fences] => c:\program files (x86)\stardock\fences\Fences.exe [4357560 2017-06-13] (Stardock Corporation -> Stardock Corporation) [File not signed]
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\Installer\chrmstp.exe [2019-03-25] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-04-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-04-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2018-09-25]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar a OneNote.lnk [2019-01-22]
ShortcutTarget: Enviar a OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2015-10-24]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\QuickLook.lnk [2019-01-15]
ShortcutTarget: QuickLook.lnk -> C:\Users\User\AppData\Local\Programs\QuickLook\QuickLook.exe (pooi.moe) [File not signed]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{5372e9ca-de98-46b8-955c-9c2e170c6b94}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{5372e9ca-de98-46b8-955c-9c2e170c6b94}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{a3900886-f88b-4a54-820b-317808288708}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{e2c642c8-f89d-4bd5-bc15-f1372e610b9f}: [DhcpNameServer] 192.168.100.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-05-22] (IObit Information Technology -> IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-03-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-06-11] (Oracle America, Inc. -> Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Skype Software Sarl -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-11] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-01-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Skype Software Sarl -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2019-02-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-20] (Oracle America, Inc. -> Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-29] (McAfee, Inc. -> McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-29] (McAfee, Inc. -> McAfee, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-02-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-02-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-02-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-02-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-29] (McAfee, Inc. -> McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-29] (McAfee, Inc. -> McAfee, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Skype Software Sarl -> Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Skype Software Sarl -> Microsoft Corporation)

Edge: 
======
Edge Extension: (AdGuard AdBlocker) -> EdgeExtension_AdguardAdguardAdBlocker_m055xr0c82818 => C:\Program Files\WindowsApps\Adguard.AdguardAdBlocker_3.0.11.0_neutral__m055xr0c82818 [2019-04-02]

FireFox:
========
FF DefaultProfile: sntmgq7m.default
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sntmgq7m.default [2019-04-04]
FF Homepage: Mozilla\Firefox\Profiles\sntmgq7m.default -> google.com
FF NewTabOverride: Mozilla\Firefox\Profiles\sntmgq7m.default -> Enabled: [email protected]
FF Extension: (Pinned Messenger) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sntmgq7m.default\Extensions\[email protected] [2018-01-02]
FF Extension: (MEGA) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sntmgq7m.default\Extensions\[email protected] [2018-01-10] [UpdateUrl:hxxps://eu.static.mega.co.nz/3/firefox-web-extension-updates.json]
FF Extension: (Dictionary for Furigana Inserter) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sntmgq7m.default\Extensions\[email protected] [2017-08-26] [Legacy]
FF Extension: (Furigana Inserter) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sntmgq7m.default\Extensions\[email protected] [2016-03-30] [Legacy]
FF Extension: (Translate This!) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sntmgq7m.default\Extensions\[email protected] [2016-11-06] [Legacy]
FF Extension: (User-Agent Switcher) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sntmgq7m.default\Extensions\[email protected] [2016-09-21] [Legacy]
FF Extension: (Japanese Language Pack) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sntmgq7m.default\Extensions\[email protected] [2017-11-18] [Legacy]
FF Extension: (Rikaichan Japanese-English Dictionary File) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sntmgq7m.default\Extensions\[email protected] [2017-03-24] [Legacy]
FF Extension: (Avira SafeSearch Plus) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sntmgq7m.default\Extensions\[email protected] [2018-01-02] [UpdateUrl:hxxps://package.avira.com/package/safesearch/firefox/update-plus.rdf]
FF Extension: (Captura de página completa - FireShot) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sntmgq7m.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}.xpi [2017-11-18]
FF Extension: (Video DownloadHelper) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sntmgq7m.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-01-02]
FF Extension: (Adblock Plus) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sntmgq7m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-01-02]
FF Extension: (HTML Ruby) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sntmgq7m.default\Extensions\{e10bc159-aa26-41d8-aa24-65de9464ca5a}.xpi [2016-04-27] [Legacy]
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sntmgq7m.default\searchplugins\McSiteAdvisor.xml [2017-11-18]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-08-12] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-07-01] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-01-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-07-01] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-01-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-01-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-10-12] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3847050211-4158280976-3266699917-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-17] (Unity Technologies SF -> Unity Technologies ApS)

Chrome: 
=======
CHR HomePage: Default -> msn.com
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2019-04-05]
CHR Extension: (Google Traductor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-03-31]
CHR Extension: (Presentaciones) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Documentos) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-16]
CHR Extension: (Convertidor de moneda) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjjjlibfbckpecnmadinfloemodobgpe [2018-12-13]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-16]
CHR Extension: (Resaltador Weava - PDF & Web) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbnaodkpfinfiipjblikofhlhlcickei [2019-02-27]
CHR Extension: (uBlock Origin) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-04-03]
CHR Extension: (Just Read) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgmanlpmmkibanfdgjocnabmcaclkmod [2019-04-05]
CHR Extension: (Dark Reader) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2019-04-02]
CHR Extension: (Video Downloader professional) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2019-04-05]
CHR Extension: (Bing) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2019-04-05]
CHR Extension: (Hojas de cálculo) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (rikaikun) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jipdnfibhldikgcjhfnomkfpcebammhp [2018-09-02]
CHR Extension: (Extensity) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjmflmamggggndanpgfnpelongoepncg [2019-02-11]
CHR Extension: (Chrometana Pro - Redirect Cortana and Bing) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lllggmgeiphnciplalhefnbpddbadfdi [2019-01-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-09-24]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (ImTranslator: Traductor, Diccionario, Voz) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2019-04-02]
CHR Extension: (Evernote Web Clipper) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2019-04-03]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-16]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-02]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2019-04-04]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Skype Software Sarl -> Microsoft Corporation)
S3 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Skype Software Sarl -> Microsoft Corporation)
S3 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3053312 2014-06-26] (Acer Incorporated -> Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9677904 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-15] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-15] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3606120 2018-04-03] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated -> Acer Incorporated)
S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-10-12] (WildTangent Inc -> WildTangent)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [328624 2015-10-15] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206112 2017-06-14] (IObit Information Technology -> IObit)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporated -> Acer Incorporate)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [158952 2015-12-29] (McAfee, Inc. -> McAfee, Inc.)
R2 NitroDriverReadSpool10; C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe [324760 2015-05-06] (Nitro Software, Inc. -> Nitro PDF Software)
S3 NitroUpdateService; C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe [418968 2015-05-06] (Nitro Software, Inc. -> )
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporated -> Acer Incorporate)
S3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] (CyberLink -> )
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5258552 2018-09-25] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-02] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (Acer Incorporated -> acer)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-02-23] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-02-23] (Microsoft Corporation -> Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Shenzhen Wondershare Information Technology Co., Ltd. -> Wondershare)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2258888 2018-12-19] (Wacom Technology Corporation -> Wacom Technology, Corp.)
S2 Hamachi2Svc; "C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe" -s [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-11] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-04-20] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-04-20] (Disc Soft Ltd -> Disc Soft Ltd)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [270912 2015-11-14] (DT Soft Ltd -> DT Soft Ltd)
S3 EvolveVirtualAdapter; C:\WINDOWS\System32\drivers\evolve.sys [21656 2015-10-27] (Echobit, LLC -> Echobit, LLC)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2015-08-06] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-09-06] (Martin Malik - REALiX -> REALiX(tm))
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [39904 2017-06-06] (IObit Information Technology -> IObit.com)
R3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegProcessFilter.sys [39792 2017-09-28] (IObit Information Technology -> IObit.com)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-04-04] (Malwarebytes Corporation -> Malwarebytes)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [80920 2015-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, Inc.)
S3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37448 2015-12-29] (McAfee, Inc. -> McAfee, Inc.)
R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824 2018-09-25] (SoftEther Corporation -> SoftEther Corporation)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [242688 2016-08-30] (Xiaomi Technology Inc -> QUALCOMM Incorporated)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2016-07-26] (Realtek Semiconductor Corp -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [419296 2017-08-01] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [50624 2018-09-25] (SoftEther Corporation -> SoftEther Corporation)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [264192 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit Information Technology -> IObit)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33448 2015-09-06] (Synaptics Incorporated -> Synaptics Incorporated)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [File not signed]
S3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [27064 2016-07-06] (Unified Intents AB -> Windows (R) Win 7 DDK provider)
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [9728 2016-12-18] (SunnysideSoft -> )
S3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [115608 2018-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.)
S3 wacomrouterfilter; C:\WINDOWS\System32\drivers\wacomrouterfilter.sys [17816 2018-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-02-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [333792 2019-02-23] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62432 2019-02-23] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
#10

