PC lento y fps muy bajos

Hola. Hace poco instalé un par de programas y me ponía desactivar el antivirus porque como son de una fuente desconocida me los detectaba como riskware o hacktool. Algo que no lo veo dañino a nivel de que guau afecte mis graficos. Pero ahora cada vez que ejecuto un juego me va pero lentisimo y hace poco le hicieron limpieza completa, es pc de escritorio.

Alguien me puede ayudar?

Hola @Exannger y Bienvenido al Foro.!!!

Eso es mucho asegurar.

Que tipo de limpieza te hicieron…??

Le cambiaron la fuente de poder por una nueva, le limpiaron el polvillo y le cambiaron la pasta termica. Más que nada limpieza completa de hardware pero la pc no presentaba ninguna falla de software ya que siempre lo mantengo optimo. Hasta hace poco ejecute eset nod32 y me quitó dos virus y el problema se pasó pero quiero estar seguro de que no tiene más virus con un escaneo completo desde el malwarebytes

Bien… pues para revisar tu maquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado.

Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar ) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :

• CCleaner + Manual.

• Malwarebytes’ Anti-Malware + Manual. revisa en detalle el manual, para que sepas usarlo y configurarlo correctamente.

• AdwCleaner + Manual.

• Junkware Removal Tool.

• Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. Como saber si Mi Windows es de 32 o 64 Bits ?.

Ejecutas las herramientas de una en una y en el orden indicado :

CCleaner.-

• Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

• Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

• Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

• Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

• Realiza un Análisis Personalizado.

• Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

• En el apartado del programa Historial de detecciones encontrarás el informe de MBAM, que debes copiar y pegar en tu próxima respuesta, para poder analizarlo.

AdwCleaner.-

• Ejecuta Adwcleaner.exe.

• Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

• Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

• El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

• El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

• Ejecuta JRT.exe.

• Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

• Si en algún momento te pide Reiniciar hazlo.

• Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

• Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

• Ejecuta FRST.exe.

• En el mensaje de la ventana del Disclaimer, pulsamos Yes

• En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

• Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Poner los informes en tu próxima respuesta de :

• Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado.

Saludos.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 23/12/19
Hora del análisis: 11:08
Archivo de registro: a9e3ea52-258d-11ea-8765-d8cb8a19b29e.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.785
Versión del paquete de actualización: 1.0.16629
Licencia: Gratis

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: EMANUEL-PC\Emanuel

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 790016
Amenazas detectadas: 20
Amenazas en cuarentena: 16
Tiempo transcurrido: 5 hr, 14 min, 43 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 20
HackTool.FilePatch, C:\$RECYCLE.BIN\S-1-5-21-485721870-1593872569-1429902795-1000\$R5QEY0H.5\ASHAMPOO.ASH_INET2.V3.0.X.(32-BIT)-PATCH.EXE, En cuarentena, 7596, 281135, 1.0.16629, 37AC2BB4BAF3CFF893ADA4BB, dds, 00513375
HackTool.FilePatch, C:\$RECYCLE.BIN\S-1-5-21-485721870-1593872569-1429902795-1000\$R5QEY0H.5\ASH.WINOPTIMIZER.17.00.24.RAR, En cuarentena, 7596, 281135, 1.0.16629, 37AC2BB4BAF3CFF893ADA4BB, dds, 00513375
HackTool.FilePatch, C:\$RECYCLE.BIN\S-1-5-21-485721870-1593872569-1429902795-1000\$R5QEY0H.5\ASHAMPOO.ASH_INET2.V3.0.X.(32-BIT)-PATCH.RAR, En cuarentena, 7596, 281135, 1.0.16629, 37AC2BB4BAF3CFF893ADA4BB, dds, 00513375
PUP.Optional.DriverAgentPlus, C:\ADWCLEANER\QUARANTINE\V1\20180808.184003\9\DRIVERAGENTPLUS\DRIVERAGENTPLUSHELPER\DRIVERAGENTPLUSHELPER.EXE#3EDC85009C94AF4C, En cuarentena, 1074, 345540, 1.0.16629, , ame, 
HackTool.FilePatch, C:\PROGRAM FILES\SONY\VEGAS PRO 13.0\VEGAS.PRO.13.0.(64-BIT)-PATCH.EXE, Error durante la eliminación, 7596, 281135, 1.0.16629, , ame, 
Generic.Malware/Suspicious, C:\PROGRAM FILES\TECHSMITH\CAMTASIA 9\ACTIVADOR CAMTASIA 9 ACTIVADOR.EXE, En cuarentena, 0, 392686, 1.0.16629, , shuriken, 
HackTool.FilePatch, C:\PROGRAM FILES\TECHSMITH\CAMTASIA 9\PARCHE CAMTASIA 9.EXE, En cuarentena, 7596, 281135, 1.0.16629, , ame, 
RiskWare.GameHack, C:\PROGRAM FILES (X86)\2K GAMES\BORDERLANDS THE PRE-SEQUEL\BINARIES\WIN32\STEAM_API.DLL, Error durante la eliminación, 7426, 305544, 1.0.16629, , ame, 
HackTool.FilePatch, C:\PROGRAM FILES (X86)\ASHAMPOO\ASHAMPOO WINOPTIMIZER 16\ASHAMPOO.ASH_INET2.V3.0.X.(32-BIT)-PATCH.EXE, En cuarentena, 7596, 281135, 1.0.16629, 37AC2BB4BAF3CFF893ADA4BB, dds, 00513375
RiskWare.GameHack, C:\PROGRAM FILES (X86)\BETHESDA SOFTWORKS\FALLOUT 4\STEAM_API64.DLL, Error durante la eliminación, 7426, 305544, 1.0.16629, CAA52BAFD31AB4FC2E6BA4FA, dds, 00513375
CrackTool.Agent.Steam, C:\PROGRAM FILES (X86)\BETHESDA SOFTWORKS\THE ELDER SCROLLS V SKYRIM - LEGENDARY EDITION\STEAM_API.DLL, Error durante la eliminación, 8181, 352888, 1.0.16629, , ame, 
MachineLearning/Anomalous.96%, C:\PROGRAM FILES (X86)\IMAGE-LINE\FL STUDIO 20\FL (SCALED).EXE, En cuarentena, 0, 392687, 1.0.16629, , shuriken, 
MachineLearning/Anomalous.96%, C:\PROGRAM FILES (X86)\IMAGE-LINE\FL STUDIO 20\FL.EXE, En cuarentena, 0, 392687, 1.0.16629, , shuriken, 
PUP.Optional.BundleInstaller, C:\USERS\EMANUEL\DESKTOP\SOFTWARE\UTORRENT.EXE, En cuarentena, 493, 774106, 1.0.16629, , ame, 
Generic.Malware/Suspicious, C:\USERS\EMANUEL\DESKTOP\DESKTOP\GTA SA HD\1\178019-GTA-V-PALM-TREES-V.1-GTASA.ZIP, En cuarentena, 0, 392686, 1.0.16629, , shuriken, 
Generic.Malware/Suspicious, C:\USERS\EMANUEL\DOCUMENTS\ZCLIENT\ZCLIENT.EXE, En cuarentena, 0, 392686, 1.0.16629, , shuriken, 
RiskWare.GameTool, C:\USERS\EMANUEL\DOCUMENTS\ZCLIENT\ZCLIENT.EXE.EXE, En cuarentena, 7497, 711331, 1.0.16629, 000000000000000000000003, dds, 00513375
Generic.Malware/Suspicious, C:\USERS\EMANUEL\DOWNLOADS\DLL FILEX FIXER\DLL FILES FIXER FULL EN ESPAñOL + CRACK 2018 (DIONAX98)\DLL FILES FIXER (INSTALADOR).EXE, En cuarentena, 0, 392686, 1.0.16629, , shuriken, 
Generic.Malware/Suspicious, C:\USERS\EMANUEL\DOWNLOADS\DLL FILEX FIXER\DLL FILES FIXER FULL EN ESPAñOL.RAR, En cuarentena, 0, 392686, 1.0.16629, , shuriken, 
RiskWare.DontStealOurSoftware, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Sustituido, 5288, 353143, 1.0.16629, , ame, 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build:    12-17-2019
# Database: 2019-12-17.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    12-21-2019
# Duration: 00:00:04
# OS:       Windows 7 Professional
# Cleaned:  1
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\Software\Wow6432Node\systweak

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2385 octets] - [08/08/2018 18:39:03]
AdwCleaner[C00].txt - [2351 octets] - [08/08/2018 18:40:07]
AdwCleaner[S01].txt - [1371 octets] - [18/08/2018 05:02:54]
AdwCleaner[S02].txt - [1432 octets] - [25/08/2018 15:33:56]
AdwCleaner[S03].txt - [1574 octets] - [27/03/2019 13:37:57]
AdwCleaner[S04].txt - [2110 octets] - [20/05/2019 03:40:42]
AdwCleaner[C04].txt - [2184 octets] - [20/05/2019 03:41:43]
AdwCleaner[S05].txt - [1660 octets] - [21/05/2019 06:59:50]
AdwCleaner_Debug.log - [65005 octets] - [14/11/2019 22:19:58]
AdwCleaner[S06].txt - [2140 octets] - [14/11/2019 22:21:05]
AdwCleaner[C06].txt - [2253 octets] - [14/11/2019 22:22:37]
AdwCleaner[S07].txt - [2006 octets] - [14/11/2019 22:25:09]
AdwCleaner[S08].txt - [2097 octets] - [21/12/2019 02:23:13]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C08].txt ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Professional x64 
Ran by Emanuel (Administrator) on 23/12/2019 at 18:04:17,58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 43 

Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\Emanuel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\dll-files fixer.lnk (Shortcut) 
Successfully deleted: C:\Users\Emanuel\AppData\Roaming\Mozilla\Firefox\Profiles\85v6gqte.default\extensions\staged (Folder) 
Successfully deleted: C:\Users\Emanuel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Emanuel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0YXHDC5O (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Emanuel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\20M429B6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Emanuel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2BDY691L (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Emanuel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4A5NWYS7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Emanuel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Emanuel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AOQ3FLSG (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Emanuel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AWP34FCK (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Emanuel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CNUT4QQW (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Emanuel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CZFG3ALA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Emanuel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Emanuel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ITJAU3U1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Emanuel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Emanuel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M5JTJSRF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Emanuel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O24Y42X8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Emanuel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R7XGQNUV (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Emanuel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RVJ8O2HQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Emanuel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S250L94T (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Emanuel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T3AQ7R8S (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Emanuel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TCTRST63 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0YXHDC5O (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\20M429B6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2BDY691L (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4A5NWYS7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AOQ3FLSG (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AWP34FCK (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CNUT4QQW (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CZFG3ALA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ITJAU3U1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M5JTJSRF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O24Y42X8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R7XGQNUV (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RVJ8O2HQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S250L94T (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T3AQ7R8S (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TCTRST63 (Temporary Internet Files Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23/12/2019 at 18:09:10,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-12-2019
Ran by Emanuel (administrator) on EMANUEL-PC (MSI MS-7788) (23-12-2019 18:12:22)
Running from C:\Users\Emanuel\Desktop
Loaded Profiles: Emanuel (Available Profiles: Emanuel)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Kristjan Skutta -> ) C:\Program Files (x86)\[Wallpaper Engine] [v1.1.42]\bin\wallpaperservice32_c.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Mixbyte Inc -> Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera_crashreporter.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9268672 2018-07-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [183088 2019-12-13] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [601784 2019-11-01] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\Run: [WorkShelf] => C:\Program Files (x86)\Winstep\workshelf.exe [15170688 2018-08-29] (Winstep Software Technologies) [File not signed]
HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\MountPoints2: {0695e57b-70fc-11e8-86ec-d8cb8a19b29e} - E:\setup.exe
HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\MountPoints2: {38a4940f-c11e-11e9-b46d-d8cb8a19b29e} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\MountPoints2: {afb6fb09-f744-11e9-9008-d8cb8a19b29e} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-485721870-1593872569-1429902795-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-19] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0552E3BD-DB38-4F18-881D-1557062AA5BF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27290216 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {0B66D856-33DD-47B8-8E45-22C7321B2CDB} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {103524C4-1A33-4135-84DE-8619C88A040C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2177176 2019-10-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {147D18B4-9572-43D3-9663-4FD95BBB3D79} - System32\Tasks\{03CA1770-DA00-43EB-A781-FB0FEB955E1A} => C:\Windows\system32\pcalua.exe -a C:\Users\Emanuel\AppData\Local\Temp\scoped_dir1212_216542030\vcredist_x64.exe -d C:\Users\Emanuel\AppData\Local\Temp\scoped_dir1212_216542030 <==== ATTENTION
Task: {15132667-3DAC-4B8D-B95B-A7CCA0F64C1E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6311064 2019-10-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A6FE589-431F-4AC1-BE3B-C5B55575C027} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {25827E8C-E7B0-4C67-A634-6ABF67AB0F61} - System32\Tasks\{9C17F771-A29E-4966-A1A8-D1A40AD623B3} => C:\Users\Emanuel\Documents\Rockstar Games\Grand Theft Auto San Andreas\gta_sa.exe [14383616 2012-03-25] () [File not signed]
Task: {2BC62AC5-C630-424C-A0E0-B6C63CA5CB1B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-12] (Adobe Inc. -> Adobe)
Task: {2DBB0326-4700-45C3-B001-3DC731E6DC7E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2177176 2019-10-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {2DE1A1BC-A086-4ED0-9187-77CAEDA3BED2} - System32\Tasks\Games\UpdateCheck_S-1-5-21-485721870-1593872569-1429902795-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2015-12-09] (Microsoft Windows -> Microsoft Corporation)
Task: {2EC03BD5-2862-471D-B4F8-018F9EBDF9A9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6311064 2019-10-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {2F443FA8-3B73-4A4C-8984-16593C55225A} - System32\Tasks\Despertador1 => C:\Users\Emanuel\Music\alarm_beep_3.mp3
Task: {2FECF63A-E4AE-413A-B899-119A6FC38740} - System32\Tasks\{C7ADD7C0-2BCD-407B-BD7E-74DC1901D11E} => C:\Users\Emanuel\Documents\Rockstar Games\Grand Theft Auto San Andreas\gta_sa.exe [14383616 2012-03-25] () [File not signed]
Task: {343D8250-4F0F-489D-B52D-0C32EE1D259F} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [5046784 2019-09-13] () [File not signed]
Task: {34900469-F8E2-4B10-B556-3CFC4CFDA8AB} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3870D836-2ECC-49D7-BA08-D5685E94F98E} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_pepper.exe [1453112 2019-12-12] (Adobe Inc. -> Adobe)
Task: {3AE82B4E-FA9D-4850-B85F-64DEA0E99FB5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [163288 2019-10-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {536E302E-7A95-4568-9F42-916FA4E644C1} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {64C67832-17A2-45F2-A2BD-7B182856218B} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648 2019-03-22] () [File not signed]
Task: {65F1D5C0-41E6-4651-93B5-C683BFA133E8} - System32\Tasks\Alarma => C:\Users\Emanuel\Music\alarm_beep_3.mp3
Task: {69DF9FD7-C17F-42D1-8DB9-E80FCD523FD5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6CA414C1-8139-40E8-994F-9AB1ACE9D95B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6FB3E065-C587-4065-8D58-67395009C31B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654456 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {71BFD1F5-C352-4CA9-B217-650B763DDC07} - System32\Tasks\Despertador7 => C:\Users\Emanuel\Music\alarm_beep_3.mp3
Task: {72C6683B-DB70-4921-B424-F4F38876DAD9} - System32\Tasks\{229B0F93-391A-44B2-B258-A94FB75B009A} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}\Sims3EP11Setup.exe" -c -runfromtemp -l0x000a -removeonly
Task: {83CBB57A-8DCF-4452-ABF9-986581D4AD35} - System32\Tasks\despertador 4 => C:\Users\Emanuel\Music\alarm_beep_3.mp3
Task: {8E275C81-FA39-4AEE-B96C-1836CA470144} - System32\Tasks\{E5D0B8A5-DB06-47D4-97E2-45A1A001B1F0} => C:\Users\Emanuel\Documents\Rockstar Games\Grand Theft Auto San Andreas\gta_sa.exe [14383616 2012-03-25] () [File not signed]
Task: {8E825C24-F260-46F5-866D-E73A955E3A6B} - System32\Tasks\Opera scheduled Autoupdate 1529089473 => C:\Program Files\Opera\launcher.exe [1528344 2019-12-19] (Opera Software AS -> Opera Software)
Task: {8EA1B930-1E60-427B-9B3F-EC69512ADF3C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {A2D9F6B1-3A1D-4AEB-A887-A99E9A5E4E3B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-08] (Google Inc -> Google Inc.)
Task: {A4CB88C9-87E6-413C-A6C0-64D811162873} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_Plugin.exe [1457720 2019-12-12] (Adobe Inc. -> Adobe)
Task: {A4D8AD87-D8B6-4CAB-A101-05DC2A4B0094} - System32\Tasks\{D6C9A9C1-7CF6-4B00-9DC6-2E777CD5BCF6} => C:\Users\Emanuel\Documents\Rockstar Games\Grand Theft Auto San Andreas\gta_sa.exe [14383616 2012-03-25] () [File not signed]
Task: {A652167F-B900-415D-AB92-55C1CB1AA253} - System32\Tasks\Despertador 5 => C:\Users\Emanuel\Music\alarm_beep_3.mp3
Task: {B510D8EB-3AFE-4319-B163-4D51AE18F795} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-08] (Google Inc -> Google Inc.)
Task: {BC0D3063-BD34-4EAE-B064-EF73EE7F61E3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301928 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BC61BA0B-6AEA-495E-BD0A-29666072DA1E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe
Task: {CA578529-35A3-4BB8-B25D-354FDE3B05E8} - System32\Tasks\Despertador3 => C:\Users\Emanuel\Music\alarm_beep_3.mp3
Task: {CC0F6AA9-D5C5-4DA6-AC57-EB72B08902A1} - System32\Tasks\{424FA1A3-C7B8-4A53-8B9D-1CD4C7A81EA7} => C:\Windows\system32\pcalua.exe -a C:\Users\Emanuel\AppData\Local\Temp\scoped_dir1380_15816\RazerSynapseInstaller_V1.0.76.103.exe -d C:\Users\Emanuel\AppData\Local\Temp\scoped_dir1380_15816 <==== ATTENTION
Task: {D217B1AB-74C9-44BA-93A4-A380339147DC} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DAD6724F-B007-4C4A-99AA-2361318D7C4C} - System32\Tasks\Alarma2 => C:\Users\Emanuel\Music\alarm_beep_3.mp3
Task: {DAE0D1F1-4534-4F34-BE77-33B9FC8D374D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DFF17DA6-29E4-4D2E-A5FD-B34B68AB5244} - System32\Tasks\{98777640-8641-456D-AE7A-FE0054CB8719} => C:\Users\Emanuel\Documents\Rockstar Games\Grand Theft Auto San Andreas\gta_sa.exe [14383616 2012-03-25] () [File not signed]
Task: {E053245B-930B-4830-83C5-3C7010609BF9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [163288 2019-10-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {E3BBD7AB-6235-4C0D-91B4-43C0AE59953B} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {EAC6ECC0-5A45-481B-A4B3-1DB0902D7A7D} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EFC4A637-F51B-455C-8B4D-70B8F64A765D} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {F1392450-7C09-499F-B4BA-FFAEF2953180} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27290216 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {F5B5B0A3-54E3-48EF-BEC1-CD2AC3B7C183} - System32\Tasks\Despertador => C:\Users\Emanuel\Music\alarm_beep_3.mp3

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 190.54.120.23 190.54.110.23
Tcpip\..\Interfaces\{601A4D6E-6127-43B4-8D07-BC4591F97F0C}: [DhcpNameServer] 190.54.120.23 190.54.110.23

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-10-07] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2019-10-07] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2019-10-07] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.2\bin\jp2ssv.dll [2018-08-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-10-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2019-10-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2019-10-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-10-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-10-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-10-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-10-07] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 85v6gqte.default
FF ProfilePath: C:\Users\Emanuel\AppData\Roaming\Mozilla\Firefox\Profiles\85v6gqte.default [2019-12-23]
FF Extension: (uBlock Origin) - C:\Users\Emanuel\AppData\Roaming\Mozilla\Firefox\Profiles\85v6gqte.default\Extensions\[email protected] [2019-11-14]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_303.dll [2019-12-12] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\dtplugin\npDeployJava1.dll [2018-08-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\plugin2\npjp2.dll [2018-08-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-10-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_303.dll [2019-12-12] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-10-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-10-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2019-12-23]

Chrome: 
=======
CHR Profile: C:\Users\Emanuel\AppData\Local\Google\Chrome\User Data\Default [2019-12-23]
CHR Extension: (Presentaciones) - C:\Users\Emanuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-13]
CHR Extension: (Documentos) - C:\Users\Emanuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-13]
CHR Extension: (Google Drive) - C:\Users\Emanuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-09-13]
CHR Extension: (YouTube) - C:\Users\Emanuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-13]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Emanuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-11-07]
CHR Extension: (Share on Rabbit) - C:\Users\Emanuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dplabnbcafdgpcjmibgkekpaejlfhnkl [2019-09-13]
CHR Extension: (Hojas de cálculo) - C:\Users\Emanuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-13]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Emanuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-09-13]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Emanuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-13]
CHR Extension: (Gmail) - C:\Users\Emanuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-13]
CHR Extension: (Chrome Media Router) - C:\Users\Emanuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-07]