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-05 17:25 - 2019-04-05 17:29 - 000037101 _____ C:\Users\User\Desktop\FRST.txt
2019-04-05 17:24 - 2019-04-05 17:25 - 000000000 ____D C:\FRST
2019-04-05 17:05 - 2019-04-05 17:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-04-05 16:30 - 2019-04-05 16:30 - 002434048 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2019-04-04 22:04 - 2019-04-04 22:04 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-04-04 17:28 - 2019-04-04 17:28 - 000005867 _____ C:\Users\User\Desktop\AdwCleaner[C00].txt
2019-04-04 00:28 - 2019-04-04 00:33 - 000000000 ____D C:\AdwCleaner
2019-04-04 00:15 - 2019-04-04 10:47 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-04-04 00:15 - 2019-04-04 00:15 - 000001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-04 00:15 - 2019-04-04 00:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-04 00:15 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-04-03 21:37 - 2019-04-03 21:37 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-04-03 14:59 - 2019-04-03 14:59 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-04-03 14:59 - 2019-04-03 14:59 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-04-03 14:59 - 2019-04-03 14:59 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-04-03 14:59 - 2019-04-03 14:59 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-04-03 12:12 - 2019-04-03 12:12 - 004093616 _____ C:\Users\adria\Downloads\3.Diseño de la estratégico de comunicación interna.pptm
2019-03-23 13:44 - 2019-03-23 13:44 - 000637642 _____ C:\Users\adria\Downloads\Conclusiones de técnicas cualitativas (1).pdf
2019-03-21 19:13 - 2019-03-21 19:13 - 000000000 ____D C:\Users\User\AppData\Local\Adobe
2019-03-21 19:13 - 2019-03-21 19:13 - 000000000 ____D C:\ProgramData\Adobe
2019-03-21 18:13 - 2019-03-21 19:04 - 000000000 ____D C:\Users\User\AppData\Roaming\Adobe
2019-03-21 18:04 - 2019-03-26 21:43 - 000000000 ____D C:\Users\User\Documents\English
2019-03-19 12:08 - 2019-03-19 12:08 - 000637642 _____ C:\Users\adria\Downloads\Conclusiones de técnicas cualitativas.pdf
2019-03-15 22:48 - 2019-04-02 21:22 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2019-03-15 15:45 - 2019-03-06 03:03 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-03-15 15:45 - 2019-03-06 02:44 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-03-15 15:45 - 2019-03-06 00:14 - 006568528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-03-15 15:44 - 2019-03-06 09:37 - 001616608 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-03-15 15:44 - 2019-03-06 09:17 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-03-15 15:44 - 2019-03-06 06:09 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-03-15 15:44 - 2019-03-06 03:29 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-03-15 15:44 - 2019-03-06 03:16 - 002822456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-03-15 15:44 - 2019-03-06 03:16 - 001188000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-03-15 15:44 - 2019-03-06 03:07 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-03-15 15:44 - 2019-03-06 03:07 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-03-15 15:44 - 2019-03-06 03:06 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-03-15 15:44 - 2019-03-06 03:04 - 002765856 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-03-15 15:44 - 2019-03-06 03:03 - 002465784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-03-15 15:44 - 2019-03-06 03:02 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-03-15 15:44 - 2019-03-06 02:36 - 022716928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-03-15 15:44 - 2019-03-06 02:36 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-03-15 15:44 - 2019-03-06 02:34 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-03-15 15:44 - 2019-03-06 02:32 - 003399168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-03-15 15:44 - 2019-03-06 02:31 - 007598592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-03-15 15:44 - 2019-03-06 02:31 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-03-15 15:44 - 2019-03-06 02:31 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-03-15 15:44 - 2019-03-06 02:29 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2019-03-15 15:44 - 2019-03-06 02:28 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-03-15 15:44 - 2019-03-06 02:28 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-03-15 15:44 - 2019-03-06 02:27 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-03-15 15:44 - 2019-03-06 00:17 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-03-15 15:44 - 2019-03-06 00:15 - 002253488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-03-15 15:44 - 2019-03-06 00:05 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-03-15 15:44 - 2019-03-05 23:56 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-03-15 15:44 - 2019-03-05 23:53 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-03-15 15:44 - 2019-03-05 23:53 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-03-15 15:44 - 2019-03-05 23:52 - 005790720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-03-15 15:44 - 2019-03-05 23:50 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-03-15 15:44 - 2019-03-05 23:49 - 004516352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-03-15 15:44 - 2019-02-16 07:02 - 002871304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-03-15 15:44 - 2019-02-16 07:02 - 001644040 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-03-15 15:44 - 2019-02-16 07:02 - 000808456 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-03-15 15:44 - 2019-02-16 07:02 - 000735752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-03-15 15:44 - 2019-02-16 07:02 - 000620040 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-03-15 15:44 - 2019-02-16 07:02 - 000460296 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-03-15 15:44 - 2019-02-16 06:53 - 001516416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-03-15 15:44 - 2019-02-16 06:34 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-03-15 15:44 - 2019-02-16 06:32 - 003646976 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-03-15 15:44 - 2019-02-16 06:31 - 001271808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2019-03-15 15:44 - 2019-02-16 06:22 - 001322176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-03-15 15:44 - 2019-02-16 06:06 - 002890752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-03-15 15:44 - 2019-02-16 04:24 - 023862272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-03-15 15:44 - 2019-02-16 04:22 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-03-15 15:44 - 2019-02-16 02:16 - 000511800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-03-15 15:44 - 2019-02-16 02:15 - 000505656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-03-15 15:44 - 2019-02-16 02:03 - 007901392 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2019-03-15 15:44 - 2019-02-16 02:03 - 005625360 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-03-15 15:44 - 2019-02-16 02:02 - 005821440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2019-03-15 15:44 - 2019-02-16 02:02 - 003291632 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-03-15 15:44 - 2019-02-16 02:01 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-03-15 15:44 - 2019-02-16 01:57 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-03-15 15:44 - 2019-02-16 01:51 - 002479168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-03-15 15:44 - 2019-02-16 01:50 - 001171336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-03-15 15:44 - 2019-02-16 01:37 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2019-03-15 15:44 - 2019-02-16 01:36 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2019-03-15 15:44 - 2019-02-16 01:36 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-03-15 15:44 - 2019-02-16 01:35 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-03-15 15:44 - 2019-02-16 01:35 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-03-15 15:44 - 2019-02-16 01:34 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2019-03-15 15:44 - 2019-02-16 01:33 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-03-15 15:44 - 2019-02-16 01:32 - 002969088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-03-15 15:44 - 2019-02-16 01:29 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-03-15 15:44 - 2019-02-16 01:28 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2019-03-15 15:44 - 2019-02-16 01:27 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2019-03-15 15:44 - 2019-02-16 01:26 - 001459712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-03-15 15:43 - 2019-03-06 09:39 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-03-15 15:43 - 2019-03-06 09:36 - 001047352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-03-15 15:43 - 2019-03-06 09:20 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-03-15 15:43 - 2019-03-06 09:19 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-03-15 15:43 - 2019-03-06 09:17 - 000810496 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-03-15 15:43 - 2019-03-06 09:17 - 000116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2019-03-15 15:43 - 2019-03-06 09:14 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-03-15 15:43 - 2019-03-06 09:14 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-03-15 15:43 - 2019-03-06 09:14 - 000488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-03-15 15:43 - 2019-03-06 09:13 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-03-15 15:43 - 2019-03-06 09:13 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-03-15 15:43 - 2019-03-06 09:13 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-03-15 15:43 - 2019-03-06 09:13 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-03-15 15:43 - 2019-03-06 09:12 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-03-15 15:43 - 2019-03-06 06:18 - 000918032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-03-15 15:43 - 2019-03-06 06:18 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-03-15 15:43 - 2019-03-06 06:10 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-03-15 15:43 - 2019-03-06 06:06 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-03-15 15:43 - 2019-03-06 06:05 - 004054016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-03-15 15:43 - 2019-03-06 06:05 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-03-15 15:43 - 2019-03-06 06:04 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-03-15 15:43 - 2019-03-06 06:04 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-03-15 15:43 - 2019-03-06 05:59 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-03-15 15:43 - 2019-03-06 03:16 - 001457032 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-03-15 15:43 - 2019-03-06 03:16 - 000776792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-03-15 15:43 - 2019-03-06 03:16 - 000722744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-03-15 15:43 - 2019-03-06 03:16 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-03-15 15:43 - 2019-03-06 03:16 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-03-15 15:43 - 2019-03-06 03:11 - 000493880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-03-15 15:43 - 2019-03-06 03:10 - 000248880 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-03-15 15:43 - 2019-03-06 03:07 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-03-15 15:43 - 2019-03-06 03:06 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-03-15 15:43 - 2019-03-06 03:06 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-03-15 15:43 - 2019-03-06 03:05 - 000439224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-03-15 15:43 - 2019-03-06 03:05 - 000436240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-03-15 15:43 - 2019-03-06 03:05 - 000159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-03-15 15:43 - 2019-03-06 03:04 - 000945464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-03-15 15:43 - 2019-03-06 03:04 - 000628024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpx.dll
2019-03-15 15:43 - 2019-03-06 03:03 - 002719544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-03-15 15:43 - 2019-03-06 03:03 - 001921848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-03-15 15:43 - 2019-03-06 03:03 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-03-15 15:43 - 2019-03-06 03:03 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-03-15 15:43 - 2019-03-06 03:03 - 000375608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-03-15 15:43 - 2019-03-06 03:02 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-03-15 15:43 - 2019-03-06 03:02 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-03-15 15:43 - 2019-03-06 03:02 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-03-15 15:43 - 2019-03-06 03:02 - 000626488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2019-03-15 15:43 - 2019-03-06 02:33 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-03-15 15:43 - 2019-03-06 02:32 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-03-15 15:43 - 2019-03-06 02:32 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-03-15 15:43 - 2019-03-06 02:31 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-03-15 15:43 - 2019-03-06 02:31 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-03-15 15:43 - 2019-03-06 02:31 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-03-15 15:43 - 2019-03-06 02:31 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-03-15 15:43 - 2019-03-06 02:31 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-03-15 15:43 - 2019-03-06 02:31 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-03-15 15:43 - 2019-03-06 02:31 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-03-15 15:43 - 2019-03-06 02:31 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-03-15 15:43 - 2019-03-06 02:29 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-03-15 15:43 - 2019-03-06 02:29 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-03-15 15:43 - 2019-03-06 02:29 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-03-15 15:43 - 2019-03-06 02:27 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-03-15 15:43 - 2019-03-06 02:27 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-03-15 15:43 - 2019-03-06 02:27 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-03-15 15:43 - 2019-03-06 02:26 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-03-15 15:43 - 2019-03-06 02:26 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-03-15 15:43 - 2019-03-06 02:26 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-03-15 15:43 - 2019-03-06 02:25 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-03-15 15:43 - 2019-03-06 01:08 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-03-15 15:43 - 2019-03-06 00:17 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-03-15 15:43 - 2019-03-06 00:15 - 000434488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-03-15 15:43 - 2019-03-06 00:14 - 000785568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-03-15 15:43 - 2019-03-06 00:14 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-03-15 15:43 - 2019-03-06 00:14 - 000450872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpx.dll
2019-03-15 15:43 - 2019-03-06 00:14 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-03-15 15:43 - 2019-03-06 00:13 - 000607248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-03-15 15:43 - 2019-03-05 23:52 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-03-15 15:43 - 2019-03-05 23:52 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-03-15 15:43 - 2019-03-05 23:51 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-03-15 15:43 - 2019-03-05 23:51 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-03-15 15:43 - 2019-03-05 23:51 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-03-15 15:43 - 2019-03-05 23:50 - 001347584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2019-03-15 15:43 - 2019-03-05 23:50 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-03-15 15:43 - 2019-03-05 23:49 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-03-15 15:43 - 2019-03-05 23:49 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-03-15 15:43 - 2019-03-05 23:48 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-03-15 15:43 - 2019-03-05 23:48 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-03-15 15:43 - 2019-02-20 21:26 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-03-15 15:43 - 2019-02-16 07:02 - 000322568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-03-15 15:43 - 2019-02-16 07:02 - 000147464 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-03-15 15:43 - 2019-02-16 07:02 - 000071176 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-03-15 15:43 - 2019-02-16 06:57 - 001048472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-03-15 15:43 - 2019-02-16 06:57 - 000506088 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-03-15 15:43 - 2019-02-16 06:56 - 000549520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-03-15 15:43 - 2019-02-16 06:56 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-03-15 15:43 - 2019-02-16 06:36 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-03-15 15:43 - 2019-02-16 06:34 - 001725952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-03-15 15:43 - 2019-02-16 06:34 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2019-03-15 15:43 - 2019-02-16 06:33 - 001786880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-03-15 15:43 - 2019-02-16 06:32 - 002051072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-03-15 15:43 - 2019-02-16 06:31 - 001003520 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-03-15 15:43 - 2019-02-16 06:31 - 000861184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-03-15 15:43 - 2019-02-16 06:31 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-03-15 15:43 - 2019-02-16 06:30 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-03-15 15:43 - 2019-02-16 06:30 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2019-03-15 15:43 - 2019-02-16 06:29 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-03-15 15:43 - 2019-02-16 06:29 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-03-15 15:43 - 2019-02-16 06:24 - 000444176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-03-15 15:43 - 2019-02-16 06:08 - 000373760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2019-03-15 15:43 - 2019-02-16 06:07 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-03-15 15:43 - 2019-02-16 06:07 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-03-15 15:43 - 2019-02-16 06:06 - 001530880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-03-15 15:43 - 2019-02-16 06:06 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-03-15 15:43 - 2019-02-16 06:06 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-03-15 15:43 - 2019-02-16 06:06 - 000765952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-03-15 15:43 - 2019-02-16 06:04 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-03-15 15:43 - 2019-02-16 02:15 - 000035640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-03-15 15:43 - 2019-02-16 02:05 - 000087800 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-03-15 15:43 - 2019-02-16 02:04 - 000193032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-03-15 15:43 - 2019-02-16 02:03 - 000510288 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-03-15 15:43 - 2019-02-16 02:02 - 001934800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-03-15 15:43 - 2019-02-16 02:02 - 001792712 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-03-15 15:43 - 2019-02-16 02:02 - 000705848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-03-15 15:43 - 2019-02-16 02:02 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-03-15 15:43 - 2019-02-16 02:02 - 000413712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-03-15 15:43 - 2019-02-16 02:01 - 001285424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-03-15 15:43 - 2019-02-16 02:01 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-03-15 15:43 - 2019-02-16 02:01 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-03-15 15:43 - 2019-02-16 02:01 - 001028920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-03-15 15:43 - 2019-02-16 02:01 - 000735464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-03-15 15:43 - 2019-02-16 02:01 - 000641984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-03-15 15:43 - 2019-02-16 02:01 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-03-15 15:43 - 2019-02-16 02:01 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-03-15 15:43 - 2019-02-16 02:01 - 000480840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-03-15 15:43 - 2019-02-16 02:01 - 000335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2019-03-15 15:43 - 2019-02-16 02:01 - 000161664 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2019-03-15 15:43 - 2019-02-16 01:53 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-03-15 15:43 - 2019-02-16 01:51 - 001584536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-03-15 15:43 - 2019-02-16 01:51 - 000170952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2019-03-15 15:43 - 2019-02-16 01:50 - 001805648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-03-15 15:43 - 2019-02-16 01:50 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-03-15 15:43 - 2019-02-16 01:50 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-03-15 15:43 - 2019-02-16 01:50 - 000560384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-03-15 15:43 - 2019-02-16 01:50 - 000504072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2019-03-15 15:43 - 2019-02-16 01:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-03-15 15:43 - 2019-02-16 01:34 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-03-15 15:43 - 2019-02-16 01:33 - 006646784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2019-03-15 15:43 - 2019-02-16 01:33 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-03-15 15:43 - 2019-02-16 01:33 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2019-03-15 15:43 - 2019-02-16 01:33 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2019-03-15 15:43 - 2019-02-16 01:33 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-03-15 15:43 - 2019-02-16 01:32 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2019-03-15 15:43 - 2019-02-16 01:31 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2019-03-15 15:43 - 2019-02-16 01:31 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2019-03-15 15:43 - 2019-02-16 01:31 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-03-15 15:43 - 2019-02-16 01:31 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-03-15 15:43 - 2019-02-16 01:30 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2019-03-15 15:43 - 2019-02-16 01:30 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2019-03-15 15:43 - 2019-02-16 01:30 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2019-03-15 15:43 - 2019-02-16 01:30 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2019-03-15 15:43 - 2019-02-16 01:30 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2019-03-15 15:43 - 2019-02-16 01:30 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2019-03-15 15:43 - 2019-02-16 01:30 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-03-15 15:43 - 2019-02-16 01:29 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-03-15 15:43 - 2019-02-16 01:28 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2019-03-15 15:43 - 2019-02-16 01:28 - 002585600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-03-15 15:43 - 2019-02-16 01:28 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2019-03-15 15:43 - 2019-02-16 01:28 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2019-03-15 15:43 - 2019-02-16 01:28 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-03-15 15:43 - 2019-02-16 01:27 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2019-03-15 15:43 - 2019-02-16 01:27 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-03-15 15:43 - 2019-02-16 01:26 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2019-03-15 15:43 - 2019-02-16 01:26 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2019-03-15 15:43 - 2019-02-16 01:26 - 000935424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-03-15 15:43 - 2019-02-16 01:26 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-03-15 15:43 - 2019-02-16 01:25 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2019-03-15 15:43 - 2019-02-16 01:25 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-03-14 01:14 - 2019-03-14 01:14 - 000612467 _____ C:\Users\adria\Downloads\CANALES-DE-DISTRIBUCIÓN.pptx
2019-03-13 14:09 - 2019-04-03 20:35 - 000000000 ____D C:\WINDOWS\Minidump