Opera: 
=======
OPR Notifications: hxxps://web.skype.com
OPR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\Emanuel\AppData\Roaming\Opera Software\Opera Stable\Extensions\ekmmelpnmfdegjhnmadddcfjcahpajnm [2019-10-25]
OPR Extension: (MyJDownloader Browser Extension) - C:\Users\Emanuel\AppData\Roaming\Opera Software\Opera Stable\Extensions\fbclnkmbcmdfamfeaagadifibbongnmf [2019-09-13]
OPR Extension: (uBlock Origin) - C:\Users\Emanuel\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2019-11-20]
OPR Extension: (Google Translate) - C:\Users\Emanuel\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2019-12-09]
OPR Extension: (Tampermonkey) - C:\Users\Emanuel\AppData\Roaming\Opera Software\Opera Stable\Extensions\mfdhdgbonjidekjkjmjaneanmdmpmidf [2019-12-09]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-01-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7206312 2018-07-28] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11634696 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\DfsdkS.exe [406016 2018-07-20] (mst software GmbH, Germany) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-13] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-13] (ESET, spol. s r.o. -> ESET)
S3 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [73088 2019-01-31] (Mixbyte Inc -> Freemake)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [15744 2019-01-31] (Mixbyte Inc -> Ellora Assets Corp.)
S4 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-08-18] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-12-22] (Malwarebytes Inc -> Malwarebytes)
S4 MEmuSVC; C:\Program Files\Microvirt\MEmu\MemuService.exe [85304 2019-07-02] (Shanghai Microvirt Software Technology Co., Ltd. -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [447080 2019-07-24] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [943240 2019-07-24] (Razer USA Ltd. -> Razer Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12097024 2019-11-06] (TeamViewer GmbH -> TeamViewer Germany GmbH)
R2 Wallpaper Engine Service; C:\Program Files (x86)\[Wallpaper Engine] [v1.1.42]\bin\wallpaperservice32_c.exe [354808 2018-12-12] (Kristjan Skutta -> )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-12-09] (Microsoft Windows -> Microsoft Corporation)
R2 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService.exe [775680 2018-06-06] (Winstep Software Technologies) [File not signed]
S4 WO_LiveService2; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\LiveTunerService.exe [308128 2018-07-26] (Ashampoo GmbH & Co. KG -> )
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.242\WsAppService.exe [495720 2018-08-29] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
S2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [313112 2019-09-16] (Bluestack Systems, Inc. -> Bluestack System Inc. )
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2018-06-15] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149944 2019-10-31] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [103264 2019-10-31] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [189512 2019-10-31] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [116696 2019-12-13] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2019-08-18] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-07-31] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2019-08-18] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2018-07-31] (Intel CASE -> )
R2 LiveTuner2PM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\LiveTuner64.sys [14320 2018-07-20] (Ashampoo GmbH & Co. KG -> )
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [278344 2019-12-23] (Malwarebytes Inc -> Malwarebytes)
R1 MEmuDrv; C:\Windows\System32\DRIVERS\MEmuDrv.sys [309904 2019-09-21] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [43008 2018-04-06] (Intel Corporation -> )
R1 TTDrv; C:\KOPLAYER\vbox\TTDrv.sys [298280 2017-04-05] (Fuzhou kaopu Network Co.,Ltd -> Oracle Corporation)
S3 VOICEMOD_Driver; C:\Windows\System32\drivers\vmdrv.sys [27648 2018-11-22] (Windows (R) Win 7 DDK provider) [File not signed]
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2019-09-11] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-23 18:12 - 2019-12-23 18:13 - 000034950 _____ C:\Users\Emanuel\Desktop\FRST.txt
2019-12-23 18:11 - 2019-12-23 18:13 - 000000000 ____D C:\FRST
2019-12-23 18:11 - 2019-12-23 18:11 - 002260480 _____ (Farbar) C:\Users\Emanuel\Desktop\FRST64.exe
2019-12-23 18:09 - 2019-12-23 18:09 - 000007472 _____ C:\Users\Emanuel\Desktop\JRT.txt
2019-12-23 18:03 - 2019-12-23 18:03 - 001790024 _____ (Malwarebytes) C:\Users\Emanuel\Downloads\JRT.exe
2019-12-23 18:00 - 2019-12-23 18:00 - 000016048 _____ C:\Users\Emanuel\Documents\cc_20191223_180026.reg
2019-12-23 17:42 - 2019-12-23 17:42 - 000000422 _____ C:\Users\Emanuel\Downloads\License CCleaner PRO 5.63.rar
2019-12-23 17:42 - 2019-10-15 11:52 - 000000686 _____ C:\Users\Emanuel\Downloads\License CCleaner PRO 5.63.txt
2019-12-23 17:40 - 2019-12-23 17:45 - 000000000 ____D C:\Program Files\CCleaner
2019-12-23 17:40 - 2019-12-23 17:40 - 024578944 _____ (Piriform Software Ltd) C:\Users\Emanuel\Desktop\ccsetup563.exe
2019-12-23 17:40 - 2019-12-23 17:40 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-12-23 17:40 - 2019-12-23 17:40 - 000002816 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2019-12-23 17:40 - 2019-12-23 17:40 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-23 17:40 - 2019-12-23 17:40 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2019-12-23 17:40 - 2019-12-23 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-12-23 17:20 - 2019-12-23 17:21 - 000005077 _____ C:\Users\Emanuel\Desktop\malware.txt
2019-12-23 11:12 - 2019-12-23 11:12 - 000005251 _____ C:\Users\Emanuel\Desktop\informe.txt
2019-12-23 11:04 - 2019-12-23 11:04 - 000278344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-12-22 23:40 - 2019-12-22 23:40 - 000000000 ____D C:\Users\Emanuel\AppData\Local\mbam
2019-12-22 23:34 - 2019-12-22 23:34 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-12-22 23:34 - 2019-12-22 23:34 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-12-22 23:34 - 2019-12-22 23:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-12-22 23:33 - 2019-12-22 23:33 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-12-22 23:30 - 2019-12-22 23:30 - 000000000 ____D C:\Program Files\Malwarebytes
2019-12-21 21:27 - 2019-12-21 21:38 - 1664299827 _____ C:\Users\Emanuel\Downloads\LP127PL.part2.rar
2019-12-21 21:24 - 2019-12-21 21:27 - 501085612 _____ C:\Users\Emanuel\Downloads\LP127PL.part3.rar
2019-12-21 21:09 - 2019-12-21 21:20 - 1664299827 _____ C:\Users\Emanuel\Downloads\LP127PL.part1.rar
2019-12-21 21:05 - 2019-12-22 00:47 - 000000000 ____D C:\Users\Emanuel\Downloads\LP127PL
2019-12-21 12:39 - 2019-12-21 12:39 - 000003036 _____ C:\Windows\system32\Tasks\{D6C9A9C1-7CF6-4B00-9DC6-2E777CD5BCF6}
2019-12-21 12:38 - 2019-12-21 12:38 - 000003036 _____ C:\Windows\system32\Tasks\{98777640-8641-456D-AE7A-FE0054CB8719}
2019-12-21 12:37 - 2019-12-21 12:37 - 000003036 _____ C:\Windows\system32\Tasks\{E5D0B8A5-DB06-47D4-97E2-45A1A001B1F0}
2019-12-21 12:37 - 2019-12-21 12:37 - 000003036 _____ C:\Windows\system32\Tasks\{C7ADD7C0-2BCD-407B-BD7E-74DC1901D11E}
2019-12-21 12:37 - 2019-12-21 12:37 - 000003036 _____ C:\Windows\system32\Tasks\{9C17F771-A29E-4966-A1A8-D1A40AD623B3}
2019-12-21 02:22 - 2019-12-21 02:22 - 008237744 ____N (Malwarebytes) C:\Users\Emanuel\Desktop\adwcleaner_8.0.1.exe
2019-12-20 21:23 - 2019-12-20 21:23 - 000084236 _____ C:\Users\Emanuel\Downloads\blizzard.regular.ttf
2019-12-20 21:13 - 2019-12-20 21:13 - 000050177 _____ C:\Users\Emanuel\Downloads\blizzard.regular.woff
2019-12-20 21:13 - 2019-12-20 21:13 - 000022512 _____ C:\Users\Emanuel\Downloads\config-bold-webfont.woff2
2019-12-20 21:13 - 2019-12-20 21:13 - 000021532 _____ C:\Users\Emanuel\Downloads\config-regular-webfont.woff
2019-12-20 21:13 - 2019-12-20 21:13 - 000014380 _____ C:\Users\Emanuel\Downloads\open-sans.woff
2019-12-20 21:11 - 2019-12-20 21:11 - 000071556 _____ C:\Users\Emanuel\Downloads\big-noodle-too-oblique.ttf
2019-12-20 21:10 - 2019-12-20 21:10 - 000023824 _____ C:\Users\Emanuel\Downloads\big-noodle-too-oblique.woff
2019-12-20 05:34 - 2019-12-20 05:34 - 000000277 _____ C:\Users\Emanuel\Downloads\SimSync sample file (1).srt
2019-12-20 05:32 - 2019-12-20 05:32 - 000000277 _____ C:\Users\Emanuel\Downloads\SimSync sample file.srt
2019-12-20 03:23 - 2019-12-20 03:23 - 069862749 _____ C:\Users\Emanuel\Downloads\Tokyo Bon 東京盆踊り2020 (MakuDonarudo) Namewee 黃明志 ft.Cool Japan TV @亞洲通吃2018專輯 All Eat Asia (1080p_25fps_AV1-128kbit_AAC).mp4
2019-12-20 01:35 - 2019-12-20 01:36 - 043720037 _____ C:\Users\Emanuel\Downloads\final_5dfc4bee3aeaea001347c612_72792.mp4
2019-12-20 01:18 - 2019-12-20 01:18 - 000004157 _____ C:\Users\Emanuel\Downloads\SimSync spanish subtitle.srt
2019-12-19 22:54 - 2019-12-19 22:54 - 000002912 _____ C:\Users\Emanuel\Downloads\SimSync Uncut Gameplay _ Free Sims 4 Multiplayer Mod - English (auto-generated).txt
2019-12-19 22:05 - 2019-12-19 22:10 - 000000000 ____D C:\Users\Emanuel\Downloads\SimSync Uncut Gameplay _ Free Sims 4 Multiplayer Mod
2019-12-19 22:03 - 2019-12-19 22:03 - 000008234 _____ C:\Users\Emanuel\Downloads\SimSync Uncut Gameplay _ Free Sims 4 Multiplayer Mod - English (auto-generated).srt
2019-12-19 21:17 - 2019-12-19 21:17 - 000000616 _____ C:\Users\Emanuel\Documents\digimon.xspf
2019-12-19 19:04 - 2019-12-19 19:04 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\Google.Apis.Auth
2019-12-19 18:07 - 2019-12-19 18:07 - 000313366 _____ C:\Users\Emanuel\Downloads\WindowsUpdate.diagcab
2019-12-19 16:13 - 2019-12-19 16:16 - 000000000 ____D C:\Users\Emanuel\AppData\Local\Microsoft Games
2019-12-19 16:02 - 2019-12-19 16:02 - 000000000 ____D C:\Users\Emanuel\AppData\Local\Ashampoo PDF
2019-12-19 05:45 - 2015-07-16 13:35 - 000929792 _____ (ActMask hxxp://www.all2pdf.com) C:\Windows\SysWOW64\SaveTo.dll
2019-12-19 05:45 - 2013-12-07 21:25 - 004454128 _____ (DynaForms GmbH) C:\Windows\SysWOW64\CPDF4.dll
2019-12-19 05:45 - 2008-01-19 07:36 - 001391616 _____ C:\Windows\SysWOW64\ActPDF.dll
2019-12-19 05:44 - 2019-12-19 05:45 - 000000000 ____D C:\ActMask
2019-12-19 05:44 - 2019-12-19 05:44 - 000000000 ____D C:\ProgramData\Temp
2019-12-19 05:44 - 2019-03-21 14:33 - 000595080 ____R (ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\system32\PrintDisp.exe
2019-12-19 05:44 - 2018-08-28 02:54 - 004583424 _____ (Microsoft Corporation) C:\Windows\system32\wordpad.exe
2019-12-19 05:44 - 2017-03-25 10:01 - 000411272 _____ (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\SysWOW64\SetPrinter.exe
2019-12-19 05:44 - 2017-03-25 10:01 - 000411272 _____ (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\system32\SetPrinter.exe
2019-12-19 05:44 - 2015-10-01 06:46 - 000130184 ____R (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\system32\PrintCtrl.exe
2019-12-19 05:44 - 2014-04-16 18:21 - 000036488 _____ (ActMask Co., Ltd - hxxp:\\WWW.ALL2PDF.COM) C:\Windows\system32\SaveToEx30.dll
2019-12-19 05:44 - 2013-11-03 19:18 - 001181152 _____ (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\system32\PrtClient.exe
2019-12-19 05:44 - 2013-11-03 19:00 - 000532448 _____ (ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\system32\PrtPass.exe
2019-12-19 05:44 - 2001-09-06 03:00 - 001700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2019-12-19 03:04 - 2019-12-19 03:04 - 000000000 ____D C:\Users\Emanuel\Documents\TNod-1.7.0-Beta-Portable
2019-12-19 03:03 - 2019-12-19 03:03 - 001683009 _____ C:\Users\Emanuel\Documents\TNod-1.7.0-Beta-Portable.rar
2019-12-19 02:17 - 2019-12-19 02:17 - 000000000 ____D C:\Users\Emanuel\AppData\Local\UnrealEngineLauncher
2019-12-19 02:16 - 2019-12-19 02:16 - 000000000 ____D C:\Users\Emanuel\AppData\Local\EpicGamesLauncher
2019-12-19 02:15 - 2019-12-19 02:15 - 000001264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2019-12-19 02:15 - 2019-12-19 02:15 - 000001252 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2019-12-19 02:15 - 2019-12-19 02:15 - 000001252 _____ C:\ProgramData\Desktop\Epic Games Launcher.lnk
2019-12-19 02:15 - 2019-12-19 02:15 - 000000000 ____D C:\Program Files (x86)\Epic Games
2019-12-17 23:34 - 2019-12-17 23:34 - 012731125 _____ C:\Users\Emanuel\Downloads\doki.mp4
2019-12-17 23:18 - 2019-12-17 23:18 - 000002665 _____ C:\Users\Emanuel\Downloads\doki eng sub_tmp_0759.srt
2019-12-17 23:07 - 2019-12-17 23:07 - 000003989 _____ C:\Users\Emanuel\Documents\doki eng sub.ass
2019-12-17 23:06 - 2019-12-17 23:06 - 000004047 _____ C:\Users\Emanuel\Documents\doki eng sub_tmp_0759.ass
2019-12-17 21:53 - 2019-12-17 21:55 - 067886281 _____ C:\Users\Emanuel\Documents\doki infancia.wmv
2019-12-17 17:52 - 2019-12-20 21:35 - 000123744 _____ C:\Users\Emanuel\AppData\Local\GDIPFONTCACHEV1.DAT
2019-12-17 17:50 - 2019-12-21 01:50 - 000517696 _____ C:\Windows\system32\FNTCACHE.DAT
2019-12-17 16:27 - 2019-12-17 16:27 - 000008800 _____ C:\Users\Emanuel\Documents\cc_20191217_162700.reg
2019-12-17 16:03 - 2019-05-20 19:52 - 000000000 ____D C:\Users\Emanuel\Downloads\dll filex fixer
2019-12-17 15:42 - 2019-12-17 21:24 - 000000000 ____D C:\Users\Emanuel\Downloads\Digimon Adventure 37
2019-12-17 14:11 - 2019-12-17 14:13 - 047845715 _____ C:\Users\Emanuel\Documents\Overwatch Crash.wmv