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-05 17:21 - 2018-07-18 15:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-05 17:07 - 2018-02-15 20:24 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-04-05 16:26 - 2018-04-11 17:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-05 16:25 - 2015-09-16 16:38 - 000000000 ___RD C:\Users\User\Google Drive
2019-04-05 16:18 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-05 16:17 - 2019-01-10 18:35 - 000000000 ____D C:\Users\User\AppData\Roaming\WTablet
2019-04-04 22:21 - 2018-04-11 17:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-04 21:58 - 2018-09-25 20:26 - 000000000 ____D C:\Program Files\SoftEther VPN Client
2019-04-04 21:57 - 2018-07-18 16:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-04 21:57 - 2015-09-06 19:52 - 000000000 ____D C:\Users\User\Downloads\Softwares
2019-04-04 00:36 - 2018-04-11 17:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-04 00:34 - 2018-04-11 15:04 - 001835008 _____ C:\WINDOWS\system32\config\BBI
2019-04-04 00:33 - 2018-07-18 16:00 - 000000000 ____D C:\Users\User\AppData\Roaming\IObit
2019-04-04 00:33 - 2015-09-06 17:14 - 000000000 ____D C:\ProgramData\IObit
2019-04-04 00:21 - 2018-07-18 16:55 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-04-04 00:21 - 2018-02-14 15:00 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-04-04 00:21 - 2018-02-14 15:00 - 000000000 ____D C:\Program Files\CCleaner
2019-04-04 00:15 - 2018-04-11 17:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-03 20:35 - 2018-04-20 20:28 - 000000000 ____D C:\Users\User\AppData\Roaming\DAEMON Tools Lite
2019-04-03 20:35 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-04-03 20:35 - 2017-08-01 17:14 - 000000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2019-04-03 14:50 - 2018-07-18 16:25 - 002004196 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-03 14:50 - 2018-04-12 10:18 - 000862728 _____ C:\WINDOWS\system32\perfh00A.dat
2019-04-03 14:50 - 2018-04-12 10:18 - 000185216 _____ C:\WINDOWS\system32\perfc00A.dat
2019-04-03 14:39 - 2019-01-15 23:24 - 000000000 ___RD C:\Users\adria\OneDrive
2019-04-03 14:35 - 2019-01-15 23:15 - 000000000 ____D C:\Users\adria\AppData\Roaming\WTablet
2019-04-03 12:13 - 2019-01-15 23:31 - 000003354 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3847050211-4158280976-3266699917-1005
2019-04-03 12:13 - 2019-01-15 23:14 - 000002405 _____ C:\Users\adria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-03 07:24 - 2018-05-20 17:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-04-02 21:26 - 2019-01-15 23:13 - 000000000 ____D C:\Users\adria
2019-04-02 21:26 - 2019-01-15 15:40 - 000000000 ____D C:\Users\El Papu
2019-04-02 21:26 - 2018-07-18 16:00 - 000000000 ____D C:\Users\DefaultAppPool
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\te-IN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\or-IN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\km-KH
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\is-IS
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\id-ID
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\be-BY
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\as-IN
2019-04-02 21:26 - 2018-04-12 10:22 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\system32\ta-in
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\system32\si-lk
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\system32\setup
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\system32\DDFs
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\system32\am-et
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-04-02 21:26 - 2018-04-11 17:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-04-02 21:26 - 2018-04-11 15:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-04-02 21:26 - 2016-09-08 15:43 - 000000000 ____D C:\Users\User\AppData\Local\ConnectedDevicesPlatform
2019-04-02 21:24 - 2018-04-11 15:04 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2019-04-02 21:24 - 2018-04-11 15:04 - 000000000 ____D C:\WINDOWS\servicing
2019-04-02 21:22 - 2018-04-20 20:20 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2019-04-02 21:22 - 2018-04-11 17:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-04-02 21:22 - 2017-10-01 18:51 - 000000000 ____D C:\Program Files\rempl
2019-04-02 21:22 - 2016-09-03 21:35 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-04-02 21:09 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2019-04-02 20:31 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\registration
2019-04-02 20:26 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\SystemResources
2019-04-02 20:19 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\appcompat
2019-04-02 20:12 - 2015-09-05 23:44 - 000000000 ____D C:\Program Files\Microsoft Office
2019-04-01 08:24 - 2019-01-15 15:41 - 000000000 ____D C:\Users\El Papu\AppData\Roaming\WTablet
2019-03-31 22:40 - 2018-07-18 16:55 - 000003352 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3847050211-4158280976-3266699917-1001
2019-03-31 22:39 - 2018-07-18 16:00 - 000002402 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-31 22:39 - 2015-09-06 00:50 - 000000000 ___RD C:\Users\User\OneDrive
2019-03-31 21:17 - 2019-01-15 16:04 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3847050211-4158280976-3266699917-1003
2019-03-31 21:17 - 2019-01-15 15:56 - 000000000 ___RD C:\Users\El Papu\OneDrive
2019-03-31 21:17 - 2019-01-15 15:40 - 000002411 _____ C:\Users\El Papu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-28 19:15 - 2018-07-18 16:55 - 000003554 _____ C:\WINDOWS\System32\Tasks\googleupdatetaskmachineua
2019-03-28 19:15 - 2018-07-18 16:55 - 000003460 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d27cd63c1c8a55
2019-03-26 21:43 - 2016-05-11 00:49 - 000000000 ____D C:\Users\User\AppData\Roaming\Nitro
2019-03-26 16:08 - 2018-02-18 01:21 - 000000000 ____D C:\ProgramData\ProductData
2019-03-25 16:00 - 2016-09-16 12:42 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-24 22:59 - 2016-05-10 21:23 - 000000000 ____D C:\Users\User\AppData\Local\Foxit Reader
2019-03-24 16:40 - 2018-01-18 19:23 - 000000132 _____ C:\Users\User\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2019-03-23 14:38 - 2019-01-15 23:15 - 000000000 ____D C:\Users\adria\AppData\Local\Packages
2019-03-16 21:21 - 2019-03-05 11:35 - 000017058 _____ C:\Users\El Papu\Desktop\LISTA DE ASISTENCIA.xlsx
2019-03-16 19:57 - 2018-10-11 11:10 - 000564384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-03-16 19:54 - 2018-04-11 17:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-03-16 19:54 - 2018-04-11 17:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-03-15 16:01 - 2018-04-11 17:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-03-14 23:38 - 2018-01-02 11:53 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2019-03-14 23:38 - 2017-12-21 14:39 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2019-03-13 15:55 - 2015-09-06 18:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-03-13 14:30 - 2015-09-06 18:54 - 127411920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-03-13 14:04 - 2018-07-18 16:55 - 000004192 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D326F461-079E-46C7-A750-EF208D0C0585}
2019-03-10 22:14 - 2018-05-20 01:46 - 000000000 ____D C:\Users\User\AppData\Roaming\vlc

==================== Files in the root of some directories =======

2018-01-18 19:23 - 2019-03-24 16:40 - 000000132 _____ () C:\Users\User\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2015-11-15 19:09 - 2017-08-06 22:26 - 000000173 _____ () C:\Users\User\AppData\Local\msmathematics.qat.User
2017-03-21 20:10 - 2017-03-21 20:10 - 000002396 _____ () C:\Users\User\AppData\Local\recently-used.xbel
2018-01-27 14:07 - 2018-01-27 14:07 - 000000000 _____ () C:\Users\User\AppData\Local\{E4C7B2AE-066B-4927-B5C3-F3D66CCCC0D7}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-07-18 15:51