2019-12-17 13:52 - 2019-12-17 13:57 - 000047616 _____ C:\Users\Emanuel\Downloads\VID_20191217_042300.mp4.sfk
2019-12-17 13:49 - 2019-12-17 13:52 - 000066048 _____ C:\Users\Emanuel\Downloads\VID_20191214_050656.mp4.sfk
2019-12-17 13:41 - 2019-12-17 13:45 - 000024640 _____ C:\Users\Emanuel\Downloads\VID_20191211_215623.mp4.sfk
2019-12-17 13:40 - 2019-12-17 13:40 - 011543937 _____ C:\Users\Emanuel\Downloads\VID_20191211_215623.mp4
2019-12-17 13:39 - 2019-12-17 13:39 - 040738400 _____ C:\Users\Emanuel\Downloads\VID_20191214_050656.mp4
2019-12-17 13:38 - 2019-12-17 13:39 - 022209897 _____ C:\Users\Emanuel\Downloads\VID_20191217_042300.mp4
2019-12-17 13:30 - 2019-12-17 13:30 - 000001370 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2019-12-17 13:30 - 2019-12-17 13:30 - 000001370 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2019-12-17 13:25 - 2019-12-08 18:26 - 001729440 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2019-12-17 13:25 - 2019-12-08 18:26 - 001729440 _____ C:\Windows\system32\vulkaninfo.exe
2019-12-17 13:25 - 2019-12-08 18:26 - 001329568 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-12-17 13:25 - 2019-12-08 18:26 - 001329568 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2019-12-17 13:25 - 2019-12-08 18:25 - 027571328 _____ (NVIDIA Corporation) C:\Windows\system32\nvrtum64.dll
2019-12-17 13:25 - 2019-12-08 18:25 - 011843488 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2019-12-17 13:25 - 2019-12-08 18:25 - 010167736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2019-12-17 13:25 - 2019-12-08 18:25 - 001079200 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2019-12-17 13:25 - 2019-12-08 18:25 - 001079200 _____ C:\Windows\system32\vulkan-1.dll
2019-12-17 13:25 - 2019-12-08 18:25 - 000937888 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2019-12-17 13:25 - 2019-12-08 18:25 - 000937888 _____ C:\Windows\SysWOW64\vulkan-1.dll
2019-12-17 13:25 - 2019-12-08 18:25 - 000449248 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-12-17 13:25 - 2019-12-08 18:25 - 000427912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2019-12-17 13:25 - 2019-12-08 18:25 - 000353408 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 126778064 _____ (NVIDIA Corp.) C:\Windows\system32\nvoptix.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 040310400 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 029931384 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl64.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 029543024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 025238472 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl32.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 022838928 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2019-12-17 13:25 - 2019-12-08 18:24 - 017461192 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 004994632 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 004450208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 002075040 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 001728128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6444166.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 001568480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 001491680 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6444166.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 001483720 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 001371856 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 001145760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 001065048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 000633432 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 000545832 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 000524456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 000474056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 000429200 _____ C:\Windows\system32\nvofapi64.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 000381056 _____ C:\Windows\SysWOW64\nvofapi.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 000190176 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 000174152 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 000165928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2019-12-17 13:25 - 2019-12-08 18:24 - 000153160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2019-12-17 13:25 - 2019-12-08 18:23 - 040510424 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2019-12-17 13:25 - 2019-12-08 18:23 - 035380264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2019-12-17 13:25 - 2019-12-08 18:23 - 015030928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2019-12-17 13:25 - 2019-12-08 18:23 - 000528456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcbl64.dll
2019-12-17 13:25 - 2019-12-08 14:20 - 034363176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2019-12-17 13:25 - 2019-12-08 14:20 - 022093592 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2019-12-17 13:25 - 2019-12-08 14:20 - 004249384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2019-12-17 13:25 - 2019-12-06 23:44 - 000228792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2019-12-17 13:25 - 2019-12-06 23:44 - 000047272 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2019-12-17 13:25 - 2019-12-06 23:44 - 000000671 _____ C:\Windows\SysWOW64\nv-vk32.json
2019-12-17 13:25 - 2019-12-06 23:44 - 000000671 _____ C:\Windows\system32\nv-vk64.json
2019-12-16 05:57 - 2019-12-16 05:57 - 000000000 ____D C:\Users\Emanuel\Downloads\imgtool20
2019-12-16 04:08 - 2019-12-16 04:08 - 000004857 _____ C:\Users\Emanuel\Desktop\Grand Theft Auto San Andreas.lnk
2019-12-16 03:47 - 2019-12-16 04:04 - 000000000 ____D C:\Users\Emanuel\Downloads\Streams-radios(GB)
2019-12-16 02:54 - 2019-12-16 02:54 - 000000000 ____D C:\Users\Emanuel\Downloads\Error 0xc000007b
2019-12-16 02:43 - 2019-12-17 21:47 - 000000000 ____D C:\Users\Emanuel\Downloads\Doki - Todos Somos Necesarios_ Rana
2019-12-16 02:42 - 2019-12-17 21:25 - 000000000 ____D C:\Users\Emanuel\Downloads\Doki - Todos Somos Necesarios_ Pájaro
2019-12-16 02:40 - 2019-12-17 21:29 - 000000000 ____D C:\Users\Emanuel\Downloads\Doki - Todos Somos Necesarios_ Arbol
2019-12-16 00:57 - 2019-12-16 00:57 - 001203753 _____ C:\Windows\unins000.exe
2019-12-16 00:46 - 2019-11-06 09:38 - 000001350 _____ C:\Users\Emanuel\Downloads\README.txt
2019-12-16 00:31 - 2019-12-16 18:20 - 000000000 ____D C:\Program Files (x86)\SRt3 Mipmap 2014
2019-12-15 23:39 - 2019-12-16 00:57 - 000015208 _____ C:\Windows\unins000.dat
2019-12-15 15:19 - 2019-12-15 17:42 - 000000000 ____D C:\Users\Emanuel\AppData\Local\modloader
2019-12-15 15:19 - 2019-12-15 15:19 - 000000000 ____D C:\ProgramData\modloader
2019-12-15 15:04 - 2019-03-18 09:56 - 005096040 _____ (WoM) C:\Users\Emanuel\Downloads\10784-asi-loader.exe
2019-12-15 15:04 - 2019-03-18 09:56 - 000155155 _____ C:\Users\Emanuel\Downloads\10784-asi-loader.mmrc
2019-12-15 06:16 - 2019-12-15 06:17 - 000000000 ____D C:\Users\Emanuel\Downloads\Mejor Resolucion 1600x900
2019-12-15 02:28 - 2019-12-16 04:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\www.GameModding.net
2019-12-15 02:20 - 2019-12-15 02:20 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ModManager
2019-12-14 01:25 - 2019-12-17 02:33 - 000000000 ____D C:\Users\Emanuel\Documents\GTA San Andreas User Files
2019-12-14 01:25 - 2019-12-14 01:25 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2019-12-13 15:22 - 2014-01-04 00:22 - 000000000 ____D C:\Users\Emanuel\Downloads\M1dn1ghtHollow Gold
2019-12-13 01:29 - 2019-12-13 01:29 - 000000000 ____D C:\Program Files\Razer Chroma SDK
2019-12-13 01:29 - 2019-12-13 01:29 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2019-12-13 01:27 - 2019-12-13 01:27 - 000000000 ____D C:\Users\Emanuel\AppData\Local\Razer
2019-12-13 01:26 - 2019-12-13 01:31 - 000000000 ____D C:\ProgramData\Razer
2019-12-13 01:26 - 2019-12-13 01:29 - 000000000 ____D C:\Program Files (x86)\Razer
2019-12-13 01:26 - 2019-12-13 01:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2019-12-13 00:29 - 2019-12-18 23:24 - 000000000 ____D C:\Users\Emanuel\Documents\Image-Line
2019-12-13 00:26 - 2019-12-13 00:26 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2019-12-13 00:26 - 2019-12-13 00:26 - 000000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2019-12-13 00:25 - 2019-12-13 00:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2019-12-13 00:25 - 2019-12-13 00:27 - 000000000 ____D C:\Program Files\Common Files\VST2
2019-12-13 00:25 - 2019-12-13 00:25 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2019-12-13 00:25 - 2019-12-13 00:25 - 000000000 ____D C:\Program Files\Common Files\Propellerhead Software
2019-12-13 00:25 - 2019-12-13 00:25 - 000000000 ____D C:\Program Files (x86)\VstPlugins
2019-12-13 00:16 - 2019-12-13 00:26 - 000000000 ____D C:\Program Files (x86)\Image-Line
2019-12-13 00:03 - 2019-12-13 00:03 - 000000000 ____D C:\Users\Emanuel\Downloads\Image-Line FL Studio Producer Edition 20.5.1142
2019-12-13 00:03 - 2019-12-13 00:03 - 000000000 ____D C:\Users\Emanuel\Downloads\FL Studio 12.3 Producer Edition + Crack
2019-12-12 22:46 - 2019-12-12 22:55 - 000000000 ____D C:\Users\Emanuel\Downloads\Digimon Adventure 24
2019-12-12 20:46 - 2019-12-12 21:00 - 000000000 ____D C:\Users\Emanuel\Downloads\Digimon Adventure 20
2019-12-11 22:35 - 2019-12-11 22:35 - 000000000 ____D C:\Users\Emanuel\AppData\Local\cache
2019-12-11 22:32 - 2019-12-11 22:32 - 000000000 ____D C:\Users\Emanuel\AppData\Local\mbamtray
2019-12-10 19:06 - 2019-12-10 19:06 - 000000000 ____D C:\ProgramData\SupportAssist
2019-12-10 19:01 - 2019-11-14 22:58 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-12-10 19:01 - 2019-11-14 22:48 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-12-10 19:00 - 2019-12-06 02:27 - 000492032 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2019-12-10 19:00 - 2019-11-28 00:33 - 000710072 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-12-10 19:00 - 2019-11-28 00:32 - 004061616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-12-10 19:00 - 2019-11-28 00:32 - 003967416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-12-10 19:00 - 2019-11-28 00:32 - 001320248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-12-10 19:00 - 2019-11-28 00:32 - 000627664 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-12-10 19:00 - 2019-11-28 00:32 - 000264120 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-12-10 19:00 - 2019-11-28 00:32 - 000155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-12-10 19:00 - 2019-11-28 00:32 - 000097208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-12-10 19:00 - 2019-11-28 00:31 - 005554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-12-10 19:00 - 2019-11-28 00:31 - 001671504 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 001010176 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000834048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-12-10 19:00 - 2019-11-28 00:04 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-12-10 19:00 - 2019-11-28 00:03 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-12-10 19:00 - 2019-11-28 00:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-12-10 19:00 - 2019-11-28 00:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-12-10 19:00 - 2019-11-28 00:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-12-10 19:00 - 2019-11-27 23:59 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-12-10 19:00 - 2019-11-27 23:58 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-12-10 19:00 - 2019-11-27 23:58 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-12-10 19:00 - 2019-11-27 23:58 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-12-10 19:00 - 2019-11-27 23:58 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-12-10 19:00 - 2019-11-27 23:57 - 003233280 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-12-10 19:00 - 2019-11-27 23:57 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-12-10 19:00 - 2019-11-27 23:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-12-10 19:00 - 2019-11-27 23:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-12-10 19:00 - 2019-11-27 23:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-10 19:00 - 2019-11-27 23:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-12-10 19:00 - 2019-11-27 23:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-12-10 19:00 - 2019-11-27 23:56 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-12-10 19:00 - 2019-11-27 23:56 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-12-10 19:00 - 2019-11-27 23:53 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-12-10 19:00 - 2019-11-27 23:53 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-12-10 19:00 - 2019-11-27 23:52 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-12-10 19:00 - 2019-11-27 23:52 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-12-10 19:00 - 2019-11-27 23:52 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-12-10 19:00 - 2019-11-27 23:52 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-12-10 19:00 - 2019-11-27 23:51 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-12-10 19:00 - 2019-11-27 23:51 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-12-10 19:00 - 2019-11-27 23:51 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-12-10 19:00 - 2019-11-27 23:51 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-12-10 19:00 - 2019-11-27 23:51 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-12-10 19:00 - 2019-11-27 23:51 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-12-10 19:00 - 2019-11-27 23:51 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-12-10 19:00 - 2019-11-23 04:48 - 000390752 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-12-10 19:00 - 2019-11-23 03:57 - 000341896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-12-10 19:00 - 2019-11-20 23:16 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-12-10 19:00 - 2019-11-20 23:16 - 000496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-12-10 19:00 - 2019-11-20 21:48 - 000629984 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-12-10 19:00 - 2019-11-19 17:56 - 025753088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-12-10 19:00 - 2019-11-19 17:44 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-12-10 19:00 - 2019-11-19 17:44 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-12-10 19:00 - 2019-11-19 17:31 - 002910720 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-12-10 19:00 - 2019-11-19 17:30 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-12-10 19:00 - 2019-11-19 17:29 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-12-10 19:00 - 2019-11-19 17:29 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-12-10 19:00 - 2019-11-19 17:29 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-12-10 19:00 - 2019-11-19 17:22 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-12-10 19:00 - 2019-11-19 17:21 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-12-10 19:00 - 2019-11-19 17:19 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-12-10 19:00 - 2019-11-19 17:18 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-12-10 19:00 - 2019-11-19 17:18 - 000797184 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-12-10 19:00 - 2019-11-19 17:18 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-12-10 19:00 - 2019-11-19 17:18 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-12-10 19:00 - 2019-11-19 17:17 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-12-10 19:00 - 2019-11-19 17:10 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-12-10 19:00 - 2019-11-19 17:07 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-12-10 19:00 - 2019-11-19 17:01 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-12-10 19:00 - 2019-11-19 17:00 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-12-10 19:00 - 2019-11-19 17:00 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-12-10 19:00 - 2019-11-19 16:56 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-12-10 19:00 - 2019-11-19 16:56 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-12-10 19:00 - 2019-11-19 16:54 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-12-10 19:00 - 2019-11-19 16:52 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-12-10 19:00 - 2019-11-19 16:43 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-12-10 19:00 - 2019-11-19 16:41 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-12-10 19:00 - 2019-11-19 16:41 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-12-10 19:00 - 2019-11-19 16:39 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-12-10 19:00 - 2019-11-19 16:39 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-12-10 19:00 - 2019-11-19 16:36 - 015445504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-12-10 19:00 - 2019-11-19 16:26 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-12-10 19:00 - 2019-11-19 16:15 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-12-10 19:00 - 2019-11-19 16:04 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-12-10 19:00 - 2019-11-19 05:17 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-12-10 19:00 - 2019-11-19 05:11 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-12-10 19:00 - 2019-11-19 04:59 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-12-10 19:00 - 2019-11-19 04:58 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-12-10 19:00 - 2019-11-19 04:58 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-12-10 19:00 - 2019-11-19 04:57 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-12-10 19:00 - 2019-11-19 04:56 - 002304000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-12-10 19:00 - 2019-11-19 04:53 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-12-10 19:00 - 2019-11-19 04:52 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-12-10 19:00 - 2019-11-19 04:50 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-12-10 19:00 - 2019-11-19 04:49 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-12-10 19:00 - 2019-11-19 04:49 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-12-10 19:00 - 2019-11-19 04:49 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-12-10 19:00 - 2019-11-19 04:40 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-12-10 19:00 - 2019-11-19 04:36 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-12-10 19:00 - 2019-11-19 04:36 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-12-10 19:00 - 2019-11-19 04:35 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-12-10 19:00 - 2019-11-19 04:33 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-12-10 19:00 - 2019-11-19 04:33 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-12-10 19:00 - 2019-11-19 04:31 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-12-10 19:00 - 2019-11-19 04:30 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-12-10 19:00 - 2019-11-19 04:26 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-12-10 19:00 - 2019-11-19 04:24 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-12-10 19:00 - 2019-11-19 04:23 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-12-10 19:00 - 2019-11-19 04:23 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-12-10 19:00 - 2019-11-19 04:22 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-12-10 19:00 - 2019-11-19 04:20 - 013838336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-12-10 19:00 - 2019-11-19 04:05 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-12-10 19:00 - 2019-11-19 04:01 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-12-10 19:00 - 2019-11-19 04:00 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-12-10 19:00 - 2019-11-14 23:32 - 000311008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2019-12-10 19:00 - 2019-11-14 23:29 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-12-10 19:00 - 2019-11-14 23:29 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-12-10 19:00 - 2019-11-14 23:29 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-12-10 19:00 - 2019-11-14 23:29 - 000479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2019-12-10 19:00 - 2019-11-14 23:29 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2019-12-10 19:00 - 2019-11-14 23:29 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-12-10 19:00 - 2019-11-14 23:29 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-12-10 19:00 - 2019-11-14 23:29 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-12-10 19:00 - 2019-11-14 23:29 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2019-12-10 19:00 - 2019-11-14 23:29 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2019-12-10 19:00 - 2019-11-14 23:25 - 000385248 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-12-10 19:00 - 2019-11-14 23:22 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-12-10 19:00 - 2019-11-14 23:22 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-12-10 19:00 - 2019-11-14 23:22 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-12-10 19:00 - 2019-11-14 23:22 - 000517632 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-12-10 19:00 - 2019-11-14 23:22 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-12-10 19:00 - 2019-11-14 23:22 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2019-12-10 19:00 - 2019-11-14 23:22 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2019-12-10 19:00 - 2019-11-14 23:22 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-12-10 19:00 - 2019-11-14 23:21 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2019-12-10 19:00 - 2019-11-14 23:21 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2019-12-10 19:00 - 2019-11-14 23:21 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-12-10 19:00 - 2019-11-14 23:21 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-12-10 19:00 - 2019-11-14 23:21 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-12-10 19:00 - 2019-11-14 23:21 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-12-10 19:00 - 2019-11-14 23:21 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-12-10 19:00 - 2019-11-14 23:06 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2019-12-10 19:00 - 2019-11-14 23:04 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-12-10 19:00 - 2019-11-14 22:59 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2019-12-10 19:00 - 2019-11-14 22:59 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2019-12-10 19:00 - 2019-11-14 22:45 - 000327680 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2019-12-10 19:00 - 2019-11-14 08:34 - 003187712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-12-10 19:00 - 2019-11-05 18:25 - 000162016 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-12-10 19:00 - 2019-10-25 21:17 - 001717760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-12-09 20:33 - 2019-12-10 03:45 - 000000000 ____D C:\Users\Emanuel\Documents\RazerAIOExecute
2019-12-09 20:32 - 2019-12-10 03:45 - 000000000 ____D C:\Users\Emanuel\Documents\RazerAIODownloads
2019-12-04 02:59 - 2019-12-04 02:59 - 000003318 _____ C:\Windows\system32\Tasks\{229B0F93-391A-44B2-B258-A94FB75B009A}
2019-12-04 00:48 - 2019-12-04 00:48 - 000000000 ____D C:\Users\Emanuel\Downloads\The_Sims_3_Showtime-FLT
2019-12-03 23:31 - 2019-12-03 23:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2019-12-03 23:31 - 2019-12-03 23:31 - 000000000 ____D C:\Program Files\PowerISO
2019-12-03 23:31 - 2017-06-06 21:36 - 000138296 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys
2019-12-03 20:40 - 2019-12-03 20:42 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-12-03 19:13 - 2019-12-03 19:13 - 000000000 ____D C:\Program Files (x86)\Elaborate Bytes
2019-11-29 23:11 - 2019-11-29 23:55 - 000000000 ____D C:\Users\Emanuel\Documents\Skype all emoticons
2019-11-29 20:53 - 2019-11-29 20:53 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2019-11-29 20:52 - 2019-11-29 20:53 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\IrfanView
2019-11-29 20:52 - 2019-11-29 20:52 - 000000000 ____D C:\Program Files\IrfanView
2019-11-29 19:19 - 2019-11-29 20:56 - 000000000 ____D C:\Users\Emanuel\Documents\Minecraft server 1.12.2
2019-11-29 18:41 - 2019-11-29 18:41 - 000000000 ____D C:\Users\Emanuel\AppData\Local\TeamViewer
2019-11-29 18:40 - 2019-11-29 18:56 - 000000000 ____D C:\Users\Emanuel\Documents\Server Bukkit 1.12.2
2019-11-29 18:40 - 2019-11-29 18:40 - 000000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2019-11-29 18:05 - 2019-11-29 18:05 - 000009892 _____ C:\Users\Emanuel\Documents\Cotización fuente de poder.xlsx
2019-11-29 03:39 - 2019-11-29 03:41 - 000000000 ____D C:\Users\Emanuel\Documents\Minecraft Server Bukkit1
2019-11-29 03:02 - 2019-11-29 03:02 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\.cache
2019-11-29 03:01 - 2019-11-29 03:01 - 000000000 ____D C:\ProgramData\OEM Links
2019-11-27 18:12 - 2019-11-27 18:33 - 000000000 ____D C:\Users\Emanuel\Downloads\Digimon Adventure
2019-11-26 03:38 - 2019-11-26 03:38 - 000002987 _____ C:\Users\Emanuel\Desktop\ZClient.lnk
2019-11-26 00:58 - 2019-11-26 00:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Los Sims 4
2019-11-25 21:56 - 2019-11-26 18:29 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\Origin
2019-11-25 21:56 - 2019-11-25 21:56 - 000000000 ____D C:\Users\Emanuel\AppData\Local\Origin
2019-11-25 21:55 - 2019-11-26 03:41 - 000000995 _____ C:\Users\Emanuel\Desktop\ZLOrigin.lnk
2019-11-25 21:55 - 2019-11-26 03:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZLOrigin
2019-11-25 21:55 - 2019-11-26 03:41 - 000000000 ____D C:\Program Files (x86)\ZLOrigin
2019-11-25 21:50 - 2019-12-23 17:23 - 000000000 ____D C:\Users\Emanuel\Documents\ZClient
2019-11-25 21:25 - 2019-11-25 21:50 - 000000000 ____D C:\Users\Emanuel\Documents\ZLOrigin
2019-11-25 14:43 - 2019-11-25 15:31 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\MEGA Link Downloader
2019-11-25 14:43 - 2019-11-25 14:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGA Link Downloader
2019-11-25 14:43 - 2019-11-25 14:43 - 000000000 ____D C:\Program Files (x86)\MEGA Link Downloader
2019-11-25 05:04 - 2019-11-25 20:34 - 000000000 ____D C:\The Sims 4
2019-11-25 03:46 - 2019-12-12 23:51 - 000000000 ____D C:\Users\Emanuel\AppData\Local\BitTorrentHelper
2019-11-25 03:46 - 2019-11-25 03:46 - 000000835 _____ C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2019-11-23 23:33 - 2019-12-23 17:54 - 000000000 ____D C:\Users\Emanuel\AppData\Local\LogMeIn Hamachi
2019-11-23 23:32 - 2019-11-23 23:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2019-11-23 23:32 - 2019-11-23 23:32 - 000000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2019-11-23 23:09 - 2019-11-27 23:16 - 000000000 ____D C:\Users\Emanuel\Documents\Minecraft Server