==================== End of FRST.txt ============================
#11

Reporte Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by User (05-04-2019 17:31:30)
Running from C:\Users\User\Desktop
Windows 10 Home Single Language Version 1803 17134.648 (X64) (2018-07-18 22:58:39)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3847050211-4158280976-3266699917-500 - Administrator - Disabled)
adria (S-1-5-21-3847050211-4158280976-3266699917-1005 - Limited - Enabled) => C:\Users\adria
ASPNET (S-1-5-21-3847050211-4158280976-3266699917-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-3847050211-4158280976-3266699917-503 - Limited - Disabled)
El Papu (S-1-5-21-3847050211-4158280976-3266699917-1003 - Limited - Enabled) => C:\Users\El Papu
Invitado (S-1-5-21-3847050211-4158280976-3266699917-501 - Limited - Disabled)
User (S-1-5-21-3847050211-4158280976-3266699917-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-3847050211-4158280976-3266699917-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\uTorrent) (Version: 3.5.5.44954 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acer Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.03.2003 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.04.2006.0 - Acer Incorporated)
Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.04.2006.0 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.07.2004.3 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.4 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.18)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.)
Age of Empires III - The WarChiefs (HKLM-x32\...\{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (HKLM-x32\...\{993908C2-50E1-4CCB-9846-D663D340896C}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{993908C2-50E1-4CCB-9846-D663D340896C}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III Complete Collection versión 2016 (HKLM-x32\...\{B455443D-F006-4F9C-A2EF-BF941C13CD9B}_is1) (Version: 2016 - Microsoft Games)
AirDroid 3.6.1.0 (HKLM-x32\...\AirDroid) (Version: 3.6.1.0 - Sand Studio)
Aloha TriPeaks (HKLM-x32\...\WTA-d3caf3d4-454b-425c-8ea6-2eeac9d5e1b7) (Version: 2.2.0.98 - WildTangent) Hidden
Amazon 1Button App (HKLM-x32\...\{FF0A904E-8827-4F6E-9A59-900D4C997AD1}) (Version: 1.0.8 - Amazon) <==== ATTENTION
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.01.2008.3 - Acer Incorporated)
Aplicaciones híbridas para varios dispositivos con C# - Plantillas - ESN (HKLM-x32\...\{725EEDF0-1903-3B9E-B909-C7A199DCDB98}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Apple Application Support (32 bits) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Avira Launcher (HKLM-x32\...\{34CE35A5-BC22-4045-9F05-6C411D3A74DB}) (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Hidden
Backup and Sync from Google (HKLM\...\{693CADB0-962B-4AC1-A939-9524B258C997}) (Version: 3.43.2448.9071 - Google, Inc.)
Bejeweled 2 Deluxe (HKLM-x32\...\WTA-6ffbd16f-c9da-4db5-8ee7-a5a353d503ac) (Version: 2.2.0.95 - WildTangent) Hidden
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\{47A0EA10-D506-4473-AE99-5E07DD1062DE}) (Version: 2.77.1 - Blender Foundation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CC Magic (HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\CC Magic) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
Cuphead (HKLM-x32\...\Cuphead_is1) (Version:  - )
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.8.0.0410 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\Discord) (Version: 0.0.304 - Discord Inc.)
Diseñador de XAML de Microsoft Visual Studio 2015 - ESN (HKLM-x32\...\{EA378FC8-C2DF-3E7F-B283-8B5DB433539C}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 70.4.93 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
EdgeDeflector (HKLM-x32\...\EdgeDeflector) (Version:  - )
Ensamblados de Windows Phone SDK 8.0 para Visual Studio 2015 - ESN (HKLM-x32\...\{A31ABF1C-DFC1-32BB-966E-E987A3AACAC0}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
EPSON Copy Utility 3 (HKLM-x32\...\{67EDD823-135A-4D59-87BD-950616D6E857}) (Version: 3.3.0.0 - )
Farm to Fork Collector's Edition (HKLM-x32\...\WTA-4168382e-0e44-4a31-a140-0c3f406cfe1e) (Version: 3.0.2.59 - WildTangent) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.2.0.9297 - Foxit Software Inc.)
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.86 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-afc72caa-ca80-43e7-abe1-a7c509b71281) (Version: 3.0.2.59 - WildTangent) Hidden
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version:  - Arobas Music)
Icecream Ebook Reader versión 5.07 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 5.07 - Icecream Apps)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
IHMC CmapTools v6.01.01 (HKLM-x32\...\IHMC CmapTools v6.01.01) (Version: 6.0.1.1 - Institute for Human & Machine Cognition)
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
Instalación de DivX (HKLM\...\DivX Setup) (Version: 3.0.0.255 - DivX, LLC)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.2.0.11 - IObit)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java SE Development Kit 8 Update 131 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180131}) (Version: 8.0.1310.11 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Jewel Match 3 (HKLM-x32\...\WTA-f968f02f-75df-4e70-bba7-1e3ffe6596f5) (Version: 3.0.2.59 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
King Oddball (HKLM-x32\...\WTA-6984377f-baff-426e-8219-a8d5337d4800) (Version: 3.0.2.48 - WildTangent) Hidden
Kodi (HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\Kodi) (Version:  - XBMC-Foundation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
lenmus v5.3.1 (HKLM-x32\...\LenMus_5.3.1) (Version:  - )
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
LogMeIn Hamachi (HKLM-x32\...\{892DB406-ADF8-4C30-9840-8438AF5B8763}) (Version: 2.2.0.607 - LogMeIn, Inc.) Hidden
LUXOR Evolved (HKLM-x32\...\WTA-97dd28a3-af86-4788-9ece-1156290cd13b) (Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (HKLM-x32\...\WTA-ba23c458-255d-4a8c-87ef-4ba877c69f5d) (Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.141 - McAfee, Inc.)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Mi PC Suite (HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\MiPhoneManager) (Version:  - Xiaomi Inc.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (español) (HKLM-x32\...\{23549951-AEAB-4407-B23D-EB1703B14DBA}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Mathematics (64 bits) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.10730.20304 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{F845936B-E004-4F9C-A1DA-CDB99FF440F0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{C1A73781-053A-4E1F-887E-8217ED2DDDBC}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ESN (HKLM\...\{D7126FFC-90BA-4120-8FFB-3688C9931A09}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - ESN (14.0.50616.0) (HKLM-x32\...\{0ECC1E6C-1FFF-432E-BCA9-4F8D585A3294}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft System CLR Types para SQL Server 2014 (HKLM\...\{14305445-4F3B-4416-862D-DC8DCECF2E80}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types para SQL Server 2014 (HKLM-x32\...\{EFC3D6ED-EAF9-441B-BBF1-CAA3D83D1042}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27024 (HKLM-x32\...\{5fb2083a-f3cc-4b78-93ff-bd9788b5de01}) (Version: 14.16.27024.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27024 (HKLM-x32\...\{2ff11a2a-f7ac-4a6c-8cd4-c7bb974f3642}) (Version: 14.16.27024.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Nitro Pro 10 (HKLM\...\{A64AB15A-1974-4FF4-B5B7-BDEA9FBDB0AD}) (Version: 10.5.1.17 - Nitro)
Noise Reduction Plug-In 2.0 (HKLM-x32\...\{36DF4580-D1B3-11E3-A23E-F04DA23A5C58}) (Version: 2.0.628 - Sony)
Objetos de administración de Microsoft SQL Server 2014  (HKLM-x32\...\{19053E9D-DA93-4160-BCA1-2265B322B29E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Objetos de administración de Microsoft SQL Server 2014 (x64) (HKLM\...\{7BC14D15-03A1-49FC-A005-5E93241FCDB0}) (Version: 12.0.2000.8 - Microsoft Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20304 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20304 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.10730.20304 - Microsoft Corporation) Hidden
osu! (HKLM-x32\...\{1dabc3ef-95c0-4cb4-bdf7-8cb58e6e3714}) (Version: latest - ppy Pty Ltd)
paint.net (HKLM\...\{E8FA8815-3817-4128-A814-E2EAC456ADF0}) (Version: 4.0.21 - dotPDN LLC)
Paquete de compatibilidad con múltiples versiones de Microsoft .NET Framework 4.5.1 (español) (HKLM-x32\...\{D2D0CD35-523F-3D07-8ADE-96A5B4B74485}) (Version: 4.5.50932 - Microsoft Corporation)
Paquete de compatibilidad con múltiples versiones de Microsoft .NET Framework 4.5.1 RC para aplicaciones de la Tienda Windows (español) (HKLM-x32\...\{05ADAC3C-CCB3-3E05-BF2F-C1DE5C22C174}) (Version: 4.5.21005 - Microsoft Corporation) Hidden
Paquete de compatibilidad con múltiples versiones de Microsoft .NET Framework 4.5.2 (español) (HKLM-x32\...\{861D5F0D-20DC-3CAF-95ED-1048B7A6177D}) (Version: 4.5.51209 - Microsoft Corporation)
Paquete de compatibilidad de Microsoft .NET Framework 4.6 (español) (HKLM-x32\...\{CC36E98B-194B-4E67-B0BD-EE3A3937074F}) (Version: 4.6.00081 - Microsoft Corporation)
Paquete de idioma de guiones gráficos para Microsoft Visual Studio Team Foundation Server 2015 (x64) - ESN (HKLM\...\{BC5929CD-65BC-386C-ADE4-0FB54E59C87D}) (Version: 14.0.23102 - Microsoft Corporation) Hidden
Paquete de idioma de Microsoft Help Viewer 2.2 - ESN (HKLM-x32\...\Paquete de idioma de Visor de Ayuda de Microsoft 2.2 - ESN) (Version: 2.2.23107 - Microsoft Corporation)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Paquete de idioma de Microsoft Visual Studio 2015 SDK - ESN (HKLM-x32\...\{9FC506CD-103E-33A6-A98D-55897DDF3AB8}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Paquete de idioma de Visor de Ayuda de Microsoft 2.2 - ESN (HKLM-x32\...\{8EF90605-C4C8-3FAE-9B20-4101E708988B}) (Version: 2.2.23107 - Microsoft Corporation) Hidden
Paquete de idoma de integración de Office de Microsoft Visual Studio Team Foundation Server 2015 (x64) - ESN (HKLM\...\{18E8AF83-852D-3CCE-815D-46D229253A21}) (Version: 14.0.23102 - Microsoft Corporation) Hidden
Peggle Nights (HKLM-x32\...\WTA-6eeb52d5-5b56-4291-bb3e-95327f784338) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-f6780854-86e6-40e7-af2b-1715d843aa80) (Version: 3.0.2.59 - WildTangent) Hidden
Polar Bowler 1st Frame (HKLM-x32\...\WTA-4abb2c0c-435c-4deb-8166-8190a2d2dc37) (Version: 3.0.2.59 - WildTangent) Hidden
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 6.0.9.0 - Popcorn Time) <==== ATTENTION
Popcorn Time (HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\Popcorn Time) (Version:  - Popcorn Official) <==== ATTENTION
Potplayer (HKLM-x32\...\PotPlayer) (Version:  - Kakao Corp.)
Power Tab Editor 1.7 (HKLM-x32\...\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}) (Version: 1.7.0 - Power Tab Software)
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
QuickLook (HKLM-x32\...\{819AC3A2-13D9-43FB-8690-572C22C6384D}) (Version: 3.6.4.0 - Paddy Xu)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Recursos de Microsoft Visual Studio 2015 Devenv (HKLM-x32\...\{35AE57BF-AC51-312C-BA4B-266E123B807D}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Recursos de Microsoft Visual Studio 2015 Shell (mínimos) (HKLM-x32\...\{CCEC8B0D-D647-3060-972B-D4BB55CB16E2}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Requisitos previos para SSDT  (HKLM-x32\...\{A9AEF3CC-3E3A-4218-A9E8-76F4E4657BAE}) (Version: 12.0.2000.8 - Microsoft Corporation)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
SDK de Microsoft .NET Framework 4.6 (español) (HKLM-x32\...\{400687A4-8A54-4903-881D-8904AF08600A}) (Version: 4.6.00081 - Microsoft Corporation)
Servicio de lenguaje T-SQL de Microsoft SQL Server 2014  (HKLM-x32\...\{BC9D3E21-F10A-4DF6-A848-4D1081415CF2}) (Version: 12.0.2000.8 - Microsoft Corporation)
Sims2Pack Clean Installer (HKLM-x32\...\Sims2Pack Clean Installer) (Version:  - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype versión 8.30 (HKLM-x32\...\Skype_is1) (Version: 8.30 - Skype Technologies S.A.)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.28.9669 - SoftEther VPN Project)
SopCast 4.2.0 (HKLM-x32\...\SopCast) (Version: 4.2.0 - www.sopcast.com)
Sound Forge Pro 11.0 (HKLM-x32\...\{FE1A7F80-1348-11E4-8C79-F04DA23A5C58}) (Version: 11.0.293 - Sony)
Star Wars Galactic Battlegrounds - Clone Campaigns (HKLM-x32\...\Star Wars Galactic Battlegrounds - Clone Campaigns) (Version:  - )
Stardock Fences 3 (HKLM-x32\...\Stardock Fences 3) (Version: 3.05 - Stardock Software, Inc.)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.3 - IObit)
Sweet Home 3D version 5.2 (HKLM\...\Sweet Home 3D_is1) (Version: 5.2 - eTeks)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab Detection (HKLM-x32\...\{CC885440-4B29-4960-A319-3D861D1E284E}) (Version: 6.1.6.0 - Husdawg, LLC)
Tableta Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.32-4 - Wacom Technology Corp.)
TempoPerfect Metronome Software (HKLM-x32\...\TempoPerfect) (Version: 4.08 - NCH Software)
The Chronicles of Emerland Solitaire (HKLM-x32\...\WTA-a9292083-0186-4ae1-b049-98e666be274e) (Version: 3.0.2.51 - WildTangent) Hidden
TOEFL Sampler (HKLM-x32\...\{95744E49-71D1-453A-9466-6930819043C8}) (Version: 1.00.0001 - ETS)
Trinklit Supreme (HKLM-x32\...\WTA-b4661a6f-f216-4883-b2a2-510cf295990b) (Version: 2.2.0.98 - WildTangent) Hidden
Unity Web Player (HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\UnityWebPlayer) (Version: 5.3.1f1 - Unity Technologies ApS)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
UpdateAssistant (HKLM-x32\...\{139493B2-F1BC-4F05-A974-B49297C1EB04}) (Version: 1.1.0.0 - Microsoft Corporation) Hidden
Utilidades línea de comandos de Microsoft SQL Server 2012  (HKLM\...\{6D818CE1-E063-4165-BC33-0024269411C5}) (Version: 11.1.3000.0 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 11.0 (HKLM-x32\...\{09771440-269F-11E1-89B1-F04DA23A5C58}) (Version: 11.0.510 - Sony)
VirtualTablet Server (HKLM-x32\...\{169bb037-6484-4a02-920e-44f7a61951c4}) (Version: 3.0.2 - SunnysideSoft)
VirtualTablet Server (HKLM-x32\...\{B7370C8E-5F92-4E5D-94D7-3955418EE475}) (Version: 3.0.2 - SunnysideSoft) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Wars of Liberty version 1.0.9g (HKLM-x32\...\{EB448764-CABB-4766-8055-495AEA292020}_is1) (Version: 1.0.9g - Wars of Liberty Team)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.11.13 - WildTangent) Hidden
WinDirStat 1.1.2 (HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\WinDirStat) (Version:  - )
WinDjView 2.1 (HKLM\...\WinDjView) (Version: 2.1 - Andrew Zhezherun)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Zoo Tycoon 2 - Ultimate Collection (HKLM-x32\...\{9CC4840D-EF1C-406F-AF08-3C19EB1335B9}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Zoo Tycoon 2 - Ultimate Collection (HKLM-x32\...\InstallShield_{9CC4840D-EF1C-406F-AF08-3C19EB1335B9}) (Version: 1.00.0000 - Microsoft Game Studios)
Zuma's Revenge (HKLM-x32\...\WTA-f2f55474-3db3-4019-bb5c-2cfdd24d0793) (Version: 2.2.0.97 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001_Classes\CLSID\{B6BA7B5F-2AD4-4A99-814F-81F12106367A} -> [MEGAsync] => C:\Users\User\Documents\MEGAsync [2015-10-24 12:50]
CustomCLSID: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\User\Dropbox [2018-02-15 20:36]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2018-02-16] () [File not signed]
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2018-02-16] () [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2017-06-13] (Stardock Corporation -> Stardock)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-12-07] (Google Inc -> Google)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro 10\NPShellExtension.dll [2015-05-06] (Nitro Software, Inc. -> Nitro PDF)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\system32\IObitSmartDefragExtension.dll [2015-01-10] (IObit Information Technology -> IObit)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-04-03] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2018-02-16] () [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2017-06-13] (Stardock Corporation -> Stardock)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-12-07] (Google Inc -> Google)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2017-06-13] (Stardock Corporation -> Stardock)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2015-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2017-06-13] (Stardock Corporation -> Stardock)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6-x32: [S2PCI] -> {4ADF8C01-0AC7-4403-888C-012E6EA2F67E} => C:\Program Files (x86)\Sims2Pack Clean Installer\S2PCISE.exe [2014-08-02] () [File not signed]
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\system32\IObitSmartDefragExtension.dll [2015-01-10] (IObit Information Technology -> IObit)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00EEF922-4535-43DB-8538-A13B74F88E0C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {1767E5D0-45C4-4F8E-A4DD-62581D877380} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {1C501B54-5AE4-499A-9AAE-F0393B523081} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {1D06AC53-F050-498A-82E0-8046B0DA1E3D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {1F6F6794-B496-47E5-9ADC-83E3D08F8B19} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {27011200-CCDD-4BA1-931C-057217CDF7D4} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe (Acer Incorporated -> )
Task: {27E20858-9774-478D-B4E2-7D16D035A795} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {284BEAC5-10A4-48CC-A525-846AE58623A4} - System32\Tasks\googleupdatetaskmachineua => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {29ACDE10-D322-4F64-B6C5-B7671DFC36F8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {2BA2E84E-F970-4B3A-869A-86EE03B03FAF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {2F0424AC-1551-41B5-9DC1-997A82C999BD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {342C1A16-B1AA-4F10-9EE9-35C12F32C7A2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {346A7B55-CDDC-4D08-82BE-F5DBE23C3926} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {37180498-56A5-4D81-9EBF-F55B7E59B30D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {42FE43E3-8320-43DA-85E0-CEF547BCBBCA} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe (IObit Information Technology -> IObit)
Task: {4994EA20-C9FE-42E8-8D0E-0573741D0AD5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {61652AA8-0566-405C-8215-784B8EE22EC2} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe (Acer Incorporated -> )
Task: {68E2047E-BE58-4779-B969-36047207A0AC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {73D47AFF-D604-4A9F-8464-8BEC3813C207} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {78606FDF-7E5F-40BB-BCF8-44044342B819} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {83D562AE-6449-4C6B-A519-2249C7949B8A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {85059C11-B87E-4DE6-AF00-6B4F6F3910AC} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3847050211-4158280976-3266699917-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe (Mega Limited -> Mega Limited)
Task: {85197FCB-D2D0-4A36-9E3F-40B74BF16F68} - \WPD\SqmUpload_S-1-5-21-3847050211-4158280976-3266699917-1001 -> No File <==== ATTENTION
Task: {85BC0FBF-25BB-4F98-84D3-A5C7C523FBC2} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A2ADB362-EF56-4438-8D06-9F0D6E2E0434} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {A3005930-0AFB-49F5-B340-ED6381C6F6F2} - System32\Tasks\googleupdatetaskmachinecore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {A5F5335A-C4F8-4701-AABC-F608EE80494A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {AF936109-EEB7-4530-92E9-FCEA4BEC67BA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {B0883918-0E22-411F-96A3-10FC23EB1A59} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {B2CE5208-C881-4E40-9743-AAFA05F8D8F6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {B49367EE-1368-494D-B347-19443627F67E} - System32\Tasks\{153CD9B2-0B7B-427A-9647-B35BBCD716D7} => C:\WINDOWS\system32\pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe -c /M{1C08A24C-B168-407E-A826-68FAF5F20710}
Task: {B93AF52A-A304-4212-BC21-46717C8D0BEC} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe (Acer Incorporated -> TODO: <Company name>)
Task: {C1FD2D52-51B0-4F98-9E68-B322E3BC6996} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {C3765FBC-EE82-4FD7-9D19-52D2BF66E847} - System32\Tasks\GoogleUpdateTaskMachineCore1d27cd63c1c8a55 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {C784A70E-6551-470E-8297-0C69BDD9260B} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {C806F0FA-61B7-451E-9BC3-2E0F9134A988} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C8154FD0-A3A6-44A2-8C52-DCF0801E9F73} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CF715786-B156-48C4-8DAB-8BF151EBC83D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {D19064B0-1EA4-406B-9E1F-F40D1C0C2B6F} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\osfinstaller.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {EA454BD5-548A-4FDB-809C-626B78ED37FE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {EFE677A9-3C55-44C9-B967-C290564CCF30} - System32\Tasks\{4179FCE8-4302-4273-885E-1B81C28B0D14} => C:\WINDOWS\system32\pcalua.exe -a F:\alice.exe -d F:\
Task: {F142FA49-64F4-4FE6-AE08-A16B53BB7E33} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F4B3998F-5331-4A00-8CE3-4962AB254EC3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F81C7CB0-5F31-4128-A5F1-BD28E9E6B794} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe (Acer Incorporated -> Acer Incorporated)
Task: {FAEACFD3-C8C2-4650-8EDE-38AD3E8CB846} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sims2Pack Clean Installer\Visit website.lnk -> hxxp://sims2pack.modthesims2.com

==================== Loaded Modules (Whitelisted) ==============

2016-03-09 12:41 - 2016-01-15 17:00 - 000027648 _____ (Copyright (c) Code Industry Ltd ) [File not signed] C:\WINDOWS\System32\mpelocalmon.dll
2013-07-01 19:08 - 2013-07-01 19:08 - 000733696 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
2018-09-25 20:26 - 2018-09-25 20:26 - 005207040 _____ (University of Tsukuba) [File not signed] C:\Program Files\SoftEther VPN Client\VpnGatePlugin_x64.dll
2017-06-13 14:33 - 2017-06-13 14:33 - 002836408 _____ (Stardock Corporation -> Stardock) [File not signed] c:\program files (x86)\stardock\fences\DesktopDock64.dll
2017-05-19 12:26 - 2017-05-19 12:26 - 001280472 _____ (Stardock Corporation -> Stardock Corporation) [File not signed] c:\program files (x86)\stardock\fences\SdAppServices_x64.dll
2019-01-15 18:02 - 2019-01-15 18:02 - 000095744 _____ () [File not signed] C:\WINDOWS\Womtrust.dll
2018-02-16 12:58 - 2018-02-16 12:58 - 000598528 _____ () [File not signed] C:\ProgramData\MEGAsync\ShellExtX64.dll
2010-11-18 20:08 - 2010-11-18 20:08 - 000086016 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-04-04 03:07 - 2019-04-04 03:08 - 001159680 _____ (File-New-Project) [File not signed] C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.1.1.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe
2019-04-05 16:21 - 2019-04-05 16:21 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\python27.dll
2019-04-05 16:21 - 2019-04-05 16:21 - 000113664 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_ctypes.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000080896 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\bz2.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 001792512 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_hashlib.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000128512 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32api.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000137728 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\pywintypes27.dll
2019-04-05 16:21 - 2019-04-05 16:21 - 000548864 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\pythoncom27.dll
2019-04-05 16:21 - 2019-04-05 16:21 - 000689664 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\unicodedata.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000438784 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32com.shell.shell.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 001489408 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wx._core_.pyd
2019-04-05 16:22 - 2019-04-05 16:22 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wxbase30u_net_vc90_x64.dll
2019-04-05 16:22 - 2019-04-05 16:22 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wxmsw30u_core_vc90_x64.dll
2019-04-05 16:22 - 2019-04-05 16:22 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wxbase30u_vc90_x64.dll
2019-04-05 16:22 - 2019-04-05 16:22 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wxmsw30u_adv_vc90_x64.dll
2019-04-05 16:21 - 2019-04-05 16:21 - 001007104 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wx._gdi_.pyd
2019-04-05 16:21 - 2019-04-05 16:22 - 001039872 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wx._windows_.pyd
2019-04-05 16:22 - 2019-04-05 16:22 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wxmsw30u_html_vc90_x64.dll
2019-04-05 16:21 - 2019-04-05 16:21 - 001325056 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wx._controls_.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000916992 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wx._misc_.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 001084416 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\pysqlite2._sqlite.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000149504 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32file.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000136192 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32security.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000007680 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\hashobjs_ext.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000020992 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\thumbnails_ext.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000118784 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\usb_ext.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000047616 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_socket.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 002224640 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_ssl.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000014848 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\common.time34.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000023040 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32event.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000034304 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\windows.conditional.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000020480 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\windows.winwrap.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000110080 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\windows.volumes.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000223232 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32gui.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000173568 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_elementtree.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000169472 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\pyexpat.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000048128 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32inet.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000103424 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wx._html2.pyd
2019-04-05 16:22 - 2019-04-05 16:22 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wxmsw30u_webview_vc90_x64.dll
2019-04-05 16:21 - 2019-04-05 16:21 - 000046080 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_psutil_windows.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000011776 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32crypt.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000301568 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\PIL._imaging.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000032256 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_multiprocessing.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 005752320 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\cello.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000026112 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_yappi.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000044032 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32process.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000027648 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32pipe.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000010752 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\select.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000029696 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32pdh.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000038400 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\windows.connectivity.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000073216 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\windows.device_monitor.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000020480 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32profile.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000026624 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32ts.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
#12