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-23 18:06 - 2019-09-13 05:22 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-23 18:06 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2019-12-23 17:54 - 2019-04-05 18:40 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\MPC-HC
2019-12-23 17:54 - 2018-06-16 23:55 - 000000000 ____D C:\Users\Emanuel\AppData\Local\CrashDumps
2019-12-23 17:34 - 2009-07-14 01:45 - 000056480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-12-23 17:34 - 2009-07-14 01:45 - 000056480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-12-23 17:28 - 2019-09-13 10:17 - 000003758 _____ C:\Windows\system32\Tasks\AutoKMS
2019-12-23 17:24 - 2018-06-18 09:19 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-12-23 17:23 - 2018-06-15 23:30 - 000000000 ____D C:\Users\Emanuel\Desktop\Software
2019-12-23 17:23 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-23 12:41 - 2018-06-15 22:54 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\.minecraft
2019-12-23 11:04 - 2018-08-16 18:58 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-12-22 23:33 - 2019-11-14 22:49 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-12-22 03:56 - 2018-08-11 05:52 - 000000000 ____D C:\Users\Emanuel\AppData\Local\Battle.net
2019-12-21 22:40 - 2018-09-23 21:32 - 000000000 ____D C:\Users\Emanuel\AppData\Local\JDownloader v2.0
2019-12-21 20:23 - 2018-06-18 21:49 - 000000000 ____D C:\ProgramData\Origin
2019-12-21 19:01 - 2018-12-02 12:11 - 000000000 ____D C:\Users\Emanuel\AppData\Local\GeometryDash
2019-12-21 16:46 - 2018-07-10 22:25 - 000000000 ____D C:\Users\Emanuel\Documents\Archivos de Outlook
2019-12-21 15:04 - 2019-10-13 13:18 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2019-12-21 12:39 - 2019-01-27 16:20 - 000000000 ____D C:\Users\Emanuel\AppData\Local\ElevatedDiagnostics
2019-12-21 12:39 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\system32\NDF
2019-12-21 12:33 - 2019-04-01 14:51 - 000000000 ____D C:\Users\Public\Documents\Winstep
2019-12-21 12:33 - 2019-04-01 14:51 - 000000000 ____D C:\ProgramData\Documents\Winstep
2019-12-21 04:21 - 2019-10-04 21:51 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-12-21 04:21 - 2019-10-04 21:51 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-12-21 02:24 - 2019-04-14 19:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2019-12-21 02:24 - 2019-04-14 19:37 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2019-12-20 19:31 - 2018-06-15 22:47 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\discord
2019-12-20 19:28 - 2018-06-24 07:50 - 000000000 ____D C:\Users\Emanuel\Documents\Vegas pro documents
2019-12-20 16:27 - 2018-10-19 12:24 - 000003846 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1529089473
2019-12-20 16:27 - 2018-06-15 16:04 - 000000000 ____D C:\Program Files\Opera
2019-12-20 06:11 - 2019-04-05 13:40 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\Aegisub
2019-12-19 22:55 - 2019-04-05 13:40 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\fontconfig
2019-12-19 22:09 - 2019-09-13 05:32 - 000000000 ____D C:\Users\Emanuel
2019-12-19 21:18 - 2018-06-24 07:42 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\vlc
2019-12-19 16:17 - 2018-10-08 01:32 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-19 16:17 - 2018-06-17 00:21 - 000000000 ____D C:\ProgramData\Adobe
2019-12-19 16:02 - 2018-06-15 22:43 - 000000000 ____D C:\Users\Emanuel\Desktop\txt
2019-12-19 05:44 - 2018-06-15 20:09 - 000000000 ____D C:\ProgramData\Package Cache
2019-12-19 05:42 - 2018-07-30 23:36 - 000000000 ____D C:\ProgramData\Ashampoo
2019-12-19 03:15 - 2018-08-11 05:51 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-12-19 02:21 - 2018-07-26 19:47 - 000000000 ____D C:\ProgramData\Epic
2019-12-18 23:54 - 2011-04-12 06:10 - 000747766 _____ C:\Windows\system32\perfh00A.dat
2019-12-18 23:54 - 2011-04-12 06:10 - 000159232 _____ C:\Windows\system32\perfc00A.dat
2019-12-18 23:54 - 2009-07-14 02:13 - 001678412 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-17 18:05 - 2018-06-15 23:13 - 000000000 ___RD C:\Users\Emanuel\Desktop\Games
2019-12-17 17:54 - 2018-06-17 05:09 - 000000000 ____D C:\Users\Emanuel\.android
2019-12-17 16:27 - 2018-07-30 15:46 - 000000000 ____D C:\temp
2019-12-17 16:13 - 2018-10-28 00:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder
2019-12-17 16:13 - 2018-08-31 18:43 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\DAEMON Tools Lite
2019-12-17 16:13 - 2018-06-18 09:19 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\TeamViewer
2019-12-17 16:13 - 2018-06-16 16:28 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\uTorrent
2019-12-17 16:13 - 2018-06-15 22:23 - 000000000 ____D C:\Program Files (x86)\Steam
2019-12-17 13:41 - 2019-05-22 00:11 - 000000000 ____D C:\Users\Emanuel\AppData\Local\NVIDIA
2019-12-17 13:30 - 2019-05-22 00:11 - 000000000 ____D C:\Users\Emanuel\AppData\Local\NVIDIA Corporation
2019-12-17 13:30 - 2019-05-21 23:59 - 000003798 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-17 13:30 - 2019-05-21 23:59 - 000003790 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-17 13:30 - 2018-06-15 20:08 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-12-17 13:29 - 2019-09-13 05:22 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-12-17 13:29 - 2019-09-13 05:22 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-12-17 13:29 - 2019-06-25 21:47 - 000003704 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-17 13:29 - 2019-06-25 21:47 - 000003704 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-17 13:29 - 2019-06-25 21:47 - 000003704 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-17 13:29 - 2019-06-25 21:47 - 000003704 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-17 13:29 - 2019-05-21 23:59 - 000004146 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-17 13:29 - 2019-05-21 23:59 - 000003940 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-17 13:29 - 2019-05-21 23:58 - 000003738 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-17 13:29 - 2019-05-21 23:58 - 000003494 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-16 04:37 - 2019-09-11 03:08 - 000000000 ____D C:\Users\Emanuel\.BigNox
2019-12-16 04:37 - 2018-06-17 05:06 - 000000000 ____D C:\Users\Emanuel\AppData\Local\Nox
2019-12-14 18:47 - 2019-10-04 22:46 - 000000300 _____ C:\Users\Emanuel\d4ac4633ebd6440fa397b84f1bc94a3c.7z
2019-12-14 18:39 - 2019-07-24 01:02 - 000000000 ____D C:\Users\Emanuel\AppData\Local\NoxSrv
2019-12-14 18:39 - 2018-06-17 05:08 - 000000000 ____D C:\Users\Emanuel\vmlogs
2019-12-13 20:53 - 2018-08-11 05:53 - 000000000 ____D C:\Program Files (x86)\Overwatch
2019-12-13 19:14 - 2018-10-08 01:31 - 000003536 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-13 19:14 - 2018-10-08 01:31 - 000003408 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-13 03:47 - 2018-08-27 23:55 - 000116696 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2019-12-12 19:34 - 2019-03-27 02:25 - 000000000 _____ C:\Windows\system32\RzSurroundVADAudioDeviceManager_log.txt
2019-12-12 05:52 - 2019-03-26 21:14 - 000004332 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-12-12 05:52 - 2018-06-17 00:42 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-12-12 05:52 - 2018-06-17 00:42 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-12-12 05:52 - 2018-06-17 00:42 - 000004508 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-12-12 05:52 - 2018-06-17 00:42 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-12-12 05:52 - 2018-06-17 00:42 - 000000000 ____D C:\Windows\system32\Macromed
2019-12-12 04:53 - 2018-06-17 00:44 - 000004500 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-12-11 23:07 - 2019-08-30 18:26 - 000000000 ____D C:\KOPLAYER
2019-12-11 23:04 - 2018-10-28 00:39 - 000000000 ____D C:\Program Files (x86)\TNod
2019-12-11 22:51 - 2019-08-30 18:30 - 000000000 ____D C:\Users\Emanuel\.TianTianVM
2019-12-11 22:51 - 2019-08-30 18:26 - 000000000 ____D C:\Users\Emanuel\AppData\Local\KOPLAYERData
2019-12-11 16:01 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\rescache
2019-12-11 03:18 - 2019-09-19 02:18 - 001652062 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-12-11 03:12 - 2018-06-16 21:20 - 000000000 ____D C:\Windows\system32\MRT
2019-12-11 03:01 - 2019-09-14 03:01 - 129221664 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-12-08 18:25 - 2019-07-29 20:53 - 000510296 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2019-12-08 14:20 - 2019-07-29 20:53 - 039826224 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2019-12-08 14:20 - 2019-07-29 20:52 - 018406736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2019-12-08 14:20 - 2019-07-29 20:52 - 004806784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2019-12-06 23:44 - 2019-09-13 05:22 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2019-12-06 23:44 - 2019-07-29 20:53 - 001683032 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2019-12-06 23:44 - 2019-07-29 20:52 - 000052765 _____ C:\Windows\system32\nvinfo.pb
2019-12-06 23:44 - 2019-05-21 23:59 - 002845208 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2019-12-06 23:44 - 2019-05-21 23:59 - 002209136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2019-12-06 23:44 - 2019-05-21 23:59 - 001323112 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2019-12-06 23:44 - 2019-05-21 23:58 - 000179000 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2019-12-06 23:44 - 2019-05-21 23:58 - 000154424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2019-12-06 22:21 - 2019-09-13 05:23 - 005562208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2019-12-06 22:21 - 2019-09-13 05:23 - 002652712 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2019-12-06 22:21 - 2019-09-13 05:23 - 001768456 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2019-12-06 22:21 - 2019-09-13 05:23 - 000670744 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2019-12-06 22:21 - 2019-09-13 05:23 - 000455152 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2019-12-06 22:21 - 2019-09-13 05:23 - 000129392 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2019-12-06 22:21 - 2019-09-13 05:23 - 000083392 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2019-12-04 07:50 - 2019-09-13 05:23 - 008800072 _____ C:\Windows\system32\nvcoproc.bin
2019-12-04 02:35 - 2009-07-14 02:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-12-04 02:31 - 2018-06-15 22:56 - 000000000 ____D C:\Program Files (x86)\Electronic Arts
2019-12-04 02:31 - 2018-06-15 15:02 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-12-03 23:46 - 2019-04-04 23:37 - 000000000 ____D C:\Program Files\WinRAR
2019-12-03 20:42 - 2019-04-04 23:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-12-03 19:19 - 2018-08-31 18:43 - 000000000 ____D C:\Program Files\DAEMON Tools Lite
2019-12-03 18:13 - 2018-06-15 23:22 - 000000000 ____D C:\Users\Public\Documents\Catch!
2019-12-03 18:13 - 2018-06-15 23:22 - 000000000 ____D C:\ProgramData\Documents\Catch!
2019-12-02 20:13 - 2019-10-20 20:16 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-12-02 14:04 - 2018-06-15 23:10 - 000000000 ____D C:\Users\Emanuel\Documents\Microsoft Word
2019-12-01 17:11 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\LiveKernelReports
2019-11-29 03:37 - 2018-09-27 18:53 - 000000000 ____D C:\Users\Emanuel\Documents\Minecraft server bukkit
2019-11-27 00:29 - 2018-06-15 22:08 - 000000000 ____D C:\Users\Emanuel\Documents\Electronic Arts
2019-11-25 21:58 - 2018-06-18 22:11 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-11-25 21:32 - 2018-06-18 22:37 - 000000000 ____D C:\ProgramData\Electronic Arts
2019-11-25 03:15 - 2019-05-03 11:54 - 000003182 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-485721870-1593872569-1429902795-1000
2019-11-25 03:15 - 2019-04-30 22:03 - 000000000 ___RD C:\Users\Emanuel\OneDrive
2019-11-25 03:14 - 2019-09-15 16:20 - 000002200 _____ C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk

==================== Files in the root of some directories ========

2007-10-04 13:00 - 2007-10-04 13:00 - 000003134 __RSH () C:\Program Files (x86)\Common Files\Logo.ico
2018-06-15 14:35 - 2019-04-10 14:31 - 000000489 _____ () C:\Users\Emanuel\AppData\Roaming\Desktop.lnk
2019-11-25 14:04 - 2019-11-25 14:04 - 000131253 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-10248.log
2019-11-25 21:41 - 2019-11-25 21:41 - 000132564 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-11365.log
2019-11-28 10:12 - 2019-11-28 10:12 - 000132564 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-12058.log
2019-11-13 21:48 - 2019-11-13 21:48 - 000079827 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-12091.log
2019-11-28 11:04 - 2019-11-28 11:04 - 000132564 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-12116.log
2019-11-26 18:21 - 2019-11-26 18:21 - 000132564 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-12216.log
2019-11-27 17:33 - 2019-11-27 17:33 - 000132564 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-12869.log
2019-11-27 23:09 - 2019-11-27 23:09 - 000132564 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-13066.log
2019-11-27 21:18 - 2019-11-27 21:18 - 000132564 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-14072.log
2019-11-13 05:14 - 2019-11-13 05:14 - 000131249 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-14087.log
2019-11-13 05:15 - 2019-11-13 05:15 - 000131249 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-14182.log
2019-11-26 03:32 - 2019-11-26 03:32 - 000132564 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-14726.log
2019-11-29 14:21 - 2019-11-29 14:21 - 000078529 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-15283.log
2019-11-27 00:13 - 2019-11-27 00:13 - 000132564 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-15613.log
2019-11-26 14:02 - 2019-11-26 14:02 - 000132564 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-17034.log
2019-11-27 16:03 - 2019-11-27 16:03 - 000132564 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-18045.log
2019-03-14 23:51 - 2019-03-14 23:53 - 000000716 ____H () C:\Users\Emanuel\AppData\Roaming\{F419BEEC-F5A5-6CAC-9BE9-188ED471C279}
2019-09-18 22:46 - 2019-09-18 22:46 - 000000041 _____ () C:\Users\Emanuel\AppData\Local\clone_Nox_3_conf.ini
2019-09-18 03:08 - 2019-09-18 22:46 - 000000823 _____ () C:\Users\Emanuel\AppData\Local\Nox_crash.log
2019-09-14 16:32 - 2019-09-14 16:32 - 000000000 _____ () C:\Users\Emanuel\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-12-19 01:27
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-12-2019
Ran by Emanuel (23-12-2019 18:15:02)
Running from C:\Users\Emanuel\Desktop
Windows 7 Professional Service Pack 1 (X64) (2019-09-13 13:13:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-485721870-1593872569-1429902795-500 - Administrator - Disabled)
Emanuel (S-1-5-21-485721870-1593872569-1429902795-1000 - Administrator - Enabled) => C:\Users\Emanuel
HomeGroupUser$ (S-1-5-21-485721870-1593872569-1429902795-1002 - Limited - Enabled)
Invitado (S-1-5-21-485721870-1593872569-1429902795-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\uTorrent) (Version: 3.5.5.45395 - BitTorrent Inc.)
Actualización de NVIDIA 38.0.2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.2.0 - NVIDIA Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.303 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.303 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.303 - Adobe)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Aegisub 3.2.2 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo WinOptimizer 16 (HKLM-x32\...\{4209F371-C47A-1204-F2BA-6FD6E5BB1B50}_is1) (Version: 16.00.20 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.6.2.6 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.6.2.6 - ASUSTek COMPUTER INC.)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.130.1.1002 - BlueStack Systems, Inc.)
Boilsoft Video Splitter 6.34 (HKLM-x32\...\{24549038-9956-4EE5-976D-4419AAEA7DD5}_is1) (Version:  - Boilsoft, Inc.)
Call Of Duty Modern Warfare 3 Repack (HKLM-x32\...\Call Of Duty Modern Warfare 3 Repack) (Version:  - )
Camtasia 9 (HKLM\...\{33E08945-3D7B-40BB-B34F-1A3C8B9650DE}) (Version: 9.1.2.3011 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
CPUID CPU-Z 1.90 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.90 - CPUID, Inc.)
CPUID HWMonitor 1.35 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.35 - CPUID, Inc.)
CZLauncher versión 16.0 (HKLM-x32\...\{D2034EB0-59C4-41A8-9A3D-DA8C7D58D7E5}_is1) (Version: 16.0 - ComunidadZero.com)
Desinstalar Traducción de Camtasia (HKLM\...\{7EE19AB2-A523-4E54-9DF7-EAF087408D59}_is1) (Version: 9.0.3.1627 - Octatec)
Discord (HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\Discord) (Version: 0.0.305 - Discord Inc.)
Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team)
Epic Games Launcher (HKLM-x32\...\{385D03C4-767B-4B5F-A627-61319D136EF4}) (Version: 1.1.236.0 - Epic Games, Inc.)
ESET Security (HKLM\...\{30AAEA0C-2993-4ED6-8ABC-48499DA53D87}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
Firestorm-Releasex64 (HKLM\...\Firestorm-Releasex64) (Version: 6.3.2.58052 - The Phoenix Firestorm Project, Inc.)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Freemake Video Converter versión 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Mixbyte Inc.)
Geometry Dash v2.1 (HKLM-x32\...\vsetop.com Geometry Dash v2.1_is1) (Version: 2.1 - VseTop.Com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Graphics Rules Maker (HKLM-x32\...\Graphics Rules Maker) (Version: 1.1.0 - SimsNetwork.com)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.309 - )
Intel® Hardware Accelerated Execution Manager (HKLM\...\{73D60EDA-FD00-4CB4-8723-212AFB2219CF}) (Version: 7.3.0 - Intel Corporation)
IrfanView 4.53 (64-bit) (HKLM\...\IrfanView64) (Version: 4.53 - Irfan Skiljan)
Java 10.0.2 (64-bit) (HKLM\...\{EECB2736-D013-5AC5-9917-7656712F6931}) (Version: 10.0.2.0 - Oracle Corporation)
Java(TM) SE Development Kit 10.0.2 (64-bit) (HKLM\...\{71307D56-8005-5F5E-9227-BFA2754D6E54}) (Version: 10.0.2.0 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kast 2.1.10 (HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\d06bcc57-f338-548b-9321-2ecf1ddd47ff) (Version: 2.1.10 - Evasyst, Inc.)
Kast 2.2.1 (HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\{d06bcc57-f338-548b-9321-2ecf1ddd47ff}) (Version: 2.2.1 - Evasyst, Inc.)
K-Lite Mega Codec Pack 14.8.8 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.8.8 - KLCP)
KOPLAYER Pro version: 2.0.0 (HKLM\...\KOPLAYER_is1) (Version:  - KOPLAYER Team)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.27.20180328 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}) (Version: 3.14.1 - LG Electronics)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Loquendo TTS 7 Carlos Multimedia High Quality (HKLM-x32\...\{CCB512D7-4500-4E5F-A2EA-26D512E4B2BF}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 Carmen Multimedia High Quality (HKLM-x32\...\{08E73A78-70C4-4168-BB68-98B6D7A9001F}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 Engine Full Distribution (HKLM-x32\...\{16096EE7-3343-4835-B9AF-C63492BD89B3}) (Version: 7.5.0 - Loquendo)
Loquendo TTS 7 Jorge Multimedia High Quality (HKLM-x32\...\{22BF5757-B409-4936-B711-959FE897BD4A}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 SDK Distribution (HKLM-x32\...\{30139AC2-AB19-4AEA-865F-2154240D851F}) (Version: 7.3.1 - Loquendo)
Loquendo TTS 7 Soledad Multimedia High Quality (HKLM-x32\...\{5A073D9F-DC37-4581-BD40-A88EEAB5048D}) (Version: 7.3.1 - Loquendo)
Loquendo TTS 7 Spanish (HKLM-x32\...\{02B7FE27-CF87-4380-B57B-9D7A543B1674}) (Version: 7.4.0 - Loquendo)
Los Sims 2 Abren Negocios (HKLM-x32\...\{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}) (Version:  - )
Los Sims 2 Decora tu Familia - Accesorios (HKLM-x32\...\{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}) (Version:  - )
Los Sims 2 Universitarios (HKLM-x32\...\{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}) (Version:  - )
Los Sims™ 2 Bon Voyage (HKLM-x32\...\{F248ADFA-64E0-4b03-8A83-059078BED6A0}) (Version:  - Electronic Arts)
Los Sims™ 2 Cocina y Baño Diseño de Interiores Accesorios (HKLM-x32\...\{6522C636-B04C-4333-9BEB-9E0C0B6350D6}) (Version:  - Electronic Arts)
Los Sims™ 2 Comparten Piso (HKLM-x32\...\{B6F5B704-06D3-4687-90F3-6195304AD755}) (Version:  - Electronic Arts)
Los Sims™ 2 H&M® Moda Accesorios (HKLM-x32\...\{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}) (Version:  - )
Los Sims™ 2 IKEA® Accesorios para el hogar (HKLM-x32\...\{6E17F9751-F056-4335-B718-8AF1B1092AFB}) (Version:  - Electronic Arts)
Los Sims™ 2 Jóvenes Urbanos Accesorios (HKLM-x32\...\{5C648FDB-0138-4619-B66E-230EF53E8E2C}) (Version:  - Electronic Arts)
Los Sims™ 2 Mansiones y Jardines Accesorios (HKLM-x32\...\{1A2A15C2-6780-49c1-B296-503230E9DE00}) (Version:  - Electronic Arts)
Los Sims™ 2 Mascotas (HKLM-x32\...\{4817189D-1785-4627-A33C-39FD90919300}) (Version:  - )
Los Sims™ 2 Megaluxe (HKLM-x32\...\{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}) (Version:  - Electronic Arts)
Los Sims™ 2 Todo Glamour Accesorios (HKLM-x32\...\{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}) (Version:  - )
Los Sims™ 2 y Las Cuatro Estaciones (HKLM-x32\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version:  - )
Los Sims™ 2 Y Sus Hobbies (HKLM-x32\...\{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}) (Version:  - Electronic Arts)
Los Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Los Sims™ 3 ¡Menuda familia! (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Los Sims™ 3 Criaturas Sobrenaturales (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
Los Sims™ 3 Salto a la fama (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
Los Sims™ 3 Triunfadores (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Los Sims™ 3 Y Las Cuatro Estaciones (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Los Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.58.69.1010 - Electronic Arts Inc.)
Los Sims™ Historias de Náufragos (HKLM-x32\...\{64EEA791-0271-4B53-00AC-2BF05F5FBEF6}) (Version:  - Electronic Arts)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
MEGA Link Downloader version 2.8.9 (HKLM-x32\...\{FF96FE94-6FCA-4026-BA7C-C86171F621DA}_is1) (Version: 2.8.9 - Shinchiro)
MEmu (HKLM-x32\...\MEmu) (Version: 7.0.1.0 - Microvirt Software Technology Co. Ltd.)
Microsoft .NET Framework 4.8 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\ProPlus2019Volume - es-es) (Version: 16.0.12026.20264 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Volume - en-us) (Version: 16.0.12026.20264 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) 8.0.50727.4053 (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) 8.0.50727.42 (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) 8.0.50727.762 (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.8 (HKLM\...\{D04659D1-EB2D-3DE5-A833-837A623CCCF7}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30411.0 (HKLM\...\{D93AC9C8-B6CF-391E-BD2F-48AF4727476C}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.1 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.8 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411.0 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Minecraft Story Mode Episode 8 (HKLM-x32\...\Minecraft Story Mode Episode 8_is1) (Version:  - )
Mozilla Firefox 69.0 (x64 es-CL) (HKLM\...\Mozilla Firefox 69.0 (x64 es-CL)) (Version: 69.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.2 - Mozilla)
Mp3tag v2.94 (HKLM-x32\...\Mp3tag) (Version: 2.94 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.65.2 - Black Tree Gaming)
nofil2000 Pet Society Web Server (HKLM-x32\...\{6D61F576-C36F-0BF1-96BC-5751E3510C80}) (Version: 1.5.0 - UNKNOWN) Hidden
nofil2000 Pet Society Web Server (HKLM-x32\...\com.nofil2000.ps.server) (Version: 1.5.0 - UNKNOWN)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.3.0.8 - Duodian Technology Co. Ltd.)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA Controlador de audio HD 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 441.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.66 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.1.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.1.57 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Opera Stable 65.0.3467.78 (HKLM-x32\...\Opera 65.0.3467.78) (Version: 65.0.3467.78 - Opera Software)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwatch Test (HKLM-x32\...\Overwatch Test) (Version:  - Blizzard Entertainment)
Panel de control de NVIDIA 441.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 441.66 - NVIDIA Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.4 - Power Software Ltd)
PPSSPP (HKLM\...\PPSSPP_is1) (Version: 1.7.4.0 - PPSSPP Team)
Project64 version 2.3.2.202 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.3.2.202 - )
PSE Windows (HKLM-x32\...\{F4FFEA1D-9FE0-6F07-3F1F-B0D9E078A36B}) (Version: 2 - UNKNOWN) Hidden
PSE Windows (HKLM-x32\...\Main) (Version: v2 - UNKNOWN)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.10.6 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.24.10 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8382 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller Pro 4.0.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.0.5 - VS Revo Group, Ltd.)
Roblox Player for Emanuel (HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Studio for Emanuel (HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\roblox-studio) (Version:  - Roblox Corporation)
Scratch 2 Offline Editor (HKLM-x32\...\edu.media.mit.Scratch2Editor) (Version: 461 - Massachusetts Institute of Technology)
Scriptorium for TS2 (HKLM-x32\...\Scriptorium_for_TS2_is1) (Version: 2.2f - Numenor, for ModTheSims2)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
SimCity™ Societies (HKLM-x32\...\{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}) (Version: 1.0.0.0 - Electronic Arts) Hidden
SimCity™ Societies (HKLM-x32\...\{9B0F9788-3141-4009-846E-52E59843E963}) (Version: 1.0.0.0 - Electronic Arts)
SimPE 0.72 (alpha) (HKLM-x32\...\SimPE_is1) (Version:  - )
Sims 4 Tray Importer (S4TI) 1.9.10.2 (HKLM-x32\...\{8665A9CC-9652-4F31-907A-DE2E7A8E8E97}_is1) (Version: 1.9.10.2 - TeameeVo)
Skype versión 8.53 (HKLM-x32\...\Skype_is1) (Version: 8.53 - Skype Technologies S.A.)
Spore™ (HKLM-x32\...\{4BDCC41C-FFE7-40a4-BCB6-B558916868F7}) (Version: 1.7.0.0 - Electronic Arts)
Spotify (HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\Spotify) (Version: 1.1.0.237.g378f6f25 - Spotify AB)
Spyro Reignited Trilogy (HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\Spyro Reignited Trilogy) (Version:  - HOODLUM)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Super Mario World (HKLM-x32\...\{A32F457D-7A33-4696-89AA-0DE4EE025B77}_is1) (Version: 1.0 - Maikolik Games 2011)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.0.8397 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
VEGAS Pro 15.0 (HKLM\...\{E1FCD40F-7FC4-11E7-88AD-95BE57594EAC}) (Version: 15.0.177 - VEGAS)
VEGAS Pro 16.0 (HKLM\...\{0ABBD080-A716-11E8-974B-00155D6302F2}) (Version: 16.0.261 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Winstep Xtreme 18.8 (HKLM-x32\...\Winstep Xtreme_is1) (Version:  - )
Winstep Xtreme 18.8 Activation versión 18.8 (HKLM-x32\...\{9010E011-8224-4DA4-81DE-5179CA163146}_is1) (Version: 18.8 - Winstep)
ZLOrigin (HKLM-x32\...\ZLOrigin_is1) (Version: ZLOrigin - ZLOFENIX)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-485721870-1593872569-1429902795-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-485721870-1593872569-1429902795-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-485721870-1593872569-1429902795-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-485721870-1593872569-1429902795-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-485721870-1593872569-1429902795-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-485721870-1593872569-1429902795-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-485721870-1593872569-1429902795-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-03-18] (Notepad++ -> )
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-02-28] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-17] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-02-28] (Florian Heidenreich) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-22] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-02-28] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-17] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-22] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-17] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2018-09-06] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [652288 2013-05-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-18] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-18] (On2.com) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Emanuel\Desktop\Desktop\Chrome.lnk -> C:\Program Files\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> -json "{\"app_icon_url\": \"\", \"app_name\": \"Chrome\", \"app_url\": \"\", \"app_pkg\": \"com.android.chrome\"}"

==================== Loaded Modules (Whitelisted) =============

2019-02-28 13:03 - 2019-02-28 13:03 - 000424448 _____ (Florian Heidenreich) [File not signed] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\download.microsoft.com -> hxxp://download.microsoft.com
IE trusted site: HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\download.windowsupdate.com -> hxxp://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\download.windowsupdate.com -> hxxps://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\microsoft.com -> hxxp://ntservicepack.microsoft.com
IE trusted site: HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\ntservicepack.microsoft.com -> hxxp://ntservicepack.microsoft.com
IE trusted site: HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\update.microsoft.com -> hxxp://update.microsoft.com
IE trusted site: HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\update.microsoft.com -> hxxps://update.microsoft.com
IE trusted site: HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\windows.com -> hxxp://wustat.windows.com
IE trusted site: HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\windowsupdate.com -> hxxp://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\windowsupdate.com -> hxxps://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\windowsupdate.microsoft.com -> hxxp://windowsupdate.microsoft.com
IE trusted site: HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\ws.microsoft.com -> hxxp://ws.microsoft.com
IE trusted site: HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\ws.microsoft.com -> hxxps://ws.microsoft.com
IE trusted site: HKU\S-1-5-21-485721870-1593872569-1429902795-1000\...\wustat.windows.com -> hxxp://wustat.windows.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:34 - 2019-12-23 17:21 - 000001098 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 systweak.com
127.0.0.1 updateservice1.systweak.com
127.0.0.1 www.systweak.com
127.0.0.1 systemspeedup.systweak.com
127.0.0.1 systweak.com/STCheckGenuineness
0.0.0.0 telemetry.malwarebytes.com
127.0.0.10 sls.service.enmasse.com
127.0.0.1  skipittok.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-485721870-1593872569-1429902795-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 190.54.120.23 - 190.54.110.23
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: EFS => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: hidserv => 3
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: MEmuSVC => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Netlogon => 3
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: SensrSvc => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: WinHttpAutoProxySvc => 3
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: WO_LiveService2 => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WSearch => 2
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Synchronizer => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: DSATray => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: PrintDisp => C:\Windows\system32\PrintDisp.exe
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [TCP Query User{9E7D2095-927B-46F8-8058-8A7618537F8E}C:\users\emanuel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\emanuel\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{F93E146C-91D4-4BC5-9A71-CDBBB1935468}C:\users\emanuel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\emanuel\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{8AC9C55F-3648-4D2C-87A9-D2569EC69833}C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{5004314F-0B19-41C5-80DC-CA9957DA5195}C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{E293B318-56F4-4ABD-A1A9-0D455A00CAF6}] => (Allow) C:\Program Files\Opera\65.0.3467.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{DDB0DA75-CA1B-4CAE-A370-AAF429F8A079}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A424F91C-2424-483C-84D6-5F7F922BEF80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{573006E2-D29C-4292-B1DF-59BFF347E1EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{43CF1EF0-7010-41F1-A075-4FEE098DD69B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{770D9618-8A08-4718-9B0D-EFA1F2A93A96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D2609C46-C0BC-4FA2-804B-B8BB863285EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4A09F4C1-9826-4BEC-AC56-BB56F8BD7DC8}] => (Block) %ProgramFiles% (x86)\Overwatch\_retail_\Overwatch.exe No File
FirewallRules: [{F6DB4459-A4CD-49C1-B5A1-43BCF29B4029}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{C7B2BCEF-C565-499E-9E21-DD3A591AC0A5}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{3ACBEDAD-FCA4-4277-875E-03483C56F8A1}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{691E941B-D176-4047-A6A3-0BC346EC5950}] => (Allow) C:\Program Files\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{F682BA00-74BA-463E-B77A-4DD568C85519}C:\games\geometry dash v2.1\geometrydash.exe] => (Block) C:\games\geometry dash v2.1\geometrydash.exe () [File not signed]
FirewallRules: [UDP Query User{BE17947C-B796-4208-905E-9F425F8F4E23}C:\games\geometry dash v2.1\geometrydash.exe] => (Block) C:\games\geometry dash v2.1\geometrydash.exe () [File not signed]
FirewallRules: [TCP Query User{EB337E82-9091-4254-AE2D-B527D89F1A92}C:\games\geometry dash v2.1\geometrydash.exe] => (Block) C:\games\geometry dash v2.1\geometrydash.exe () [File not signed]
FirewallRules: [UDP Query User{225D55CF-4575-4F32-849A-C5BF00CB8B2F}C:\games\geometry dash v2.1\geometrydash.exe] => (Block) C:\games\geometry dash v2.1\geometrydash.exe () [File not signed]

==================== Restore Points =========================

20-12-2019 17:49:31 Punto de control programado
21-12-2019 11:45:47 Revo Uninstaller Pro's restore point - Malwarebytes version 4.0.4.49
21-12-2019 12:06:37 Revo Uninstaller Pro's restore point - Malwarebytes version 4.0.4.49
21-12-2019 12:09:28 Revo Uninstaller Pro's restore point - Malwarebytes version 4.0.4.49
21-12-2019 14:08:58 Revo Uninstaller Pro's restore point - Malwarebytes
21-12-2019 14:10:44 Revo Uninstaller Pro's restore point - Malwarebytes version 4.0.4.49
21-12-2019 14:14:52 Revo Uninstaller Pro's restore point - Malwarebytes version 4.0.4.49
21-12-2019 14:16:07 Revo Uninstaller Pro's restore point - Dll-Files.com Fixer
21-12-2019 14:20:32 Revo Uninstaller Pro's restore point - CCleaner
23-12-2019 18:04:22 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/23/2019 05:53:29 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: El servicio Windows Search no pudo procesar la lista de ubicaciones incluidas y excluidas. Error: <30, 0x80040d07, "iehistory://{S-1-5-21-485721870-1593872569-1429902795-1000}/">.

Error: (12/23/2019 05:33:13 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2020-01-22T20:27:13Z. Error Code: 0x80041321.

Error: (12/23/2019 05:25:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (12/23/2019 11:02:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (12/23/2019 01:09:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: MinecraftLauncher.exe, versión: 1.0.1.0, marca de tiempo: 0x5da59323
Nombre del módulo con errores: launcher.dll, versión: 0.0.0.0, marca de tiempo: 0x5dcacc13
Código de excepción: 0x40000015
Desplazamiento de errores: 0x0023ad48
Id. del proceso con errores: 0x1bb4
Hora de inicio de la aplicación con errores: 0x01d5b9469907edc3
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Minecraft\game\launcher.dll
Id. del informe: 10c17595-253a-11ea-b0f5-d8cb8a19b29e

Error: (12/22/2019 11:39:34 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2020-01-22T02:33:34Z. Error Code: 0x80041321.

Error: (12/22/2019 11:31:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (12/22/2019 11:22:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.


System errors:
=============
Error: (12/23/2019 06:06:52 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 20.

Error: (12/23/2019 06:06:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (12/23/2019 06:06:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (12/23/2019 05:26:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio MBAMChameleon no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (12/23/2019 05:26:31 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Razer Chroma SDK Server no respondió después de iniciar.

Error: (12/23/2019 05:25:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Wondershare Application Framework Service.

Error: (12/23/2019 05:24:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio ASUS Com Service.

Error: (12/23/2019 05:23:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio MBAMChameleon no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.


Windows Defender:
===================================
Date: 2019-03-16 02:32:40.326
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{EBF7CE1A-99F3-4EFB-95F8-27DA38ED29C5}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2019-02-12 05:36:03.525
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{08A51AAB-5356-456A-AEC8-804AB9543589}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

CodeIntegrity:
===================================

Date: 2019-09-13 09:39:25.442
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Bignox\BigNoxVM\RT\SDL.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-09-13 02:58:29.921
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-09-13 02:20:56.838
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-09-13 01:43:06.532
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-09-13 00:34:44.879
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-09-13 00:25:24.828
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-09-12 23:14:07.425
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-09-12 20:14:04.162
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. V3.6 09/29/2013
Motherboard: MSI H61M-P31/W8 (MS-7788)
Processor: Intel(R) Core(TM) i3-3250 CPU @ 3.50GHz
Percentage of memory in use: 96%
Total physical RAM: 3554.86 MB
Available physical RAM: 110.3 MB
Total Virtual: 7107.87 MB
Available Virtual: 2434.61 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.29 GB) (Free:279.24 GB) NTFS


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A6CF4811)

Partition: GPT.

==================== End of Addition.txt =======================

Hola, allí arriba puse toda la información, con malwarebytes consideré poner buscar rootkits y me detectó 20 cosas. De las cuales 4 me sale error al intentar eliminar y no sé por qué. Sin embargo el ordenador ya parece optimo y sin esos problemas que me daba.

Hola.

Pues antes de entrar en “harina” Veamos…si tenemos algo escondido.

Descarga y descomprime esta herramienta en tu escritorio Manual de Malwarebytes Anti-Rootkits Beta, y sigues los pasos que se indican para revisar el equipo :

• Abre la carpeta Mbar, haces doble clic en el archivo Mbar.exe.
• En la ventana que saldrá pulsas en Next.
• Pulsar en Update, y cuando termine en Next.
• Ahora inicias el análisis pulsando en el botón Scan.
• Al terminar, si existe infección pulsamos en CleanUp y si no hay infección pulsamos en Exit.

Al terminar busca en la carpeta Mbar, y abres los archivos mbar-log.txt y system-log.txt, nos copias el contenido en la siguiente respuesta y comentas resultados.

Saludos.

Vale mira, no me detectó ninguna infección así que me ponía esto:

659×542 108 KB

mientras que en la carpeta no veo el archivo mbar-log.txt pero si el system-log.txt asi que te pondré la información de system log:

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.19572

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.500000 GHz
Memory total: 3727540224, free: 713564160

Downloaded database version: v2019.12.24.01
Downloaded database version: v2019.12.24.01
Downloaded database version: v2018.01.20.01
=======================================
Initializing...
Driver version: 4.3.0.15
------------ Kernel report ------------
     12/23/2019 23:34:56
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\system32\DRIVERS\edevmon.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\eamonm.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\ehdrv.sys
\??\C:\Program Files\ESET\ESET Security\Modules\em000k_64\1018\em000k_64.dll
\??\C:\Program Files\ESET\ESET Security\Modules\em006_64\1209\em006_64.dll
\??\C:\Program Files\ESET\ESET Security\Modules\em018k_64\1633\em018k_64.dll
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\epfwwfp.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\??\C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\??\C:\KOPLAYER\vbox\TTDrv.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\System32\Drivers\SCDEmu.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\system32\DRIVERS\MEmuDrv.sys
\??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\drivers\intelppm.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\ISCTD.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\nvvhci.sys
\SystemRoot\system32\drivers\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\rzudd.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\IntelHaxm.sys
\??\C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\LiveTuner64.sys
\SystemRoot\system32\drivers\npf.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\System32\Drivers\mbamswissarmy.sys
\??\C:\Windows\system32\drivers\MbamChameleon.sys
\??\C:\Windows\system32\drivers\31115436.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\psapi.dll
\Windows\System32\shell32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\user32.dll
\Windows\System32\setupapi.dll
\Windows\System32\ole32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\imagehlp.dll
\Windows\System32\Wldap32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\advapi32.dll
\Windows\System32\urlmon.dll
\Windows\System32\difxapi.dll
\Windows\System32\comdlg32.dll
\Windows\System32\lpk.dll
\Windows\System32\usp10.dll
\Windows\System32\ws2_32.dll
\Windows\System32\msctf.dll
\Windows\System32\imm32.dll
\Windows\System32\wininet.dll
\Windows\System32\normaliz.dll
\Windows\System32\kernel32.dll
\Windows\System32\gdi32.dll
\Windows\System32\nsi.dll
\Windows\System32\iertutil.dll
\Windows\System32\sechost.dll
\Windows\System32\oleaut32.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\comctl32.dll
\Windows\System32\userenv.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\msasn1.dll
\Windows\System32\profapi.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2019.12.24.01
  rootkit: v2019.12.24.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8003b9a060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8003a2ed20, DeviceName: \Device\00000071\, DriverName: \Driver\edevmon\
DevicePointer: 0xfffffa8003b9ab90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8003b9a060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8003947520, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8003942680, DeviceName: \Device\Ide\IdeDeviceP3T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: A6CF4811

GPT Protective MBR Partition information:

    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 4294967295

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

GPT Partition information:

    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 2052449840
    GPT Header CurrentLba = 1 BackupLba 1953525167
    GPT Header FirstUsableLba 34  LastUsableLba 1953525134
    GPT Header Guid cb05d91b-c99c-46e3-a65c-c9116ab9a536
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128

    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 2052449840
    Backup GPT header CurrentLba = 1953525167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 1953525134
    Backup GPT header Guid cb05d91b-c99c-46e3-a65c-c9116ab9a536
    Backup GPT header Contains 128 partition entries starting at LBA 1953525135
    Backup GPT header Partition entry size = 128

    Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID 44609ce1-b78b-4650-ad20-7ddfa4c47e55
    FirstLBA 2048  Last LBA 206847
    Attributes 0
    Partition Name                 EFI system partition

    GPT Partition 0 is bootable
    Partition 1 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID bff99cca-677f-49d0-a3a8-241ce427845
    FirstLBA 206848  Last LBA 468991
    Attributes 0
    Partition Name         Microsoft reserved partition

    Partition 2 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID e5a05242-f2a5-4d0c-bc35-bd11f1e7c55
    FirstLBA 468992  Last LBA 1953523711
    Attributes 0
    Partition Name                 Basic data partition

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Scan finished

Vale ahora me apareció el otro log:

Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
  main:    v2019.12.24.01
  rootkit: v2019.12.24.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.19572
Emanuel :: EMANUEL-PC [administrator]

23/12/2019 23:35:04
mbar-log-2019-12-23 (23-35-04).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 265239
Time elapsed: 34 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Presiento que mi ordenador está limpio sin embargo necesito este archivo para poder jugar a Los Sims 4. (una manera de jugarlo de una fuente de terceros) y por ser así, eset nod32 me detecta la pagina como maliciosa. Pero malwarebytes no me la detecta como si fuera maliciosa. ¿Cómo confio? sabes alguna manera de escanear el archivo o algo así. Tal vez lo detecta así porque es un archivo modificado o crackeado para acceder al juego.

1362×482 18.1 KB

Como es el caso de aquí, que se pide que se desactive el antivirus para ciertas cosas.

Me podrías ayudar en esto otro? (adicionalmente de si es porque el ordenador se encuentra limpio) no quiero meterme virus de nuevo. Gracias.

Hola.

Ese archivo o página web es detectada NO solo por tu antivirus ESET sino que también me lo detecta a mi Malwarebytes; en concreto como un Troyano.

Si quieres verificar ese archivo puedes subirlo a Virustotal siguiendo las indicaciones que veras en este Manual de VirusTotal .

Cuando lo hayas subido nos pones el enlace de los resultados.

Saludos.

Vale mira, lo he hecho desde el movil y me pone lo siguiente:

Adware
Gen:Variant.Ursu.708446

AhnLab-V3
Unwanted/Win32.Agent.C3574806

ALYac
Gen:Variant.Ursu.708446

Antiy-AVL
Trojan/Win32.Tiggre

SecureAge APEX
Malicious

Arcabit
Trojan.Ursu.DACF5E

Avast
Win32:Malware-gen

AVG
Win32:Malware-gen

BitDefender
Gen:Variant.Ursu.708446

BitDefenderTheta
Gen:NN.ZexaF.33558.noKfa4DYMcfi

CrowdStrike Falcon
Win/malicious_confidence_60% (W)

Cylance
Unsafe

Cyren
W32/Trojan.PCBT-3393

Emsisoft
Gen:Variant.Ursu.708446 (B)

Endgame
Malicious (high Confidence)

eScan
Gen:Variant.Ursu.708446

ESET-NOD32
A Variant Of Win32/RiskWare.GameTool.V

FireEye
Gen:Variant.Ursu.708446

Fortinet
Riskware/GameTool

GData
Gen:Variant.Ursu.708446

K7AntiVirus
Riskware ( 005548f71 )

K7GW
Riskware ( 005548f71 )

MAX
Malware (ai Score=100)

McAfee
Artemis!1794AD2D2CEB

McAfee-GW-Edition
BehavesLike.Win32.MultiDropper.vc

Microsoft
Trojan:Win32/Occamy.C

Qihoo-360
Win32/Trojan.1c3

Sangfor Engine Zero
Malware

Sophos AV
Mal/Generic-S

Sophos ML
Heuristic

Symantec
ML.Attribute.HighConfidence

Trapmine
Suspicious.low.ml.score

TrendMicro
TROJ_GEN.R002C0DLC19

TrendMicro-HouseCall
TROJ_GEN.R002C0DLC19

VIPRE
Trojan.Win32.Generic!BT

Webroot
W32.Malware.gen

Yandex
RiskWare.GameTool!

Acronis
Undetected

AegisLab
Undetected

Alibaba
Undetected

Avast-Mobile
Undetected

Avira (no cloud)
Undetected

Baidu
Undetected

Bkav
Undetected

CAT-QuickHeal
Undetected

ClamAV
Undetected

CMC
Undetected

Comodo
Undetected

DrWeb
Undetected

eGambit
Undetected

F-Prot
Undetected

F-Secure
Undetected

Ikarus
Undetected

Jiangmin
Undetected

Kaspersky
Undetected

Kingsoft
Undetected

Malwarebytes
Undetected

NANO-Antivirus
Undetected

Palo Alto Networks
Undetected

Panda
Undetected

Rising
Undetected

SentinelOne (Static ML)
Undetected

SUPERAntiSpyware
Undetected

TACHYON
Undetected

Tencent
Undetected

VBA32
Undetected

ViRobot
Undetected

Zillya
Undetected

ZoneAlarm by Check Point
Undetected

Zoner
Undetected

Symantec Mobile Insight
Unable to process file type

Trustlook
Unable to process file type

Hola.

Te habia pedido el enlace que es la mejor manera de verificar los resultados.

Pero bueno… SI YO NO me equivoco tienes 36 detecciones de unos 60 motores de virus, por lo tanto infección clara.

Dinos SI te queda alguna duda.

Saludos.