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\sharepoint.com -> hxxps://comunidadunammx.sharepoint.com
IE restricted site: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 07:25 - 2013-08-22 07:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Python34\;C:\Python34\Scripts;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Acer\Remote Files\;C:\Program Files (x86)\Windows Live\Shared;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\QuickTime\QTSystem\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\Control Panel\Desktop\\Wallpaper -> c:\users\user\pictures\wallpapers\965651007_preview_metro station screenshot.gif
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: QHActiveDefense => 
MSCONFIG\startupreg: DAEMON Tools Lite => "c:\program files (x86)\daemon tools lite\dtlite.exe" -autorun
MSCONFIG\startupreg: iTunesHelper => "c:\program files\itunes\ituneshelper.exe"
MSCONFIG\startupreg: Spotify => "c:\users\user\appdata\roaming\spotify\spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "c:\users\user\appdata\roaming\spotify\spotifywebhelper.exe"
HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Skype"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\StartupApproved\StartupFolder: => "QuickLook.lnk"
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\StartupApproved\StartupFolder: => "Enviar a OneNote.lnk"
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\StartupApproved\Run: => "AirDroid 3"
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\StartupApproved\Run: => "MiPhoneManager"
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{151E05EF-5FB5-45B8-9043-162B08F7C96C}C:\program files (x86)\virtualtablet server\virtualtabletserver.exe] => (Allow) C:\program files (x86)\virtualtablet server\virtualtabletserver.exe (SunnysideSoft) [File not signed]
FirewallRules: [TCP Query User{94FF2958-32CA-4803-85E8-E5261C531FE7}C:\program files (x86)\virtualtablet server\virtualtabletserver.exe] => (Allow) C:\program files (x86)\virtualtablet server\virtualtabletserver.exe (SunnysideSoft) [File not signed]
FirewallRules: [UDP Query User{DC6BC967-E7FE-4030-9ACE-5D25192E9297}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{96AEA892-DA18-471B-98B1-0E2C8EF7FDAD}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{BE5FC43C-147A-4F40-A3DC-9FD3EFBCF70D}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5BE93C37-D684-4560-8645-D8CEFC1AF627}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{294BC768-7A6C-419B-B6B5-8D82B7565CF7}] => (Block) C:\program files (x86)\sopcast\sopcast.exe (www.sopcast.com) [File not signed]
FirewallRules: [{E5A0B617-AC88-495C-84F6-078F62AC552F}] => (Block) C:\program files (x86)\sopcast\sopcast.exe (www.sopcast.com) [File not signed]
FirewallRules: [UDP Query User{1C437353-50E6-4DF8-8F93-97CE5D122CB7}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe (www.sopcast.com) [File not signed]
FirewallRules: [TCP Query User{8E7ED40C-A76A-4759-8471-C82283D70C9A}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe (www.sopcast.com) [File not signed]
FirewallRules: [{971CBC03-0942-4483-B3FD-42B47D626938}] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [{3E0C50BF-2821-4B50-BF39-835137F2B58A}] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [UDP Query User{EE2C2A09-B577-4152-AE11-64B2D58A147C}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [TCP Query User{DFEE202B-373A-4A38-8326-D3D198CE2802}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [UDP Query User{4FE10DCF-FB6F-4D33-B1E0-F6A3A7A456D0}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{1E15533A-EEA1-4FA3-A949-074F0472D6C4}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{79204862-403C-4B96-A9BF-4094A155C7A2}C:\program files\lucasarts\star wars galactic battlegrounds\game\battlegrounds.exe] => (Allow) C:\program files\lucasarts\star wars galactic battlegrounds\game\battlegrounds.exe (LucasArts Entertainment Company LLC) [File not signed]
FirewallRules: [TCP Query User{05FAFFC4-00C2-4E89-AF97-FAA8C3BBC713}C:\program files\lucasarts\star wars galactic battlegrounds\game\battlegrounds.exe] => (Allow) C:\program files\lucasarts\star wars galactic battlegrounds\game\battlegrounds.exe (LucasArts Entertainment Company LLC) [File not signed]
FirewallRules: [UDP Query User{016C1414-FF4D-479B-90E1-526735B181AD}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{AA8DCF9A-C960-4BE5-81B8-23A1764E1E61}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{D349BD03-3C6E-4D33-B331-0343D5407FDE}C:\program files\lucasarts\star wars galactic battlegrounds\game\battlegrounds_x1.exe] => (Allow) C:\program files\lucasarts\star wars galactic battlegrounds\game\battlegrounds_x1.exe (LucasArts Entertainment Company LLC) [File not signed]
FirewallRules: [TCP Query User{F916726E-DC21-489E-BD54-87EDED9AA966}C:\program files\lucasarts\star wars galactic battlegrounds\game\battlegrounds_x1.exe] => (Allow) C:\program files\lucasarts\star wars galactic battlegrounds\game\battlegrounds_x1.exe (LucasArts Entertainment Company LLC) [File not signed]
FirewallRules: [{BD12C5A0-CF29-4ED8-B19B-EB8ED92A42C8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DE69E437-B3BA-4E43-A972-E329CDE28986}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7956F3D3-E125-47AA-81A9-8829A62F8A1E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BD8A4C96-0767-46E2-9C0E-0D47116063BB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{60C28BC2-E44E-4F8F-8D22-F97465611E8F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{E8ECA978-6048-404D-86A6-0FFDD9022DCC}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe (Acer Incorporated -> acer) [File not signed]
FirewallRules: [{A517B0FE-9D5E-403B-BF03-E5BDAAA09096}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe (Acer Incorporated -> acer) [File not signed]
FirewallRules: [{F2D40F51-0296-4B1E-B825-FC2F5CC575E8}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{95A18EF7-A113-4BAE-A808-04B8D35E050D}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{93931B73-91DE-4E70-8B3B-29ECD431D270}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe (Acer Incorporated -> acer) [File not signed]
FirewallRules: [{B41CDF5F-A045-4274-8810-A41F5DA2241A}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe (Acer Incorporated -> acer) [File not signed]
FirewallRules: [{B39D7532-0A00-46ED-970D-D236D955A5AD}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{39A0CB69-886F-49BA-A507-2DADBF965C37}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{9A75DD42-8941-4CC3-B81E-FABE8AC50035}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{DD8646C4-741A-41CA-9B56-58F8540DC7EA}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{4CA285DE-B558-4A95-80B3-F66DFC73E03D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{9970AD58-2577-42FA-A076-674C96629C18}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{C66B7619-26D9-46E6-B88F-37088992511F}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{FA917D99-DEBA-467B-B985-202763E4A173}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{CAC8483E-26F6-427F-ABDF-9410F8096BC2}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{C32B0F4C-F4B9-4F71-BAE2-561D3EA704A7}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{860B75B6-4040-4200-A510-EA3B4ABED24C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7269C96D-9980-4653-9462-F6CB140139DB}] => (Allow) LPort=2869
FirewallRules: [{63105845-C48E-4C49-B93A-995E8A20A9F2}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{72B7B3C3-8F63-40F7-87DF-65DDE877917D}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO LIMITED -> Sand Studio)
FirewallRules: [UDP Query User{46116787-F643-45D4-8401-C5A312FB5A09}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO LIMITED -> Sand Studio)
FirewallRules: [{ADF58400-DE1B-4E77-B022-AB40889F9A70}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{461B54F8-92A2-49D1-A8CF-4991EFFA8AFD}] => (Allow) C:\Users\User\AppData\Local\MiPhoneManager\main\MiPCSuite.exe (Xiaomi Technology Inc -> Xiaomi.Inc)
FirewallRules: [TCP Query User{FE12C3EC-7907-4448-B541-C30FC5113A7F}C:\users\user\downloads\suparc\suparc-multilang-v160715\suparc.es.exe] => (Allow) C:\users\user\downloads\suparc\suparc-multilang-v160715\suparc.es.exe (竞技世界(北京)网络技术有限公司 -> )
FirewallRules: [UDP Query User{EA6AFFE9-6B2E-42EE-8904-E99B175E94DB}C:\users\user\downloads\suparc\suparc-multilang-v160715\suparc.es.exe] => (Allow) C:\users\user\downloads\suparc\suparc-multilang-v160715\suparc.es.exe (竞技世界(北京)网络技术有限公司 -> )
FirewallRules: [{53E9A9CA-205C-4D90-A28C-2CA48BBC8797}] => (Block) C:\users\user\downloads\suparc\suparc-multilang-v160715\suparc.es.exe (竞技世界(北京)网络技术有限公司 -> )
FirewallRules: [{13771A9D-CA3C-4B08-BD73-E2D539769F25}] => (Block) C:\users\user\downloads\suparc\suparc-multilang-v160715\suparc.es.exe (竞技世界(北京)网络技术有限公司 -> )
FirewallRules: [TCP Query User{10D92EBA-172A-4049-891D-74A7A77D65DA}C:\users\user\downloads\suparc\suparc-multilang-v160715\suparc.exe] => (Allow) C:\users\user\downloads\suparc\suparc-multilang-v160715\suparc.exe (竞技世界(北京)网络技术有限公司 -> )
FirewallRules: [UDP Query User{2F9A9BCF-6360-4212-8782-AC5339D19DAA}C:\users\user\downloads\suparc\suparc-multilang-v160715\suparc.exe] => (Allow) C:\users\user\downloads\suparc\suparc-multilang-v160715\suparc.exe (竞技世界(北京)网络技术有限公司 -> )
FirewallRules: [{25BFAC64-8C5B-4B51-8C59-519D86C6E446}] => (Block) C:\users\user\downloads\suparc\suparc-multilang-v160715\suparc.exe (竞技世界(北京)网络技术有限公司 -> )
FirewallRules: [{219146B4-0292-4D91-A6A4-732D12534F9A}] => (Block) C:\users\user\downloads\suparc\suparc-multilang-v160715\suparc.exe (竞技世界(北京)网络技术有限公司 -> )
FirewallRules: [TCP Query User{F0821307-B633-460A-8FF7-3190E6688CB3}C:\users\user\downloads\fightcade\fightcade\fightcade.exe] => (Allow) C:\users\user\downloads\fightcade\fightcade\fightcade.exe () [File not signed]
FirewallRules: [UDP Query User{36CA307F-70A2-4C89-AE22-8049672CB157}C:\users\user\downloads\fightcade\fightcade\fightcade.exe] => (Allow) C:\users\user\downloads\fightcade\fightcade\fightcade.exe () [File not signed]
FirewallRules: [{17103E7E-183A-4E29-8242-E5CDC04C5B87}] => (Block) C:\users\user\downloads\fightcade\fightcade\fightcade.exe () [File not signed]
FirewallRules: [{A0524830-9B9F-438A-AFE1-70CE41A3E4BF}] => (Block) C:\users\user\downloads\fightcade\fightcade\fightcade.exe () [File not signed]
FirewallRules: [TCP Query User{74B01812-A4FF-4349-BB6D-14B0F281518B}C:\users\user\downloads\fightcade\fightcade\ggpofba.exe] => (Allow) C:\users\user\downloads\fightcade\fightcade\ggpofba.exe () [File not signed]
FirewallRules: [UDP Query User{8E8DD9D4-3B10-477C-9BDF-8C3D649680B3}C:\users\user\downloads\fightcade\fightcade\ggpofba.exe] => (Allow) C:\users\user\downloads\fightcade\fightcade\ggpofba.exe () [File not signed]
FirewallRules: [{32C0DD40-63C5-455E-A5C5-6DC8A322A14D}] => (Block) C:\users\user\downloads\fightcade\fightcade\ggpofba.exe () [File not signed]
FirewallRules: [{A2B74B80-8135-44C9-93AE-6E0FABAC8F24}] => (Block) C:\users\user\downloads\fightcade\fightcade\ggpofba.exe () [File not signed]
FirewallRules: [TCP Query User{0B879B59-6A8B-45BA-AF72-5C9F71477450}C:\users\user\downloads\fightcade\fightcade\ggpofba-ng.exe] => (Allow) C:\users\user\downloads\fightcade\fightcade\ggpofba-ng.exe (Team FB Alpha) [File not signed]
FirewallRules: [UDP Query User{6CED7B91-8F0D-4B41-A7C7-1210DB3491C2}C:\users\user\downloads\fightcade\fightcade\ggpofba-ng.exe] => (Allow) C:\users\user\downloads\fightcade\fightcade\ggpofba-ng.exe (Team FB Alpha) [File not signed]
FirewallRules: [{018CBC1D-F2C1-4274-A8B3-A984DBC06989}] => (Block) C:\users\user\downloads\fightcade\fightcade\ggpofba-ng.exe (Team FB Alpha) [File not signed]
FirewallRules: [{D910020D-95CB-493F-AE8A-18F95219B41E}] => (Block) C:\users\user\downloads\fightcade\fightcade\ggpofba-ng.exe (Team FB Alpha) [File not signed]
FirewallRules: [{5F474968-2A93-436D-9E48-57F524117F4E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E953BA26-4954-4A74-A9C7-3C3246F6C930}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{796E7C87-4589-47B0-995E-9DC40FE778C6}] => (Block) LPort=445
FirewallRules: [{C9DB684A-8D86-4F36-B525-8D122D1BC354}] => (Block) LPort=445
FirewallRules: [{9DD9DA01-55A1-4155-B698-FF55A43C7DBE}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe No File
FirewallRules: [{905DA503-C09C-4BEA-8741-3E4C93B4390F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe No File
FirewallRules: [{E8551A03-21FC-459E-A989-88C7B2282B8A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe No File
FirewallRules: [{A02B6218-5BCE-44CB-96FF-DEE2D3698D4C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe No File
FirewallRules: [{D1EF3D9C-7C5A-4892-A30D-574A2702437B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe No File
FirewallRules: [{DD8F7910-0EAE-4B29-A4A2-623F7A37B4EA}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe No File
FirewallRules: [{6E21EF0C-34E1-4D9E-994C-866F400FE80C}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{CEDA3612-D0AB-42AE-8B85-27D95B2427F7}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{A2C24F26-2EAC-4311-BD11-0E0024C63947}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{E87A104A-2171-4447-BDF3-708BE98E5966}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7C1A3AE5-5666-42E8-B172-9CD422880804}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F6F5D638-5563-4C4E-8996-FA0E9185AD1C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{712D94F5-6F80-4783-9CF0-BB32B686AD2F}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{18126BB4-4C03-4514-BC3A-8087630C550B}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{A7329602-5468-42E8-A056-94EA38A9FF5C}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{D08A1FCE-B9F3-490E-91EB-AB3B8D094463}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{E0E15428-0AF8-47A3-8CD5-469C0DD32E77}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{203A79BD-27F8-4E02-948B-31ACC5F268C5}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [TCP Query User{3C2C27B3-4E5C-48E8-832E-DE2AF857D513}C:\program files (x86)\microsoft games\age of empires iii complete collection\age3y.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires iii complete collection\age3y.exe (Microsoft Corporation -> Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{F7C51EC1-96B8-4008-933F-B9316F881E38}C:\program files (x86)\microsoft games\age of empires iii complete collection\age3y.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires iii complete collection\age3y.exe (Microsoft Corporation -> Microsoft Corporation) [File not signed]
FirewallRules: [{B583D014-4D69-496C-8376-1ABB7C417BC0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{55850150-0919-4595-BF6B-A3C1B0683E66}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E19AB243-7618-416E-86AB-DE2AF137A1D0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B1B6D758-20FD-4154-A69C-F09EEFB5E069}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{B35538F3-6056-4FA7-9053-705BF898DC07}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.103.259.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{08FB508F-9D2B-444D-B833-910639026307}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.103.259.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{06B8336D-1C70-4A3D-B0C8-225CEFEF7E3E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.103.259.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6C3BFDAD-AB45-4F85-964D-A620A9F1A642}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.103.259.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{88E6D79D-E3C7-4FE5-93CA-C9E38CF4C6F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.103.259.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C1700A8A-78D7-4EED-B496-30C69A1A71B0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.103.259.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9DD7E43D-C5E4-438E-92C5-E48AF82A2C46}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.103.259.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9C0E0183-094B-408B-91EF-1F382A03037C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.103.259.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3F5884CE-6F15-476D-9F2A-298C1E9BB934}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.104.41048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F6ECF776-927E-4C41-BD37-9A0C531C7BD3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.104.41048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BEB8C03D-0368-4636-8631-FED546E77295}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.104.41048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8B7C128F-9222-4D84-B6A3-91786DD4E0F9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.104.41048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6F1DFA41-ADAD-453E-9652-4F082DB10170}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.104.41048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C7DA89C6-C972-4B53-8348-433BDD6AFC39}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.104.41048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D2B0D629-5511-4CEE-89A4-CEB7B6D4CFC1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.104.41048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CE350B2A-039C-4CD7-9710-9F8EC5BAED82}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.104.41048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DE821D5B-6629-4241-B6E0-1F4E1193E136}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Restore Points =========================

13-03-2019 14:28:04 Windows Update
22-03-2019 17:10:51 Punto de control programado
02-04-2019 21:26:42 Operación de restauración

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/05/2019 05:05:03 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) No puede encontrar el objeto o propiedad

Error: (04/05/2019 05:05:03 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) No puede encontrar el objeto o propiedad

Error: (04/05/2019 04:25:55 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/05/2019 04:18:30 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Audacity\audacity.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.648_none_fb45a0e93062a6d2.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.648_none_42f2d7c044decfd8.manifest.

Error: (04/04/2019 10:21:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.exe.Manifest".
No se encontró el ensamblado dependiente Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (04/04/2019 10:20:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Audacity\audacity.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.648_none_fb45a0e93062a6d2.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.648_none_42f2d7c044decfd8.manifest.

Error: (04/04/2019 10:06:21 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error al actualizar el estado de  a SECURITY_PRODUCT_STATE_OFF.

Error: (04/04/2019 10:00:22 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Audacity\audacity.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.648_none_fb45a0e93062a6d2.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.648_none_42f2d7c044decfd8.manifest.


System errors:
=============
Error: (04/05/2019 05:00:18 PM) (Source: Disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso.

Error: (04/05/2019 05:00:14 PM) (Source: Disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso.

Error: (04/05/2019 05:00:11 PM) (Source: Disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso.

Error: (04/05/2019 05:00:07 PM) (Source: Disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso.

Error: (04/05/2019 05:00:03 PM) (Source: Disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso.

Error: (04/05/2019 05:00:00 PM) (Source: Disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso.

Error: (04/05/2019 04:59:56 PM) (Source: Disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso.

Error: (04/05/2019 04:59:52 PM) (Source: Disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso.


Windows Defender:
===================================
Date: 2019-04-04 02:52:52.997
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {8960DDAF-5724-49A3-B48C-B88109FA6562}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-04-04 00:34:04.352
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {29B8CF0A-1C15-4B86-BE27-57114622BEC1}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-03-21 18:31:58.363
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {CAD82F43-EC42-4370-B239-2283D8FA86F1}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-03-16 21:08:18.445
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {35F71818-A8B8-4800-A0B1-1FB89B848E50}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-03-15 17:24:30.874
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {AD31A460-8742-46FB-A622-E970E286794F}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-04-04 00:51:12.803
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.291.1117.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15800.1
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2019-04-03 21:47:45.532
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.291.1079.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15800.1
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 

Date: 2019-04-03 21:37:31.009
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2019-04-03 07:25:05.783
Description: 
Antivirus de Windows Defender encontró un error al intentar cargar firmas e intentará revertirlas a un conjunto de firmas conocidas.
Firmas intentadas: Actual
Código de error: 0x80070003
Descripción del error: El sistema no puede encontrar la ruta especificada. 
Versión de firma: 0.0.0.0;0.0.0.0
Versión de motor: 0.0.0.0

Date: 2019-04-02 20:20:20.904
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.291.1031.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15800.1
Código de error: 0x80240022
Descripción del error: El programa no puede buscar actualizaciones de definiciones. 

==================== Memory info =========================== 

Processor: Intel(R) Celeron(R) CPU N2940 @ 1.83GHz
Percentage of memory in use: 56%
Total physical RAM: 3977.98 MB
Available physical RAM: 1713.21 MB
Total Virtual: 5257.98 MB
Available Virtual: 2686.05 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:449.58 GB) (Free:195.55 GB) NTFS

\\?\Volume{34969e5a-8049-4502-a099-c14c7628a5ca}\ (RECOVERY) (Fixed) (Total:0.59 GB) (Free:0.28 GB) NTFS
\\?\Volume{e499eac9-fcfe-44bf-a59b-ab19225dbb5d}\ (Push Button Reset) (Fixed) (Total:15.18 GB) (Free:1.53 GB) NTFS
\\?\Volume{4841193b-d5d2-44f4-af01-586383d10ec8}\ (ESP) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 869FF045)

Partition: GPT.

==================== End of Addition.txt ============================
#13

Hola @Paracitbizkit

Hay mucha basura/errores en ese equipo incluso algún problema/ sector defectuoso en el disco.

Vamos por pasos:

Pudiste hacer la restauración de Google Chrome que te indique anteriormente?

Realiza lo siguiente:

1.- Desinstala con Revo Uninstaller en su Modo Avanzado:

Amazon 1Button App y Popcorn Time

Manual de Revo Uninstaller.

Ademas tienes dos lectores de PDF como Foxit Reader y Adobe Reader, desinstale uno de preferencia Adobe con Revo Uninstaller también.

Luego:

2.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

3.- Desactiva Temporalmente tu antivirus.

4.- Abre un nuevo archivo Notepad y copia y pega este contenido:


Start
CloseProcesses:
CreateRestorePoint:
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001 ->
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-05-22] (IObit Information Technology -> IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-06-11] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-11] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-20] (Oracle America, Inc. -> Oracle Corporation)
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
S2 Hamachi2Svc; "C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe" -s [X]
Amazon 1Button App (HKLM-x32\...\{FF0A904E-8827-4F6E-9A59-900D4C997AD1}) (Version: 1.0.8 - Amazon) <==== ATTENTION
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 6.0.9.0 - Popcorn Time) <==== ATTENTION
Popcorn Time (HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\Popcorn Time) (Version:  - Popcorn Official) <==== ATTENTION
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
Task: {00EEF922-4535-43DB-8538-A13B74F88E0C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {1F6F6794-B496-47E5-9ADC-83E3D08F8B19} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {27E20858-9774-478D-B4E2-7D16D035A795} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {29ACDE10-D322-4F64-B6C5-B7671DFC36F8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {346A7B55-CDDC-4D08-82BE-F5DBE23C3926} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {78606FDF-7E5F-40BB-BCF8-44044342B819} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {83D562AE-6449-4C6B-A519-2249C7949B8A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {85197FCB-D2D0-4A36-9E3F-40B74BF16F68} - \WPD\SqmUpload_S-1-5-21-3847050211-4158280976-3266699917-1001 -> No File <==== ATTENTION
Task: {85BC0FBF-25BB-4F98-84D3-A5C7C523FBC2} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {AF936109-EEB7-4530-92E9-FCEA4BEC67BA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C806F0FA-61B7-451E-9BC3-2E0F9134A988} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {CF715786-B156-48C4-8DAB-8BF151EBC83D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EFE677A9-3C55-44C9-B967-C290564CCF30} - System32\Tasks\{4179FCE8-4302-4273-885E-1B81C28B0D14} => C:\WINDOWS\system32\pcalua.exe -a F:\alice.exe -d F:\
Task: {F142FA49-64F4-4FE6-AE08-A16B53BB7E33} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
2019-01-15 18:02 - 2019-01-15 18:02 - 000095744 _____ () [File not signed] C:\WINDOWS\Womtrust.dll
2018-02-16 12:58 - 2018-02-16 12:58 - 000598528 _____ () [File not signed] C:\ProgramData\MEGAsync\ShellExtX64.dll
2019-04-05 16:21 - 2019-04-05 16:21 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\python27.dll
2019-04-05 16:21 - 2019-04-05 16:21 - 000113664 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_ctypes.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000080896 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\bz2.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 001792512 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_hashlib.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000128512 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32api.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000137728 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\pywintypes27.dll
2019-04-05 16:21 - 2019-04-05 16:21 - 000548864 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\pythoncom27.dll
2019-04-05 16:21 - 2019-04-05 16:21 - 000689664 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\unicodedata.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000438784 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32com.shell.shell.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 001489408 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wx._core_.pyd
2019-04-05 16:22 - 2019-04-05 16:22 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wxbase30u_net_vc90_x64.dll
2019-04-05 16:22 - 2019-04-05 16:22 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wxmsw30u_core_vc90_x64.dll
2019-04-05 16:22 - 2019-04-05 16:22 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wxbase30u_vc90_x64.dll
2019-04-05 16:22 - 2019-04-05 16:22 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wxmsw30u_adv_vc90_x64.dll
2019-04-05 16:21 - 2019-04-05 16:21 - 001007104 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wx._gdi_.pyd
2019-04-05 16:21 - 2019-04-05 16:22 - 001039872 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wx._windows_.pyd
2019-04-05 16:22 - 2019-04-05 16:22 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wxmsw30u_html_vc90_x64.dll
2019-04-05 16:21 - 2019-04-05 16:21 - 001325056 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wx._controls_.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000916992 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wx._misc_.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 001084416 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\pysqlite2._sqlite.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000149504 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32file.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000136192 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32security.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000007680 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\hashobjs_ext.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000020992 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\thumbnails_ext.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000118784 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\usb_ext.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000047616 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_socket.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 002224640 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_ssl.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000014848 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\common.time34.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000023040 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32event.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000034304 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\windows.conditional.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000020480 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\windows.winwrap.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000110080 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\windows.volumes.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000223232 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32gui.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000173568 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_elementtree.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000169472 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\pyexpat.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000048128 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32inet.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000103424 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wx._html2.pyd
2019-04-05 16:22 - 2019-04-05 16:22 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wxmsw30u_webview_vc90_x64.dll
2019-04-05 16:21 - 2019-04-05 16:21 - 000046080 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_psutil_windows.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000011776 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32crypt.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000301568 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\PIL._imaging.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000032256 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_multiprocessing.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 005752320 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\cello.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000026112 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_yappi.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000044032 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32process.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000027648 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32pipe.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000010752 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\select.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000029696 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32pdh.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000038400 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\windows.connectivity.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000073216 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\windows.device_monitor.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000020480 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32profile.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000026624 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32ts.pyd
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Nos comentas .

Salu2.

#14

Hola, @SanMar

Sí pude hacer la restauración de Google Chrome siguiendo el enlace que me habías dicho, así como desinstalar los programas que me habías dicho.

Te dejo el reporte que me pediste:

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by User (06-04-2019 00:59:51) Run:1
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User & El Papu & adria & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001 ->
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-05-22] (IObit Information Technology -> IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-06-11] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-11] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-20] (Oracle America, Inc. -> Oracle Corporation)
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
S2 Hamachi2Svc; "C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe" -s [X]
Amazon 1Button App (HKLM-x32\...\{FF0A904E-8827-4F6E-9A59-900D4C997AD1}) (Version: 1.0.8 - Amazon) <==== ATTENTION
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 6.0.9.0 - Popcorn Time) <==== ATTENTION
Popcorn Time (HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\Popcorn Time) (Version:  - Popcorn Official) <==== ATTENTION
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
Task: {00EEF922-4535-43DB-8538-A13B74F88E0C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {1F6F6794-B496-47E5-9ADC-83E3D08F8B19} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {27E20858-9774-478D-B4E2-7D16D035A795} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {29ACDE10-D322-4F64-B6C5-B7671DFC36F8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {346A7B55-CDDC-4D08-82BE-F5DBE23C3926} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {78606FDF-7E5F-40BB-BCF8-44044342B819} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {83D562AE-6449-4C6B-A519-2249C7949B8A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {85197FCB-D2D0-4A36-9E3F-40B74BF16F68} - \WPD\SqmUpload_S-1-5-21-3847050211-4158280976-3266699917-1001 -> No File <==== ATTENTION
Task: {85BC0FBF-25BB-4F98-84D3-A5C7C523FBC2} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {AF936109-EEB7-4530-92E9-FCEA4BEC67BA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C806F0FA-61B7-451E-9BC3-2E0F9134A988} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {CF715786-B156-48C4-8DAB-8BF151EBC83D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EFE677A9-3C55-44C9-B967-C290564CCF30} - System32\Tasks\{4179FCE8-4302-4273-885E-1B81C28B0D14} => C:\WINDOWS\system32\pcalua.exe -a F:\alice.exe -d F:\
Task: {F142FA49-64F4-4FE6-AE08-A16B53BB7E33} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
2019-01-15 18:02 - 2019-01-15 18:02 - 000095744 _____ () [File not signed] C:\WINDOWS\Womtrust.dll
2018-02-16 12:58 - 2018-02-16 12:58 - 000598528 _____ () [File not signed] C:\ProgramData\MEGAsync\ShellExtX64.dll
2019-04-05 16:21 - 2019-04-05 16:21 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\python27.dll
2019-04-05 16:21 - 2019-04-05 16:21 - 000113664 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_ctypes.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000080896 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\bz2.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 001792512 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_hashlib.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000128512 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32api.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000137728 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\pywintypes27.dll
2019-04-05 16:21 - 2019-04-05 16:21 - 000548864 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\pythoncom27.dll
2019-04-05 16:21 - 2019-04-05 16:21 - 000689664 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\unicodedata.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000438784 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32com.shell.shell.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 001489408 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wx._core_.pyd
2019-04-05 16:22 - 2019-04-05 16:22 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wxbase30u_net_vc90_x64.dll
2019-04-05 16:22 - 2019-04-05 16:22 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wxmsw30u_core_vc90_x64.dll
2019-04-05 16:22 - 2019-04-05 16:22 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wxbase30u_vc90_x64.dll
2019-04-05 16:22 - 2019-04-05 16:22 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wxmsw30u_adv_vc90_x64.dll
2019-04-05 16:21 - 2019-04-05 16:21 - 001007104 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wx._gdi_.pyd
2019-04-05 16:21 - 2019-04-05 16:22 - 001039872 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wx._windows_.pyd
2019-04-05 16:22 - 2019-04-05 16:22 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wxmsw30u_html_vc90_x64.dll
2019-04-05 16:21 - 2019-04-05 16:21 - 001325056 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wx._controls_.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000916992 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wx._misc_.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 001084416 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\pysqlite2._sqlite.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000149504 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32file.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000136192 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32security.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000007680 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\hashobjs_ext.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000020992 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\thumbnails_ext.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000118784 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\usb_ext.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000047616 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_socket.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 002224640 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_ssl.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000014848 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\common.time34.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000023040 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32event.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000034304 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\windows.conditional.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000020480 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\windows.winwrap.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000110080 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\windows.volumes.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000223232 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32gui.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000173568 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_elementtree.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000169472 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\pyexpat.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000048128 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32inet.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000103424 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wx._html2.pyd
2019-04-05 16:22 - 2019-04-05 16:22 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\wxmsw30u_webview_vc90_x64.dll
2019-04-05 16:21 - 2019-04-05 16:21 - 000046080 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_psutil_windows.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000011776 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32crypt.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000301568 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\PIL._imaging.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000032256 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_multiprocessing.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 005752320 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\cello.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000026112 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\_yappi.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000044032 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32process.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000027648 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32pipe.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000010752 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\select.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000029696 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32pdh.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000038400 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\windows.connectivity.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000073216 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\windows.device_monitor.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000020480 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32profile.pyd
2019-04-05 16:21 - 2019-04-05 16:21 - 000026624 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI84922\win32ts.pyd
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
"HKU\SearchScopes: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001 ->\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SearchScopes: HKU\S-1-5-21-3847050211-4158280976-3266699917-1001 ->" => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} => removed successfully
HKLM\Software\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\Software\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully
HKLM\Software\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully
"HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-11] (Oracle America, Inc." => not found
C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll => moved successfully
"HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-11] (Oracle America, Inc." => not found
C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-20] (Oracle America, Inc." => not found
C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-20] (Oracle America, Inc." => not found
C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll => moved successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\khjilmcjipkeokomeekfnhkpbnhmgaje => removed successfully
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\SOFTWARE\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd => removed successfully
HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => removed successfully
HKLM\System\CurrentControlSet\Services\Hamachi2Svc => removed successfully
Hamachi2Svc => service removed successfully
Amazon 1Button App (HKLM-x32\...\{FF0A904E-8827-4F6E-9A59-900D4C997AD1}) (Version: 1.0.8 - Amazon) <==== ATTENTION => Error: No automatic fix found for this entry.
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 6.0.9.0 - Popcorn Time) <==== ATTENTION => Error: No automatic fix found for this entry.
Popcorn Time (HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\...\Popcorn Time) (Version:  - Popcorn Official) <==== ATTENTION => Error: No automatic fix found for this entry.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{00EEF922-4535-43DB-8538-A13B74F88E0C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00EEF922-4535-43DB-8538-A13B74F88E0C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F6F6794-B496-47E5-9ADC-83E3D08F8B19}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F6F6794-B496-47E5-9ADC-83E3D08F8B19}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{27E20858-9774-478D-B4E2-7D16D035A795}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27E20858-9774-478D-B4E2-7D16D035A795}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29ACDE10-D322-4F64-B6C5-B7671DFC36F8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29ACDE10-D322-4F64-B6C5-B7671DFC36F8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{346A7B55-CDDC-4D08-82BE-F5DBE23C3926}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{346A7B55-CDDC-4D08-82BE-F5DBE23C3926}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{78606FDF-7E5F-40BB-BCF8-44044342B819}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78606FDF-7E5F-40BB-BCF8-44044342B819}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{83D562AE-6449-4C6B-A519-2249C7949B8A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83D562AE-6449-4C6B-A519-2249C7949B8A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85197FCB-D2D0-4A36-9E3F-40B74BF16F68}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85197FCB-D2D0-4A36-9E3F-40B74BF16F68}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3847050211-4158280976-3266699917-1001" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85BC0FBF-25BB-4F98-84D3-A5C7C523FBC2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85BC0FBF-25BB-4F98-84D3-A5C7C523FBC2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF936109-EEB7-4530-92E9-FCEA4BEC67BA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF936109-EEB7-4530-92E9-FCEA4BEC67BA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C806F0FA-61B7-451E-9BC3-2E0F9134A988}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C806F0FA-61B7-451E-9BC3-2E0F9134A988}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CF715786-B156-48C4-8DAB-8BF151EBC83D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF715786-B156-48C4-8DAB-8BF151EBC83D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EFE677A9-3C55-44C9-B967-C290564CCF30}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EFE677A9-3C55-44C9-B967-C290564CCF30}" => removed successfully
C:\WINDOWS\System32\Tasks\{4179FCE8-4302-4273-885E-1B81C28B0D14} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4179FCE8-4302-4273-885E-1B81C28B0D14}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F142FA49-64F4-4FE6-AE08-A16B53BB7E33}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F142FA49-64F4-4FE6-AE08-A16B53BB7E33}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
C:\WINDOWS\Womtrust.dll => moved successfully
C:\ProgramData\MEGAsync\ShellExtX64.dll => moved successfully
"C:\Users\User\AppData\Local\Temp\_MEI84922\python27.dll" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\_ctypes.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\bz2.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\_hashlib.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\win32api.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\pywintypes27.dll" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\pythoncom27.dll" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\unicodedata.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\win32com.shell.shell.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\wx._core_.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\wxbase30u_net_vc90_x64.dll" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\wxmsw30u_core_vc90_x64.dll" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\wxbase30u_vc90_x64.dll" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\wxmsw30u_adv_vc90_x64.dll" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\wx._gdi_.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\wx._windows_.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\wxmsw30u_html_vc90_x64.dll" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\wx._controls_.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\wx._misc_.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\pysqlite2._sqlite.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\win32file.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\win32security.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\hashobjs_ext.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\thumbnails_ext.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\usb_ext.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\_socket.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\_ssl.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\common.time34.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\win32event.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\windows.conditional.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\windows.winwrap.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\windows.volumes.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\win32gui.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\_elementtree.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\pyexpat.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\win32inet.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\wx._html2.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\wxmsw30u_webview_vc90_x64.dll" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\_psutil_windows.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\win32crypt.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\PIL._imaging.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\_multiprocessing.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\cello.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\_yappi.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\win32process.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\win32pipe.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\select.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\win32pdh.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\windows.connectivity.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\windows.device_monitor.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\win32profile.pyd" => not found
"C:\Users\User\AppData\Local\Temp\_MEI84922\win32ts.pyd" => not found
"HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\CCleaner Monitoring" => removed successfully
"HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring" => not found

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en VPN - VPN Client mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
Error al renovar la interfaz Hamachi: no se puede establecer contacto con el
servidor DHCP. La solicitud super¢ el tiempo de espera.
Error al renovar la interfaz Ethernet 2: no se puede establecer contacto con el
servidor DHCP. La solicitud super¢ el tiempo de espera.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 16 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 17 mientras los medios
est‚n desconectados.

Adaptador desconocido VPN - VPN Client:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet Ethernet:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet Hamachi:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv6 . . . . . . . . . . : 2620:9b::195e:1f30
   V¡nculo: direcci¢n IPv6 local. . . : fe80::98e6:c96c:ccc4:3c%10
   Puerta de enlace predeterminada . . . . . : 2620:9b::1900:1
                                       25.0.0.1

Adaptador de Ethernet Ethernet 2:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv6 . . . . . . . . . . : 2620:9b::1944:1044
   V¡nculo: direcci¢n IPv6 local. . . : fe80::d5ae:ee8e:840a:3d39%5
   Puerta de enlace predeterminada . . . . . : 2620:9b::1900:1
                                       25.0.0.1

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 16:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 17:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Wi-Fi:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::6894:6a54:a411:d27f%22
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.100.10
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : fe80::1%22
                                       192.168.100.1

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to cancel {D5C23524-19A7-47F6-8977-B76B104F8FD7}.
0 out of 1 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3847050211-4158280976-3266699917-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34103145 B
Java, Flash, Steam htmlcache => 1080 B
Windows/system/drivers => 54558028 B
Edge => 9461004 B
Chrome => 26044586 B
Firefox => 18957468 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 9676 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 8820 B
NetworkService => 0 B
User => 232188286 B
El Papu => 63592686 B
adria => 37262731 B
DefaultAppPool => 0 B

RecycleBin => 77848322 B
EmptyTemp: => 535.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 01:06:56 ====
#15

Hola @Paracitbizkit

Perfecto.

Deberías comentarnos ahora como sigue el problema, que tal va tu navegador??

Salu2

#16

Por el momento ya no se me traba como antes, solamente tarda un poco en iniciar, pero fuera de eso todo bien. Ya no me traba la laptop a la hora de abrir Chrome. :slight_smile:

#17

Hola @Paracitbizkit

Realiza los pasos del tercer método de esta guía para chequear tu disco:

Como realizar una comprobación de disco?

Nos comentas.

Salu2

#18

Hola, @SanMar He puesto a hacer el CHKDSK con el método tres que me dijiste pero creo que se ha trabado porque lleva unas 3 hrs en 15%, y eso que no apreté nada, como lo indica la guía.

#19

Hola @Paracitbizkit

Ups que pena, detén el proceso prueba reiniciar.

Y luego prueba con:

Hard Disk Sentinel

  • Descarga Hard Disk Sentinel Professional Trial v5.01 (ZIP) de http://www.hdsentinel.com/download.php
  • Descomprime el zip a una carpeta o ubicación de fácil acceso (como por ejemplo el escritorio) y ejecútalo.
  • Adjunta en tu próxima respuesta una captura de pantalla, donde se aprecie la pantalla principal de este programa, es decir, abre el programa y captura la primera pantalla que te dé. No des clic en ninguna opción dentro de él.

Salu2

#20

Hola, @SanMar,

Esta es la captura de pantalla que me pediste:

¡Saludos! Y muchas gracias por la ayuda que me estás brindando. :slight_smile: