Se bloquea mi internet


#1

Hola buenas noches antes que nada ya tenia demaciado tiempo que no venia ha este foro que siempre me ha ayudado mucho de echo tanto que hasta eliminaron mi cuenta xD.

bueno vamos al grano lo que pasa es que hace como 1 semana me viene pasando algo muy raro se bloquea mi Internet estoy jugando vídeos viendo face youtube etc y de repente quiero abrir otra pagina y ya no abre dice que se agoto el tiempo de espera solo sigue funcionando lo que ya esta abierto y todo lo demás que quiera abrir que ocupo internet me dice que no hay conexión mientras sigo usando al 100% lo que se quedo abierto antes de que pase esto y cierro lo que estaba usando y lo quiero abrir de nuevo ya nos e puede me dice lo mismo ya no hay internet y no marca ningun error en el internet ni la red checo el ping en cmd y todo bien se siguen enviando paquetes y todo el internet marca bien funciona mi wifi pero algo me bloquea el internet reinicio la pc y ya vuelve todo a lo normalidad todo funciona bien otra ves. lo que estuve viendo en esta semana es que siempre pasa casi a una misma hora 7:40 pm mas o menos para ser exacto aunque me a pasado mas tarde así pero siempre ha esa hora es casi seguro. y la verdad ya pase varios scan de antivurs y no logro saber que es espero puedan ayudarme y me halla explicado bien gracias.

Buenas noches Amigos espero respuesta


#2

Hola @David_Ramirez

Bienvenido a esta nueva etapa de InfoSpyware…!!!

Te dejo info de lo que ha pasado últimamente:

Al punto:

  • Cual es tu SO?
  • Que antivirus Tienes?
  • Tienes programado Windows Update para que busque actualizaciones a alguna hora en particular?

Para no mandarte de nuevo las mismas herramientas, podrías pegarnos esos reportes, o comentar cual corriste?

Guía: ¿Como Pegar reportes en el Foro?

Nos comentas.

Salu2.


#3

Windows 7 Professional Service pack 1

Eset Endpoint Antivirus -

Malwarebytes

Rkill

Rkill 2.9.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2018 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/26/2018 08:25:12 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Automatic Updates Disabled

   [HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
   "NoAutoUpdate" = dword:00000001

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * HOSTS file entries found: 

  /blog
  /blog
  /blog/

Program finished at: 12/26/2018 08:29:50 PM
Execution time: 0 hours(s), 4 minute(s), and 38 seconds(s)

sobre lo de windows update segun yo no. pero no logre encontrar donde esta la hora pero creo que estan desactivadas es que no me deja acceder a la configuración no me dejo subir imagenes directamente a la publicacion pero aqui las deje en un link.

Muchas gracias por responderme y por recibirme de nuevo aqui esta la info espero respuesta.


#4

Hola @David_Ramirez:

Comencemos a buscar:

:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga, instala y/o actualiza a las siguientes herramientas:

3.- Ejecutas respetando el orden los pasos:

CCleaner

Usando su opción Limpiador de acuerdo su Manual:

  • Para borrar Cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.

  • NO necesitamos este reporte

AdwCleaner

Lo ejecutas.

  • Pulsa en el botón Escanear y espera a que se realice el proceso. Luego pulsa sobre el botón Limpiar.
  • Espera a que se complete. Si te pidiera reiniciar el sistema Aceptas.
  • Guarda el reporte que le aparecerá para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también puede encontrarse en “C:\AdwCleaner\AdwCleaner.txt”

ZHPCleaner

  • Siguiendo su manual, lo instalas y ejecutas. Cuando termine, elimina todo lo que encuentre.

Malwarebytes

  • No olvides actualizarlo.
  • Lee detenidamente su Manual
  • Realiza un Análisis Completo.
  • Pulsa en “Eliminar Seleccionados” para enviar lo encontrado a la cuarentena.
  • Reinicias el Sistema.
  • En el apartado del manual “Historial” >> Registros de Aplicación >> Scan Log/Registro de Análisis encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta.

4.- Nota Importante:

En tu próxima respuesta debes pegar los reportes de AdwCleaner , ZHPCleaner y Malwarebytes.

Guía: ¿Como Pegar reportes en el Foro?

Nos comentas.

Salu2


#5

perdon la demora pero me paso lo que estamos tratando de arreglar y tube que reiniciar la pc para instalar. bueno aqui le dejo los reportes.

**AdwCleaner**
# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build:    12-18-2018
# Database: 2018-12-21.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    12-26-2018
# Duration: 00:00:03
# OS:       Windows 7 Professional
# Cleaned:  8
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\Tencent
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
Deleted       C:\Users\tuckerh\AppData\Roaming\Tencent

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{9586EF90-E6C5-4925-9FB3-2B864E17784C}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{53361E2E-85A8-4A9D-8F4A-D2701231E39E}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{78336CEC-341E-46A1-8D3E-2526DE2FA958}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E79F4ACF-E261-4873-9391-DB636FDEA2FB}
Deleted       HKLM\Software\Classes\METNSD

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4984 octets] - [05/06/2018 02:46:15]
AdwCleaner[C00].txt - [4271 octets] - [05/06/2018 02:46:43]
AdwCleaner[S01].txt - [1251 octets] - [05/06/2018 02:50:33]
AdwCleaner[C01].txt - [1356 octets] - [05/06/2018 02:51:06]
AdwCleaner[S02].txt - [1249 octets] - [05/06/2018 02:55:13]
AdwCleaner[S03].txt - [1249 octets] - [05/06/2018 02:56:48]
AdwCleaner[S04].txt - [1249 octets] - [05/06/2018 03:21:28]
AdwCleaner[C04].txt - [1374 octets] - [05/06/2018 03:21:58]
AdwCleaner[S05].txt - [1249 octets] - [05/06/2018 10:43:51]
AdwCleaner[S06].txt - [2685 octets] - [26/12/2018 22:44:55]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C06].txt ##########




~ ZHPCleaner v2018.12.26.210 by Nicolas Coolman (2018/12/26)
~ Run by tuckerh (Administrator)  (26/12/2018 23:10:29)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Reparar
~ Report : C:\Users\tuckerh\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\tuckerh\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)


---\\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Navegadores de Internet (1)
BORRADOS dados: [X64] HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxySettingsPerUser [Bad : 0]  =>.SUP.ProxyRestriction


---\\  Hosts carpeta (1)
~ El archivo hosts es legítimo (155)


---\\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Explorador ( Archivos, Carpetas ) (129)
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF24DFEADA8824E29B.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF2BF944525C304C49.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta^: C:\Users\tuckerh\AppData\Local\Temp\~DF2C611F9BAB52CFF3.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF2CD338BAE8662496.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF2CDC7E8BC79EB7A6.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF2EE4993A27AD6B1F.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF39A4A7730C79CB71.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF3AF4EE47492C39AC.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF3D3066C69F789D4D.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF45E8ADF42D883D21.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF47ED62755346B984.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF4BC9A05ADE632650.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF4C16CE3C0A46D62C.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF4EEC94E17CA0CC23.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF528E515A36EF3C39.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF5853FA4128FF5817.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF59F2E6CB004C7CC9.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF5DBC1E58319EEDE2.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF60296E2896379279.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF686BE565FC76799B.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF68E73DE8EDAFB007.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF6AC05AAAD878F8D0.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF70ED37D1EBF279AC.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF7476DE339819A622.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF7782385BD913F4A5.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF784A9E511AD6FBD1.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF78A8050D88FEB28A.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF7A0B848F9CC23232.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF7B4DB488E05146E9.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF7B9FFA166A519FDD.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF7CAA55551884CFBF.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF7DB585DD3CB17A75.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF802A405B5885A993.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF8383FA5F6D1EFF44.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF8564ECAC91B3517F.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF8A213591F4977519.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF8CE0676564633613.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF8D0FE3DF360567D4.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF8F8E20CCEBDC8129.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF95FCB7A263E9635B.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF95FFBFAB76B342DD.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF967EF755B6EC92FA.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF99B2F9F00F46DC34.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF9A4AB9403233F147.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DF9A8AB93E8617878D.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFA0EA2203E3E349ED.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFA0F81E067F60FC8B.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFA577D718486421BC.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFA7FB816A5C634587.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFA8158D179AEEA213.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFA97832443EE4EBE6.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFAACDA7F0C6D963BC.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFACF19E0F62388208.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFAF69E9DD7BAD2680.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFB000C7F6A5AC9ECD.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFB43F5957D7799AE5.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFB8091512B7B0F10A.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFB92BA6481DB717AD.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFB9ADCFB045B6B443.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFBB198B72E669F632.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFBD8BA8CFDF502EDA.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFBE560969B8865DD3.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFBF3374264347499F.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFC1DE1C9937613469.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFC8670AF47092B212.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFC867F81B1C1419F0.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFCA35AA535885B2F1.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFCB320FF26BBACABF.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFD11427A059039131.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFD20E47C01872FFC7.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFD3942AD2AB24BEF4.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFD6B33F525F46B8A2.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFD774AF04173A3793.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFDDD93332784E3F30.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFE154CFD864F6F1EF.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFE51E1B71C61F5D70.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFE6E448033D8FD5B7.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFE9933DEE11267175.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFEA5CCB840A9B4C5A.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFEEF532A71B7F3703.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFF0EDEA6212D79100.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFF10C45B6FE773191.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFF18406E31CDB5743.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFF9587A213D0D137D.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFFC83ADDFDDE121ED.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFFEC4196804AA6A00.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFFF11C342DFD5CDE6.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\tuckerh\AppData\Local\Temp\~DFFF950D831BAEA9DC.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Windows\AutoKMS\AutoKMS.exe [CODYQX4 - AutoKMS]  =>HackTool.AutoKMS
MOVIDO carpeta: C:\Windows\AutoKMS\AutoKMS.log    =>HackTool.AutoKMS
MOVIDO archivo: C:\ProgramData\Microsoft Toolkit  =>HackTool.AutoKMS
MOVIDO archivo^: C:\ProgramData\Tencent  =>.SUP.Tencent
MOVIDO archivo: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software  =>.SUP.Tencent
MOVIDO archivo: C:\Windows\AutoKMS  =>HackTool.AutoKMS
MOVIDO archivo: C:\Windows\Installer\MSI173.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI1FFD.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI3D4.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI3E49.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI46BF.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI5943.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI5FD8.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI60D5.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI652A.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI6612.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI6F1.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI7448.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI7A85.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI83AF.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI8C12.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI9022.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI92F1.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSIA462.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSIA9B1.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSIAEE5.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSIB88D.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSIBFF5.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSIC07E.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSIC3FA.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSIC5B0.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSIC68B.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSIC757.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSID43F.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSID807.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSIDC95.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSIE7F0.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSIFB88.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Users\tuckerh\AppData\LocalLow\EmieBrowserModeList  =>.SUP.Empty
MOVIDO archivo: C:\Users\tuckerh\AppData\LocalLow\EmieSiteList  =>.SUP.Empty
MOVIDO archivo: C:\Users\tuckerh\AppData\LocalLow\EmieUserList  =>.SUP.Empty


---\\  Registro ( Claves, Valores, Datos) (12)
BORRADOS dados: HKCR\.gif\\Default [Bad : WikiBroHTM.SRNX5KKJFRVTWEFMDPWSUF2BEU]  =>PUP.Optional.WikiBrowser
BORRADOS dados: HKCR\.png\\Default [Bad : WikiBroHTM.SRNX5KKJFRVTWEFMDPWSUF2BEU]  =>PUP.Optional.WikiBrowser
BORRADOS clave*: [X64] HKLM\SOFTWARE\Clients\StartMenuInternet\WikiBrowser.SRNX5KKJFRVTWEFMDPWSUF2BEU []  =>PUP.Optional.WikiBrowser
BORRADOS valor: HKLM64\Software\Classes\.htm\OpenWithProgIDs\\WikiBroHTM.SRNX5KKJFRVTWEFMDPWSUF2BEU []  =>PUP.Optional.WikiBrowser
BORRADOS valor: HKLM64\Software\Classes\.html\OpenWithProgIDs\\WikiBroHTM.SRNX5KKJFRVTWEFMDPWSUF2BEU []  =>PUP.Optional.WikiBrowser
BORRADOS valor: HKLM64\Software\Classes\.shtml\OpenWithProgIDs\\WikiBroHTM.SRNX5KKJFRVTWEFMDPWSUF2BEU []  =>PUP.Optional.WikiBrowser
BORRADOS valor: HKLM64\Software\Classes\.webp\OpenWithProgIDs\\WikiBroHTM.SRNX5KKJFRVTWEFMDPWSUF2BEU []  =>PUP.Optional.WikiBrowser
BORRADOS valor: HKLM64\Software\Classes\.xht\OpenWithProgIDs\\WikiBroHTM.SRNX5KKJFRVTWEFMDPWSUF2BEU []  =>PUP.Optional.WikiBrowser
BORRADOS valor: HKLM64\SOFTWARE\Classes\.gif\OpenWithProgids\\WikiBroHTM.SRNX5KKJFRVTWEFMDPWSUF2BEU []  =>PUP.Optional.WikiBrowser
BORRADOS valor: HKLM64\SOFTWARE\Classes\.jpeg\OpenWithProgids\\WikiBroHTM.SRNX5KKJFRVTWEFMDPWSUF2BEU []  =>PUP.Optional.WikiBrowser
BORRADOS valor: HKLM64\SOFTWARE\Classes\.jpg\OpenWithProgids\\WikiBroHTM.SRNX5KKJFRVTWEFMDPWSUF2BEU []  =>PUP.Optional.WikiBrowser
BORRADOS valor: HKLM64\SOFTWARE\Classes\.png\OpenWithProgids\\WikiBroHTM.SRNX5KKJFRVTWEFMDPWSUF2BEU []  =>PUP.Optional.WikiBrowser


---\\  Resumen de elementos en su estación de trabajo (6)
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.ProxyRestriction
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Other
https://nicolascoolman.eu/2017/02/02/hacktool-autokms/  =>HackTool.AutoKMS
https://nicolascoolman.eu/2017/02/23/tencentadressbar/  =>.SUP.Tencent
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Empty
https://www.nicolascoolman.com/fr/pup-optional-wikibrowser/  =>PUP.Optional.WikiBrowser


---\\ Limpieza adicional. (3)
~ Clave de registro Tracing borrados (3)
~ Quitar los antiguos informes de ZHPCleaner. (0)


---\\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ falta este navegador! (Opera Software)
~ El sistema ha sido reiniciado.


---\\ STATISTIQUES
~ Items escaneado : 1934
~ Items encontrado : 0
~ artículos cancelados : 0
~ Items opciones : 12/12
~ Ahorro de espacio (bytes) : 1441792


~ End of clean in 00h00mn30s

---\\  Reporte (7)
ZHPCleaner-[R]-26122018-23_03_41.txt
ZHPCleaner-[S]-26122018-22_32_08.txt
ZHPCleaner-[S]-26122018-22_32_29.txt
ZHPCleaner-[S]-26122018-22_41_23.txt
ZHPCleaner-[S]-26122018-23_02_34.txt
ZHPCleaner-[S]-26122018-23_10_11.txt
ZHPCleaner-[R]-26122018-23_10_59.txt




Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 26/12/18
Hora del análisis: 23:20
Archivo de registro: e31098fa-09a7-11e9-a5f2-0000929b54d8.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.508
Versión del paquete de actualización: 1.0.8513
Licencia: Premium

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: PCWZ\tuckerh

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 312891
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 6 min, 25 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

#6

Hola:

Después de la limpieza, como va el problema?

Salu2.


#7

Hola buenos días.

De echo despues de los paso hasta se me hizo un poco mas rápido el Internet y todo pero pasando un rato apareció el mismo problema.


#8

Hola @David_Ramirez:

Veamos que mas hay por allí:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

3.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2


#9

Hola Buenas tardes que tal. Aqui le dejo lo pedido. Los mande separados por que no me dejo mandarlos juntos que era muy extenso.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28.12.2018
Ran by tuckerh (administrator) on PCWZ (27-12-2018 15:46:02)
Running from C:\Users\tuckerh\Desktop
Loaded Profiles: tuckerh (Available Profiles: tuckerh & alex 2 & Guest)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Tencent) C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
(DigitalPersona, Inc.) C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe
(DigitalPersona, Inc.) C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpCardEngine.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Dell Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe
(Dell, Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.MgmtServer.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.SystrayApp.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-29] (Realtek Semiconductor)
HKLM\...\Run: [CSFTrayApp] => C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.SystrayApp.exe [232288 2014-09-11] ()
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [4124360 2015-02-27] (ESET)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2462536 2014-10-03] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-03-25] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-04-10] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [598200 2018-09-28] (Razer Inc.)
Winlogon\Notify\igfxcui: C:\Windows\System32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-07] (Piriform Ltd)
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [729704 2018-05-30] (Disc Soft Ltd)
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\...\MountPoints2: D - D:\setup.exe
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\...\MountPoints2: {2a4ee2af-5f82-11e8-8397-b083fe6c0e43} - E:\LG_PC_Programs.exe
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\...\MountPoints2: {595968ce-830b-11e7-b48e-b083fe6c0e43} - E:\autorun.exe
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\...\MountPoints2: {8a0afd6e-62a2-11e8-90d2-b083fe6c0e43} - F:\LG_PC_Programs.exe
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\System32\rtvcvfw64.dll [246272 2012-09-28] ()
HKLM\...\Drivers32-x32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] ()
Lsa: [Notification Packages] DPPassFilter scecli
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <==== ATTENTION (Restriction - ProxySettings)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{882F91C7-D979-4CA0-834E-371FF3BBC766}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{882F91C7-D979-4CA0-834E-371FF3BBC766}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3776704974-2500858669-2478405549-1002 -> {96054D6D-2630-4588-98DB-9610834C90D6} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-05-01] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-01] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: qvwnegan.default
FF ProfilePath: C:\Users\tuckerh\AppData\Roaming\Mozilla\Firefox\Profiles\qvwnegan.default [2018-12-27]
FF Extension: (Video DownloadHelper) - C:\Users\tuckerh\AppData\Roaming\Mozilla\Firefox\Profiles\qvwnegan.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-10-29]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\BrowserExt\dpchrome
FF Extension: (Dell Data Protection | Security Tools) - C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\BrowserExt\dpchrome [2015-02-11] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: (ESET Endpoint Security Extension) - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2015-04-27] [Legacy] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-01] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-10-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-10-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\BrowserExt\components\npChromeDPAgent.dll [2014-03-17] (DigitalPersona, Inc.)
FF Plugin HKU\S-1-5-21-3776704974-2500858669-2478405549-1002: @citrixonline.com/appdetectorplugin -> C:\Users\tuckerh\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-04-21] (Citrix Online)

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxps://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxps://www.google.com/"
CHR Profile: C:\Users\tuckerh\AppData\Local\Google\Chrome\User Data\Default [2018-12-26]
CHR Extension: (Diapositivas de Google) - C:\Users\tuckerh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-25]
CHR Extension: (Google Docs) - C:\Users\tuckerh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-25]
CHR Extension: (Google Drive) - C:\Users\tuckerh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-25]
CHR Extension: (YouTube) - C:\Users\tuckerh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-25]
CHR Extension: (Hojas de cálculo de Google) - C:\Users\tuckerh\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-25]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\tuckerh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-25]
CHR Extension: (Dell Data Protection | Security Tools) - C:\Users\tuckerh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2017-02-25]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\tuckerh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-25]
CHR Extension: (Gmail) - C:\Users\tuckerh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-25]
CHR Extension: (Chrome Media Router) - C:\Users\tuckerh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-25]
CHR Profile: C:\Users\tuckerh\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-12-27]
CHR Extension: (Documentos) - C:\Users\tuckerh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\tuckerh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16]
CHR Extension: (YouTube) - C:\Users\tuckerh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-26]
CHR Extension: (Adobe Acrobat) - C:\Users\tuckerh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-15]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\tuckerh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (AdBlock) - C:\Users\tuckerh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-11]
CHR Extension: (Dell Data Protection | Security Tools) - C:\Users\tuckerh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2017-02-26]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\tuckerh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-02]
CHR Extension: (Gmail) - C:\Users\tuckerh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-26]
CHR Extension: (Chrome Media Router) - C:\Users\tuckerh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-14]
CHR Profile: C:\Users\tuckerh\AppData\Local\Google\Chrome\User Data\System Profile [2018-12-26]
CHR HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\BrowserExt\dpchrome.crx [2014-03-17]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-03-14] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7356680 2018-10-16] ()
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-08-16] (BlueStack Systems, Inc.)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell)
R2 DellMgmtAgent; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe [255328 2014-09-11] (Dell Inc.)
R2 DellMgmtLoader; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe [26464 2014-09-11] ()
R2 DellMgmtServer; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.MgmtServer.exe [33632 2014-09-11] (Dell, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3638888 2018-05-30] (Disc Soft Ltd)
R2 DpHost; C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe [472912 2014-03-19] (DigitalPersona, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-06-17] (EasyAntiCheat Ltd)
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [41672 2015-02-27] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1029704 2015-02-27] (ESET)
S3 ESHASRV; C:\Program Files\ESET\ESET NOD32 Antivirus\EShaSrv.exe [190664 2015-02-27] (ESET)
S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1583488 2018-06-08] (Echobit LLC)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-10-03] (NVIDIA Corporation)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-06-11] (Hi-Rez Studios) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-21] (Intel Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [8010968 2018-03-16] (LLC Mail.Ru)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [7689368 2017-10-24] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-10-03] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-10-03] (NVIDIA Corporation)
R2 QMEmulatorService; C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [342776 2018-12-21] (Tencent)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [439936 2018-01-09] (Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [943232 2018-01-09] (Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2018-04-05] (Razer Inc)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533376 2018-05-15] (Razer Inc.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [502144 2018-05-16] (Razer Inc.)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1921768 2014-07-02] (SoftThinks SAS)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-15] (DEVGURU Co., LTD.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-12-11] (Microsoft Corporation)
S2 LkjawfulSjointer; C:\Program Files (x86)\LkjawfulSjointer\LkjawfulSjointer.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aow_drv; C:\Program Files\TxGameAssistant\UI\aow_drv_x64.sys [858672 2018-12-23] (Tencent)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-06-21] (Bluestack System Inc. )
R0 CredFltL; C:\Windows\System32\DRIVERS\CredFltL.sys [37120 2014-09-11] ()
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2018-06-08] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2018-06-08] (Disc Soft Ltd)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2017-05-14] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [219696 2015-03-02] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [155896 2014-08-19] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [147096 2014-09-10] (ESET)
R3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2018-06-08] (Echobit, LLC)
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHD64.sys [2192088 2013-08-23] (Realtek Semiconductor Corp.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-08-21] (Intel Corporation)
S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [7238880 2018-03-16] (LLC Mail.Ru)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-10-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 qcusbnet; C:\Windows\System32\DRIVERS\qcusbnet.sys [428600 2017-03-15] (QUALCOMM Incorporated)
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated)
S3 RzCommon; C:\Windows\System32\DRIVERS\RzCommon.sys [46056 2018-04-15] (Razer Inc)
S3 RzDev_005c; C:\Windows\System32\DRIVERS\RzDev_005c.sys [49648 2018-04-22] (Razer Inc)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [52248 2016-10-30] (Razer Inc)
S2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137592 2018-03-19] (Razer, Inc.)
R0 SEDFilter; C:\Windows\System32\DRIVERS\SEDFilter.sys [61184 2014-09-11] (Dell Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2018-11-30] ()
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2017-05-16] (Anchorfree Inc.)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 AndnetBus; system32\DRIVERS\lgandnetbus64.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-27 15:38 - 2018-12-27 15:46 - 000026335 _____ C:\Users\tuckerh\Desktop\FRST.txt
2018-12-27 15:38 - 2018-12-27 15:46 - 000000000 ____D C:\FRST
2018-12-27 15:34 - 2018-12-27 15:35 - 002423296 _____ (Farbar) C:\Users\tuckerh\Desktop\FRST64.exe
2018-12-27 08:40 - 2018-12-27 08:40 - 000000000 ____D C:\Users\tuckerh\AppData\Roaming\Tencent
2018-12-27 00:19 - 2018-12-27 08:42 - 000000000 ____D C:\ProgramData\Tencent
2018-12-26 23:28 - 2018-12-26 23:28 - 000001537 _____ C:\Users\tuckerh\Desktop\mw.txt
2018-12-26 23:16 - 2018-12-26 23:16 - 000015922 _____ C:\Users\tuckerh\Desktop\ZHPCleaner op.txt
2018-12-26 23:02 - 2018-12-27 00:17 - 000003239 _____ C:\Users\tuckerh\Desktop\ZHPCleaner.txt
2018-12-26 22:46 - 2018-12-26 22:50 - 000002723 _____ C:\Users\tuckerh\Desktop\AdwCleaner[C06].txt
2018-12-26 22:35 - 2018-12-26 22:35 - 000000832 _____ C:\Users\tuckerh\Desktop\ZHPCleaner.lnk
2018-12-26 22:31 - 2018-12-27 00:17 - 000000000 ____D C:\Users\tuckerh\AppData\Roaming\ZHP
2018-12-26 22:31 - 2018-12-26 22:31 - 000000000 ____D C:\Users\tuckerh\AppData\Local\ZHP
2018-12-26 22:19 - 2018-12-26 22:20 - 007320272 _____ (Malwarebytes) C:\Users\tuckerh\Downloads\adwcleaner_7.2.6.0.exe
2018-12-26 22:19 - 2018-12-26 22:20 - 003297664 _____ C:\Users\tuckerh\Downloads\ZHPCleaner.exe
2018-12-26 20:25 - 2018-12-26 20:29 - 000002234 _____ C:\Users\tuckerh\Desktop\Rkill.txt
2018-12-26 20:24 - 2018-12-26 20:24 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\tuckerh\Downloads\iExplore.exe.exe
2018-12-26 19:56 - 2018-12-26 19:57 - 000000000 __SHD C:\Users\alex 2\AppData\LocalLow\EmieSiteList
2018-12-26 19:54 - 2018-12-26 19:55 - 000000000 ____D C:\Users\alex 2\AppData\Roaming\Apple Computer
2018-12-26 19:54 - 2018-12-26 19:54 - 000110760 _____ C:\Users\alex 2\AppData\Local\GDIPFONTCACHEV1.DAT
2018-12-26 19:54 - 2018-12-26 19:54 - 000001419 _____ C:\Users\alex 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-12-26 19:54 - 2018-12-26 19:54 - 000000000 ____D C:\Users\alex 2\AppData\Roaming\Adobe
2018-12-26 19:54 - 2018-12-26 19:54 - 000000000 ____D C:\Users\alex 2\AppData\Local\VirtualStore
2018-12-26 19:54 - 2018-12-26 19:54 - 000000000 ____D C:\Users\alex 2\AppData\Local\mbamtray
2018-12-26 19:54 - 2018-12-26 19:54 - 000000000 ____D C:\Users\alex 2\AppData\Local\Google
2018-12-26 19:53 - 2018-12-26 19:55 - 000000000 ____D C:\Users\alex 2\AppData\Local\Razer
2018-12-26 19:53 - 2018-12-26 19:55 - 000000000 ____D C:\Users\alex 2\AppData\Local\NVIDIA Corporation
2018-12-26 19:53 - 2018-12-26 19:54 - 000000000 ____D C:\Users\alex 2
2018-12-26 19:53 - 2018-12-26 19:53 - 000000020 ___SH C:\Users\alex 2\ntuser.ini
2018-12-26 19:53 - 2018-12-26 19:53 - 000000000 _SHDL C:\Users\alex 2\Reciente
2018-12-26 19:53 - 2018-12-26 19:53 - 000000000 _SHDL C:\Users\alex 2\Plantillas
2018-12-26 19:53 - 2018-12-26 19:53 - 000000000 _SHDL C:\Users\alex 2\Mis documentos
2018-12-26 19:53 - 2018-12-26 19:53 - 000000000 _SHDL C:\Users\alex 2\Menú Inicio
2018-12-26 19:53 - 2018-12-26 19:53 - 000000000 _SHDL C:\Users\alex 2\Impresoras
2018-12-26 19:53 - 2018-12-26 19:53 - 000000000 _SHDL C:\Users\alex 2\Entorno de red
2018-12-26 19:53 - 2018-12-26 19:53 - 000000000 _SHDL C:\Users\alex 2\Documents\Mis vídeos
2018-12-26 19:53 - 2018-12-26 19:53 - 000000000 _SHDL C:\Users\alex 2\Documents\Mis imágenes
2018-12-26 19:53 - 2018-12-26 19:53 - 000000000 _SHDL C:\Users\alex 2\Documents\Mi música
2018-12-26 19:53 - 2018-12-26 19:53 - 000000000 _SHDL C:\Users\alex 2\Datos de programa
2018-12-26 19:53 - 2018-12-26 19:53 - 000000000 _SHDL C:\Users\alex 2\Configuración local
2018-12-26 19:53 - 2018-12-26 19:53 - 000000000 _SHDL C:\Users\alex 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2018-12-26 19:53 - 2018-12-26 19:53 - 000000000 _SHDL C:\Users\alex 2\AppData\Local\Historial
2018-12-26 19:53 - 2018-12-26 19:53 - 000000000 _SHDL C:\Users\alex 2\AppData\Local\Datos de programa
2018-12-26 19:53 - 2018-12-26 19:53 - 000000000 _SHDL C:\Users\alex 2\AppData\Local\Archivos temporales de Internet
2018-12-26 19:53 - 2018-12-26 19:53 - 000000000 ____D C:\Users\alex 2\AppData\Local\NVIDIA
2018-12-26 19:53 - 2018-06-12 22:28 - 000000000 ____D C:\Users\alex 2\AppData\Local\LogMeIn Hamachi
2018-12-26 19:53 - 2015-02-11 13:46 - 000000000 ____D C:\Users\alex 2\AppData\Local\Microsoft Help
2018-12-26 19:53 - 2010-11-20 23:16 - 000000000 ____D C:\Users\alex 2\AppData\Roaming\Media Center Programs
2018-12-25 16:37 - 2018-12-25 16:37 - 000110760 _____ C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2018-12-25 16:37 - 2018-12-25 16:37 - 000000000 ____D C:\Users\Guest\AppData\Roaming\Apple Computer
2018-12-25 16:37 - 2018-12-25 16:37 - 000000000 ____D C:\Users\Guest\AppData\Local\Google
2018-12-25 16:36 - 2018-12-25 16:37 - 000000000 ____D C:\Users\Guest\AppData\Local\Razer
2018-12-25 16:36 - 2018-12-25 16:37 - 000000000 ____D C:\Users\Guest\AppData\Local\NVIDIA Corporation
2018-12-25 16:36 - 2018-12-25 16:36 - 000001415 _____ C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-12-25 16:36 - 2018-12-25 16:36 - 000000020 ___SH C:\Users\Guest\ntuser.ini
2018-12-25 16:36 - 2018-12-25 16:36 - 000000000 _SHDL C:\Users\Guest\Reciente
2018-12-25 16:36 - 2018-12-25 16:36 - 000000000 _SHDL C:\Users\Guest\Plantillas
2018-12-25 16:36 - 2018-12-25 16:36 - 000000000 _SHDL C:\Users\Guest\Mis documentos
2018-12-25 16:36 - 2018-12-25 16:36 - 000000000 _SHDL C:\Users\Guest\Menú Inicio
2018-12-25 16:36 - 2018-12-25 16:36 - 000000000 _SHDL C:\Users\Guest\Impresoras
2018-12-25 16:36 - 2018-12-25 16:36 - 000000000 _SHDL C:\Users\Guest\Entorno de red
2018-12-25 16:36 - 2018-12-25 16:36 - 000000000 _SHDL C:\Users\Guest\Documents\Mis vídeos
2018-12-25 16:36 - 2018-12-25 16:36 - 000000000 _SHDL C:\Users\Guest\Documents\Mis imágenes
2018-12-25 16:36 - 2018-12-25 16:36 - 000000000 _SHDL C:\Users\Guest\Documents\Mi música
2018-12-25 16:36 - 2018-12-25 16:36 - 000000000 _SHDL C:\Users\Guest\Datos de programa
2018-12-25 16:36 - 2018-12-25 16:36 - 000000000 _SHDL C:\Users\Guest\Configuración local
2018-12-25 16:36 - 2018-12-25 16:36 - 000000000 _SHDL C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2018-12-25 16:36 - 2018-12-25 16:36 - 000000000 _SHDL C:\Users\Guest\AppData\Local\Historial
2018-12-25 16:36 - 2018-12-25 16:36 - 000000000 _SHDL C:\Users\Guest\AppData\Local\Datos de programa
2018-12-25 16:36 - 2018-12-25 16:36 - 000000000 _SHDL C:\Users\Guest\AppData\Local\Archivos temporales de Internet
2018-12-25 16:36 - 2018-12-25 16:36 - 000000000 ____D C:\Users\Guest\AppData\Roaming\Adobe
2018-12-25 16:36 - 2018-12-25 16:36 - 000000000 ____D C:\Users\Guest\AppData\Local\VirtualStore
2018-12-25 16:36 - 2018-12-25 16:36 - 000000000 ____D C:\Users\Guest\AppData\Local\NVIDIA
2018-12-25 16:36 - 2018-12-25 16:36 - 000000000 ____D C:\Users\Guest\AppData\Local\mbamtray
2018-12-25 16:36 - 2018-12-25 16:36 - 000000000 ____D C:\Users\Guest
2018-12-25 16:36 - 2018-06-12 22:28 - 000000000 ____D C:\Users\Guest\AppData\Local\LogMeIn Hamachi
2018-12-25 16:36 - 2015-02-11 13:46 - 000000000 ____D C:\Users\Guest\AppData\Local\Microsoft Help
2018-12-25 16:36 - 2010-11-20 23:16 - 000000000 ____D C:\Users\Guest\AppData\Roaming\Media Center Programs
2018-12-24 22:10 - 2018-12-24 22:10 - 000000000 ____D C:\Users\tuckerh\Documents\Klei
2018-12-21 23:00 - 2018-12-21 23:01 - 000000000 ____D C:\Users\tuckerh\AppData\Roaming\discord
2018-12-21 22:59 - 2018-12-21 23:00 - 000000000 ____D C:\Users\tuckerh\AppData\Local\Discord
2018-12-14 12:34 - 2018-12-14 12:34 - 000000000 ____D C:\Users\tuckerh\AppData\Roaming\IGdm
2018-12-05 21:08 - 2018-12-05 21:08 - 000000997 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hornera.lnk
2018-12-05 21:08 - 2018-12-05 21:08 - 000000000 ____D C:\Program Files (x86)\Hornera
2018-11-30 22:35 - 2018-11-30 22:35 - 000503352 _____ C:\Windows\system32\Drivers\sptd.sys
2018-11-30 18:10 - 2018-11-30 18:12 - 000000000 ____D C:\Users\tuckerh\Desktop\CD1

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-27 15:34 - 2017-02-26 18:24 - 000000000 ____D C:\Program Files (x86)\Steam
2018-12-27 12:45 - 2018-08-10 12:00 - 000005022 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for PCWZ-tuckerh PCWZ
2018-12-27 12:38 - 2014-12-11 01:10 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2018-12-27 11:46 - 2009-07-13 20:45 - 000021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-12-27 11:46 - 2009-07-13 20:45 - 000021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-12-27 11:39 - 2015-02-11 08:48 - 000131072 ___SH C:\CredSED.dat
2018-12-27 11:38 - 2018-03-01 13:42 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-12-27 11:37 - 2017-02-26 21:28 - 000000000 ____D C:\ProgramData\NVIDIA
2018-12-27 11:37 - 2009-07-13 21:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-12-26 22:34 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\inf
2018-12-26 21:44 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\system32\NDF
2018-12-26 19:52 - 2018-10-19 00:05 - 000000000 ____D C:\Program Files (x86)\Bignox
2018-12-26 19:52 - 2018-10-19 00:04 - 000000000 ____D C:\Users\tuckerh\AppData\Local\Nox
2018-12-26 19:52 - 2018-10-19 00:04 - 000000000 ____D C:\Program Files (x86)\Nox
2018-12-26 19:52 - 2015-02-11 14:22 - 000000000 ____D C:\Users\tuckerh
2018-12-22 20:19 - 2009-07-13 19:20 - 000000000 __SHD C:\Users\Public\Libraries
2018-12-21 23:00 - 2017-11-23 22:48 - 000002138 _____ C:\Users\tuckerh\Desktop\Discord.lnk
2018-12-21 23:00 - 2017-11-23 22:48 - 000000000 ____D C:\Users\tuckerh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2018-12-21 23:00 - 2017-11-23 22:47 - 000000000 ____D C:\Users\tuckerh\AppData\Local\SquirrelTemp
2018-12-21 22:22 - 2015-05-07 18:36 - 000000000 ____D C:\Users\tuckerh\AppData\Local\CrashDumps
2018-12-21 00:36 - 2018-09-11 17:55 - 000000279 _____ C:\Users\tuckerh\Desktop\nip.txt
2018-12-19 18:36 - 2017-02-25 22:42 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-19 15:57 - 2018-10-30 13:10 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-12-17 23:30 - 2015-02-11 08:43 - 000000000 ____D C:\ProgramData\Package Cache
2018-12-13 15:37 - 2017-02-25 22:44 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-13 15:37 - 2017-02-25 22:44 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-12-11 15:29 - 2017-02-26 12:35 - 000747334 _____ C:\Windows\system32\perfh00A.dat
2018-12-11 15:29 - 2017-02-26 12:35 - 000158854 _____ C:\Windows\system32\perfc00A.dat
2018-12-11 15:29 - 2009-07-13 21:13 - 001676890 _____ C:\Windows\system32\PerfStringBackup.INI
2018-12-11 14:47 - 2017-04-06 23:05 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-12-05 13:40 - 2014-12-11 01:01 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-12-05 13:40 - 2014-12-11 01:01 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-05 13:40 - 2014-12-11 01:01 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-12-05 13:40 - 2014-12-11 01:01 - 000000000 ____D C:\Windows\system32\Macromed
2018-11-30 18:46 - 2018-07-04 16:52 - 000007615 _____ C:\Users\tuckerh\AppData\Local\Resmon.ResmonCfg

==================== Files in the root of some directories =======

2018-10-05 12:51 - 2018-08-06 12:51 - 000000032 ____R () C:\ProgramData\hash.dat
2018-05-09 16:56 - 2018-07-13 21:24 - 000066790 _____ () C:\Program Files (x86)\hyxd_license.htm
2018-05-09 18:23 - 2018-05-09 18:23 - 000000013 _____ () C:\Users\tuckerh\AppData\Local\4040BDD0000f045.dat
2018-06-23 11:40 - 2018-06-23 11:40 - 000000013 _____ () C:\Users\tuckerh\AppData\Local\4040BDD0000f046.dat
2018-05-24 11:31 - 2018-05-24 11:31 - 000000006 _____ () C:\Users\tuckerh\AppData\Local\4040BDD0000f056.dat
2018-07-04 16:52 - 2018-11-30 18:46 - 000007615 _____ () C:\Users\tuckerh\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-12-26 16:30

==================== End of FRST.txt ============================

#10
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28.12.2018
Ran by tuckerh (27-12-2018 15:46:15)
Running from C:\Users\tuckerh\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-02-11 16:30:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3776704974-2500858669-2478405549-500 - Administrator - Disabled)
alex 2 (S-1-5-21-3776704974-2500858669-2478405549-1008 - Limited - Enabled) => C:\Users\alex 2
Guest (S-1-5-21-3776704974-2500858669-2478405549-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-3776704974-2500858669-2478405549-1004 - Limited - Enabled)
tuckerh (S-1-5-21-3776704974-2500858669-2478405549-1002 - Administrator - Enabled) => C:\Users\tuckerh

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Endpoint Antivirus 5.0 (Disabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 5.0 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Actualización de NVIDIA 16.13.56 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 16.13.56 - NVIDIA Corporation) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20064 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Aion (HKLM-x32\...\{B9291CA2-6FA5-44EA-8EE0-923EB32ADAAB}) (Version: 4.0.0.3 - NC Interactive, LLC)
Apple Application Support (32 bits) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{A05FDFEC-4377-49E0-82CB-B6D1386E89DA}) (Version: 11.3.0.9 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.36.1601 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
CmgMasterPrerequisites (HKLM-x32\...\{EE34FA4E-715A-46FA-9CAF-06E26AE4217D}) (Version: 1.4.1.777 - Credant Technologies Inc.) Hidden
Cuphead (HKLM-x32\...\Cuphead_is1) (Version:  - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.8.0.0455 - Disc Soft Ltd)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.60 - Dell Inc.)
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.0.0 - Dell Inc.)
Dell Data Protection | Client Security Framework (HKLM\...\{05FDD00D-1C45-44D1-AB3F-C24D45C39457}) (Version: 8.4.1.1717 - Dell, Inc.)
Dell Data Protection | Security Tools (HKLM-x32\...\{812AA6D3-5BEB-4577-88B1-00998B91AB41}) (Version: 1.4.1.777 - Dell, Inc.) Hidden
Dell Data Protection | Security Tools (HKLM-x32\...\InstallShield_{812AA6D3-5BEB-4577-88B1-00998B91AB41}) (Version: 1.4.1.777 - Dell, Inc.)
Dell Data Protection | Security Tools Authentication (HKLM\...\{0B72160B-9F67-47C0-858F-5A0074162148}) (Version: 1.3.1.433 - DigitalPersona, Inc.)
Dell Digital Delivery (HKLM-x32\...\{BC8233D8-59BA-4D40-92B9-4FDE7452AA8B}) (Version: 3.0.3999.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
Discord (HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\...\Discord) (Version: 0.0.301 - Discord Inc.)
Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Emergency Download Driver (HKLM-x32\...\{3F0F5AB4-C9CE-4226-8393-E9CFF8369D9D}) (Version: 1.1.16.1526 - Microsoft)
Epic Games Launcher (HKLM-x32\...\{0ACCA8BE-C376-428E-894E-D660A07B4C69}) (Version: 1.1.139.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Endpoint Antivirus (HKLM\...\{1BE78641-1686-432A-BDC2-F9E65D8AF2A1}) (Version: 5.0.2242.0 - ESET, spol. s r.o.)
Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.18 - Echobit, LLC)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 6.0.3.2 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hornera version 8.2 (HKLM-x32\...\{CF6AE2D7-1A10-427C-B32A-FF9B747AE2CB}_is1) (Version: 8.2 - Hornera)
HP Officejet 6600 Software básico del dispositivo (HKLM\...\{55AA4DCE-FBD5-4E92-9D7F-869A41768418}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
IIS 7.5 Express (HKLM-x32\...\{22025051-1991-48EB-8BE8-7A3329DAE7ED}) (Version: 7.5.1070 - Microsoft Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3234 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.4.40 - Intel Corporation)
iTunes (HKLM\...\{4089E747-D754-4E63-851B-4EEB3800C708}) (Version: 12.7.4.76 - Apple Inc.)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
K-Lite Codec Pack 13.1.6 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.1.6 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{525E2F2D-F698-4567-825F-8177C2702494}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.2.0 - LG Electronics)
Lumia UEFI Blue Driver (HKLM-x32\...\{9D2A75FE-8CE1-4297-AEC1-A097D47BACE9}) (Version: 1.1.10.1526 - Microsoft)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
MediaTek USB Driver Package version 1.13.39.00 (HKLM\...\MediaTek USB Driver Package_is1) (Version: 1.13.39.00 - MediaTek.Inc.)
Microsoft .NET Framework 4.5.2 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{5c75eda4-d029-43bf-a70b-a73d380f52ee}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.4.3 (HKLM-x32\...\{B561660D-8B3C-491D-9E3E-293F14FCAADA}_is1) (Version: 1.4.3 - Samuel Rodberg)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
Multisim 8 (HKLM-x32\...\{98E28570-B754-40B0-8B14-E242CB879EC5}) (Version: 8.0.24 - Electronics Workbench)
Multisim 8 (HKLM-x32\...\{DEB5C10B-9DD8-4D26-BBAF-37831290AAB1}) (Version: 8.0.24 - Electronics Workbench) Hidden
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NVIDIA Controlador de 3D Vision 344.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.60 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 344.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.60 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.3 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Panel de control de NVIDIA 344.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 344.60 - NVIDIA Corporation) Hidden
Paquete de controladores de Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.10.0 - Razer Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 8.7.16.626 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.21.1 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5987 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
RivaTuner Statistics Server 7.1.0 (HKLM-x32\...\RTSS) (Version: 7.1.0 - Unwinder)
Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.7.5.48 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)
SD Card Formatter (HKLM-x32\...\{10C16E01-F739-4093-89A7-E570589FA0F6}) (Version: 5.0.0 - SD Association)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 16.13.56 - NVIDIA Corporation) Hidden
Skype™ 7.39 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.39.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tencent Gaming Buddy (HKLM-x32\...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company)
The Forest (HKLM-x32\...\The Forest_is1) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.5.1 - VideoLAN)
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
Windows Device Recovery Tool 3.14.07501 (HKLM-x32\...\{a8ef6d85-8556-4ab8-9e84-f935f5582d43}) (Version: 3.14.7501 - Microsoft)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinUsb CoInstallers (HKLM-x32\...\{9755918A-CDF8-4F1E-8453-6359CF1A330A}) (Version: 1.1.12.1526 - Microsoft)
WinUSB Compatible ID Drivers (HKLM-x32\...\{A4A0B236-6046-4CAB-8177-1EAF61112C75}) (Version: 1.1.11.1526 - Microsoft)
WinUSB Drivers ext (HKLM-x32\...\{29BAAF65-09E5-4F52-8D15-2FAF2E23A8DC}) (Version: 1.1.24.1544 - Microsoft)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3776704974-2500858669-2478405549-1002_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3776704974-2500858669-2478405549-1002_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3776704974-2500858669-2478405549-1002_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3776704974-2500858669-2478405549-1002_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3776704974-2500858669-2478405549-1002_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3776704974-2500858669-2478405549-1002_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\System32\mscoree.dll [2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\System32\mscoree.dll [2010-11-20] (Microsoft Corporation)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1-x32: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2015-02-27] (ESET)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-05-30] (Disc Soft Ltd)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2015-02-27] (ESET)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-05-30] (Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-07-09] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2014-10-29] (NVIDIA Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2015-02-27] (ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2B44DA45-5B39-4640-B665-67042EE565FC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-25] (Google Inc.)
Task: {3076FCCB-1420-42B7-A807-B309F622B7BE} - System32\Tasks\{627FEA7C-C8C1-44ED-9931-8ED76330237E} => C:\Windows\system32\pcalua.exe -a "C:\Users\tuckerh\Desktop\Driver (binary)\vcredist_x64.exe" -d "C:\Users\tuckerh\Desktop\Driver (binary)"
Task: {41C80CD7-E20A-4E17-B875-9E2B71ADA5C4} - System32\Tasks\{225B74AE-9920-4DC3-B1FD-DC3CC3772E41} => C:\Windows\system32\pcalua.exe -a "C:\Users\tuckerh\Desktop\LisinCitKnives Out4.0.exe" -d C:\Users\tuckerh\Desktop
Task: {51B98A5D-67C0-4A0C-ADD1-CCF503150B37} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {62F5D0BD-32F4-495E-9B8B-16A80CC5792E} - System32\Tasks\{3E036FA5-8EE5-4747-8F64-C10068F049FC} => C:\Program Files\Webzen\FlyFF\Flyff.exe
Task: {65E3D1E8-A6FA-41EB-89D8-A410B6D682DE} - System32\Tasks\{391CA4B3-28D4-4ED9-92C3-3CAE027CA0D7} => C:\Program Files\Webzen\FlyFF\Flyff.exe
Task: {674A5465-102B-498C-845C-61B94A8AE8E3} - System32\Tasks\DSZOVRB => C:\Users\skyadmin\AppData\Roaming\DSZOVRB.exe <==== ATTENTION
Task: {6C63A964-E357-4BAD-AB4D-06BA1FA05F09} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {78C493A6-5422-43E9-8809-AADC28EAC28A} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate
Task: {78C493A6-5422-43E9-8809-AADC28EAC28A} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(2): %windir%\system32\rundll32.exe -> invagent.dll,RunUpdate
Task: {A19B31C7-0EB5-4ECB-97F4-C219DA657624} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {B746707C-6F97-4C9A-97E7-8FB92783D152} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {C0A84B20-9E26-45CD-9127-03F35A45EB6F} - System32\Tasks\Microsoft Office 15 Sync Maintenance for PCWZ-tuckerh PCWZ => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {CBC2FC92-E6C9-42EC-818F-CC6989E18A72} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-05-10] ()
Task: {E3E4ACA0-FAED-45E1-92AD-005D408EEDF6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {E6B854CA-832C-403C-8567-A680A2E2A2A5} - System32\Tasks\AutoKMS
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove -> No File <==== ATTENTION
Task: {F364B7E9-5153-4B82-9DFC-DD5A9594385F} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate -nolegacy
Task: {F364B7E9-5153-4B82-9DFC-DD5A9594385F} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(2): %windir%\system32\rundll32.exe -> appraiser.dll,DoScheduledTelemetryRun
Task: {FE78E11D-BE52-4D8A-8329-C441CED174EE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-07] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\tuckerh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2014-09-11 18:59 - 2014-09-11 18:59 - 000303968 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\authproxy.dll
2018-03-16 14:19 - 2018-03-16 14:19 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-03-16 14:19 - 2018-03-16 14:19 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-09-11 18:59 - 2014-09-11 18:59 - 000026464 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe
2014-09-11 18:59 - 2014-09-11 18:59 - 000129376 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\CredSEDProxy.dll
2014-09-11 18:59 - 2014-09-11 18:59 - 000666464 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\CredCommon.dll
2014-09-11 18:59 - 2014-09-11 18:59 - 000879456 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\CryptoProvider.dll
2014-09-11 18:59 - 2014-09-11 18:59 - 000707424 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\DBManager.dll
2014-09-11 18:59 - 2014-09-11 18:59 - 000353632 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\OPALProvider.dll
2014-09-11 18:59 - 2014-09-11 18:59 - 001507680 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\ConnectionProvider.dll
2014-09-11 18:59 - 2014-09-11 18:59 - 000047968 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\FVEProvider.dll
2014-09-11 18:59 - 2014-09-11 18:59 - 000232288 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.SystrayApp.exe
2018-03-28 16:05 - 2018-03-28 16:05 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-03-28 16:05 - 2018-03-28 16:05 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2014-12-11 01:10 - 2014-07-02 19:55 - 000487144 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2018-12-13 15:37 - 2018-12-11 21:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-13 15:37 - 2018-12-11 21:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2014-11-24 11:39 - 2014-11-24 11:39 - 000155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2014-12-11 01:04 - 2013-08-21 15:33 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-10-14 21:15 - 2018-10-14 21:15 - 000143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2014-12-11 01:10 - 2014-07-30 15:37 - 001906464 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2014-12-11 01:10 - 2012-11-25 21:19 - 001153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2014-12-11 01:10 - 2012-11-25 21:19 - 000117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3728 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3771 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3869 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:4497 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:4661 [0]
AlternateDataStreams: C:\Users\Public\AppData:CSM [424]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RSMWebServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\seclogon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Windows Agent Maintenance Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Windows Agent Service => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2018-12-26 22:43 - 000000329 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\tuckerh\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Corporation)
FirewallRules: [TCP Query User{2E0AC78A-CF5D-4164-ADDF-EDA6DBABBDA8}E:\respaldo alex\google\chrome\application\chrome.exe] => (Allow) E:\respaldo alex\google\chrome\application\chrome.exe No File
FirewallRules: [UDP Query User{5FD086E7-2E56-468A-A9EE-4DAA3F080D4F}E:\respaldo alex\google\chrome\application\chrome.exe] => (Allow) E:\respaldo alex\google\chrome\application\chrome.exe No File
FirewallRules: [TCP Query User{7E4A0A62-25F8-44C2-BD4C-61479C6AAB35}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe (Skype Technologies S.A.)
FirewallRules: [UDP Query User{8300F727-413D-452F-A084-F4628E3521D4}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe (Skype Technologies S.A.)
FirewallRules: [{65F8DB31-D013-461F-909B-5FD9B67A75E1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{E5B4A603-5E17-4BE7-A44F-4BF9C973F5BE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{BE6E544D-F6CE-4608-B94A-E35C79A1261F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{54BC457A-13BE-439B-B133-CF4C1455066A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{9A3483B4-2540-467B-A14A-5AF30A7F1D5C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{011F0ED4-179B-4F1E-AE42-D33019EC0C1B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{C5AD56FD-D149-49F8-BD80-4585CB40F833}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
FirewallRules: [{E5AC32E4-7F5E-4BE6-9F14-07E9E0761644}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
FirewallRules: [{FD5E4320-0F2A-4DB8-8A85-9AB6DFE3CF5D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
FirewallRules: [{A791187B-6BE0-4705-8804-77717D7B5567}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
FirewallRules: [{C13C3AFB-DBF2-4115-A180-9B23B22A0643}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{BCEB261E-8CE1-41FE-9D3E-B8C9C997125C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{F9B6DE8B-9637-4F39-B4FF-C2A35C8ED819}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\FaxApplications.exe (Hewlett-Packard Co.)
FirewallRules: [{6C9F0DF6-23DB-4965-9FDE-2BD17B82AEA4}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\DigitalWizards.exe (Hewlett-Packard Co.)
FirewallRules: [{20CAF400-E47A-406F-BB5F-00D170E2D69B}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\SendAFax.exe (Hewlett-Packard Co.)
FirewallRules: [{E42259FE-979D-4509-8F7E-0516795E7222}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\DeviceSetup.exe (Hewlett-Packard Co.)
FirewallRules: [{1C785001-F916-48FE-A518-CDAB4954562F}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe (Hewlett-Packard Co.)
FirewallRules: [{0D52DD98-7B6D-4754-BA23-B876BE5005C3}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicatorCom.exe (Hewlett-Packard Co.)
FirewallRules: [{8C756839-2936-4BB7-9EA8-2858744FDCEF}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe ()
FirewallRules: [{12FD092C-B3AD-4DB9-8836-944DC2837739}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe ()
FirewallRules: [{03E00B38-F88E-46E9-B154-0F6EF8BEE578}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{9EA61701-A88E-4F2E-807D-CE0B6ECF92C2}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe (BlueStack Systems, Inc.)
FirewallRules: [{B9C08C58-E374-4B52-9549-4669BBD475C5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{16EC5C7F-023C-4D8D-BC4A-B3E52767FB79}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{B9D36A32-E486-4983-AEE3-3E548218D7C6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{A47D3339-2B4F-404B-9659-CC40C047019B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [TCP Query User{E07F9061-7CAC-4011-9444-3235CBFD07AC}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{3DCA2FB8-F838-421C-9A3D-3A512441157F}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{88624B66-CA4F-430E-BE6D-5EF2E0FEF825}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{3218CE84-1CF3-4A0D-B3AD-A71172324689}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{226F408E-0BFD-414D-BAF5-8299539CCEE7}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{221A4A54-CC84-479F-8633-DD0760D5F0D6}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{7A34EE7C-0581-49D5-BC98-CB3D8CA11BF6}C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe (MY.COM B.V.)
FirewallRules: [UDP Query User{A77CBE7C-13E8-4997-9C0A-07FBCD42F89E}C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe (MY.COM B.V.)
FirewallRules: [{B66BE154-94C3-4524-B467-48D70D2BF83C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
FirewallRules: [{27405FC4-DD5C-4B2A-9F17-7E00433538B8}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
FirewallRules: [{C13F9598-8176-4C42-8DD6-CC052C0B2C77}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Disc Soft Ltd)
FirewallRules: [{EBE38910-FFBD-47A4-AA43-2F36BC487B65}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe (Echobit LLC)
FirewallRules: [{34D33676-2E14-47E1-8BB5-CE67E4EC394E}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe (Echobit LLC)
FirewallRules: [{AB2203B2-7CE7-4E0A-A2DC-5FEB2F9C5109}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe (EasyAntiCheat Ltd)
FirewallRules: [{0FEA59BC-9BB4-4E70-9CD9-AF8B18E3BF24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe (EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{11C89F93-9F68-488A-8661-8280E41A74EE}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe (Hirez Studios, Inc.)
FirewallRules: [UDP Query User{590AC317-0702-4887-8E25-CDFF0CFB8266}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe (Hirez Studios, Inc.)
FirewallRules: [TCP Query User{036EF37A-F3D2-4136-B90A-38F35A8935FE}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe (Hirez Studios, Inc.)
FirewallRules: [UDP Query User{3EA46B1C-D03B-4617-87B0-3AEAED29BE1E}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe (Hirez Studios, Inc.)
FirewallRules: [TCP Query User{EA97E56A-AB01-4A88-8786-FE8B6A62C1B0}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{40E54CE4-01C0-4977-BD14-3C469F849798}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{3F5DB990-B3D8-4C80-A4EC-8880F25BA955}C:\program files (x86)\the forest\theforest.exe] => (Allow) C:\program files (x86)\the forest\theforest.exe ()
FirewallRules: [UDP Query User{79C6D7BA-A284-418C-856C-848D8A3856DC}C:\program files (x86)\the forest\theforest.exe] => (Allow) C:\program files (x86)\the forest\theforest.exe ()
FirewallRules: [{6F8420E8-EDDA-40A1-B8B4-A4DC8FCD05EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe ()
FirewallRules: [{77DE3E63-B7A0-4849-8D53-674A8C833D27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe ()
FirewallRules: [{564DD660-AE6A-4809-8036-D3C3924EA11A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{1B15D299-BD64-4005-9B32-5BC77CDDD612}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [TCP Query User{94AFBD2D-5BE8-4BD1-B4AD-8A29F10795C2}C:\users\tuckerh\desktop\pixark v0.1.0.232-pivigames.blog\shootergame\binaries\win64\pixark.exe] => (Allow) C:\users\tuckerh\desktop\pixark v0.1.0.232-pivigames.blog\shootergame\binaries\win64\pixark.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{AA714E98-100D-43E7-94B1-56D818722DA6}C:\users\tuckerh\desktop\pixark v0.1.0.232-pivigames.blog\shootergame\binaries\win64\pixark.exe] => (Allow) C:\users\tuckerh\desktop\pixark v0.1.0.232-pivigames.blog\shootergame\binaries\win64\pixark.exe (Epic Games, Inc.)
FirewallRules: [{DFF4FF7B-CF21-4D68-ADBA-065C151A1B0E}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe (Tencent)
FirewallRules: [{18EC6F89-C450-45CA-9B05-7603408B15CE}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\TInst.exe ()
FirewallRules: [{994B5E84-3B78-46EF-8909-1CED2E2D43B0}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\bugreport.exe (腾讯公司)
FirewallRules: [{C8B485DE-9F7D-4072-A34D-C1C9FDEA4DFD}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe ()
FirewallRules: [{C3A009BE-7A89-4CB4-9A5C-66AEA627A0E4}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\GameDownload.exe (Tencent)
FirewallRules: [{F5283FA4-D446-4814-A371-F097DC5D1B2C}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\GF186\TUpdate.exe (Tencent)
FirewallRules: [{222646A6-9BCB-4E3C-92A7-BDFE7175F53A}] => (Allow) C:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe (Tencent)
FirewallRules: [{549D46F9-6916-4EE9-BF12-7CC0DCAF50E2}] => (Allow) C:\Program Files\TxGameAssistant\UI\adb.exe ()
FirewallRules: [{A9CE8A14-BBD3-49FE-8782-28620063B246}] => (Allow) C:\Program Files\TxGameAssistant\UI\TInst.exe ()
FirewallRules: [{143C29A0-52E6-4256-BC35-C481C04C8BEA}] => (Allow) C:\Program Files\TxGameAssistant\UI\bugreport.exe (Tencent)
FirewallRules: [{3488D7EE-8F2B-4F22-8CC1-86FDE7FDC41F}] => (Allow) C:\Program Files\TxGameAssistant\UI\TxGaDcc.exe (Tencent)
FirewallRules: [{94B3FEBD-E522-48FD-9499-837CECB4A89B}] => (Allow) C:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe (Tencent)
FirewallRules: [{9C96E8CF-53D3-4988-AF5A-CC52AE9556F7}] => (Allow) C:\Program Files\TxGameAssistant\UI\adb.exe ()
FirewallRules: [{A367AD57-32A9-409E-BCF6-687AEA874E83}] => (Allow) C:\Program Files\TxGameAssistant\UI\TInst.exe ()
FirewallRules: [{E0278180-3BDA-4754-A524-769E6456B326}] => (Allow) C:\Program Files\TxGameAssistant\UI\bugreport.exe (Tencent)
FirewallRules: [{86A1A7D6-4C43-4107-B376-175309496F4B}] => (Allow) C:\Program Files\TxGameAssistant\UI\TxGaDcc.exe (Tencent)
FirewallRules: [{A6B19CA3-FD37-4A96-9F7A-5AF245EBF085}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spiral Knights\java_vm\bin\javaw.exe (Sun Microsystems, Inc.)
FirewallRules: [{2AB6D76F-D0A8-4748-9830-B6AF3AFD4B12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spiral Knights\java_vm\bin\javaw.exe (Sun Microsystems, Inc.)
FirewallRules: [TCP Query User{7A1FB87F-1D57-47E6-9BD0-B26B4E4183CA}C:\users\tuckerh\appdata\local\turbo.net\sandbox\µtorrent\3.5.3.44358\local\stubexe\0x1b0cf07ea63d4526\utorrent.exe] => (Allow) C:\users\tuckerh\appdata\local\turbo.net\sandbox\µtorrent\3.5.3.44358\local\stubexe\0x1b0cf07ea63d4526\utorrent.exe (Code Systems Corporation)
FirewallRules: [UDP Query User{25145DD1-F10E-4BE2-B2F4-2DD884E0A625}C:\users\tuckerh\appdata\local\turbo.net\sandbox\µtorrent\3.5.3.44358\local\stubexe\0x1b0cf07ea63d4526\utorrent.exe] => (Allow) C:\users\tuckerh\appdata\local\turbo.net\sandbox\µtorrent\3.5.3.44358\local\stubexe\0x1b0cf07ea63d4526\utorrent.exe (Code Systems Corporation)
FirewallRules: [TCP Query User{E11B9BFF-BB1C-433A-A8A9-7174FB215DBF}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe ()
FirewallRules: [UDP Query User{7BB33EFB-6A89-47B2-A230-3D176EAC9902}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe ()
FirewallRules: [TCP Query User{654718FC-4AEC-4201-81A8-A1F37C9FD99B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe ()
FirewallRules: [UDP Query User{A4D0B482-2C4B-414D-8336-5904B781E8F8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe ()
FirewallRules: [TCP Query User{EA1782E1-026B-48D3-B5E8-B895377BF9C0}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe ()
FirewallRules: [UDP Query User{CD36A44C-8401-4929-8566-9EE6EAFA06EC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe ()
FirewallRules: [TCP Query User{59BE4D44-7DE3-4AA5-BA6E-C4E6438054DA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe ()
FirewallRules: [UDP Query User{AA2BF5ED-EFC0-4067-AEF7-2D74FC817DA3}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe ()
FirewallRules: [{D957A64E-6C2D-4909-8D9D-E935B1B4D233}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{573A13A5-B5F5-4668-9DE8-06771BE3BFEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ring of Elysium\SLauncher.exe ()
FirewallRules: [{EBFA6977-0B7D-4BBC-A40A-839408CF645B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ring of Elysium\SLauncher.exe ()
FirewallRules: [{0C5FC365-8F6B-4390-8A18-8D82C5067856}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe ()
FirewallRules: [{B5879CB0-697B-4156-A2E1-4EAD1E041F9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe ()
FirewallRules: [{52F8CBCD-9CC1-411B-93F0-AD8CF261F6CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe ()
FirewallRules: [{77150A3E-6BE0-4C1E-8E8E-6029145E3EEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe ()
FirewallRules: [{1605D186-57C4-409A-9FCC-0F5F9034A15E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{89DDCF3D-F31F-4CAC-94C9-F12775F7DDB2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{343F57F5-8A70-4305-A29E-1AD84A7DAA5C}] => (Allow) C:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe (Tencent)
FirewallRules: [{FFADF90F-34B2-446F-8263-0E98A48DF92E}] => (Allow) C:\Program Files\TxGameAssistant\UI\adb.exe ()
FirewallRules: [{EC9F1688-0E86-4D5D-81FC-1FA7D30320FE}] => (Allow) C:\Program Files\TxGameAssistant\UI\TInst.exe ()
FirewallRules: [{9004AA6A-5169-4D00-BD00-29ACBDD79103}] => (Allow) C:\Program Files\TxGameAssistant\UI\bugreport.exe (Tencent)
FirewallRules: [{3E315B12-20EE-4377-B0D1-F90A62F1D74D}] => (Allow) C:\Program Files\TxGameAssistant\UI\TxGaDcc.exe (Tencent)
FirewallRules: [{C886CFFB-520A-43CF-ADAC-2BC8EE9B7C4A}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe (Tencent)
FirewallRules: [{43BAE8E1-18C0-42C3-8E07-44518933F4EE}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\TInst.exe ()
FirewallRules: [{25EAFE5C-FCAB-4E2E-ABE3-CD02A7246AAD}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\bugreport.exe (腾讯公司)
FirewallRules: [{07B5B39D-1A0F-4102-85B2-024DA03511D1}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe ()
FirewallRules: [{DFB62A78-8F50-467E-B11A-C51E596F3772}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\GameDownload.exe (Tencent)
FirewallRules: [{48ABD34D-4831-4280-817B-CBC3C794B915}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\GF186\TUpdate.exe (Tencent)

==================== Restore Points =========================

26-12-2018 18:04:35 Punto de control programado

==================== Faulty Device Manager Devices =============

Name: MediaTek PreLoader USB VCOM Port (COM8)
Description: MediaTek PreLoader USB VCOM Port
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: MediaTek Inc.
Service: usbser
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/27/2018 02:20:33 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Un problema impidió que los datos del Programa para la mejora de la experiencia del usuario se enviaran a Microsoft, (error 80004005).

Error: (12/27/2018 11:55:14 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/27/2018 11:39:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (12/27/2018 07:57:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (12/27/2018 12:21:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (12/27/2018 12:07:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (12/26/2018 11:57:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (12/26/2018 11:13:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.


System errors:
=============
Error: (12/27/2018 12:33:33 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (12/27/2018 12:33:33 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.

Error: (12/27/2018 11:38:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio rzpnk no pudo iniciarse debido al siguiente error: 
Windows no puede comprobar la firma digital en este archivo. Un cambio reciente en el hardware o en el software podría haber instalado un archivo con una firma incorrecta o dañada, o podría también tratarse de un software malintencionado proveniente de un origen desconocido.

Error: (12/27/2018 11:37:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio LkjawfulSjointer no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (12/27/2018 08:18:43 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (12/27/2018 08:18:43 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.

Error: (12/27/2018 07:57:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio rzpnk no pudo iniciarse debido al siguiente error: 
Windows no puede comprobar la firma digital en este archivo. Un cambio reciente en el hardware o en el software podría haber instalado un archivo con una firma incorrecta o dañada, o podría también tratarse de un software malintencionado proveniente de un origen desconocido.

Error: (12/27/2018 07:56:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio LkjawfulSjointer no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.


Windows Defender:
===================================
Date: 2018-10-30 04:36:12.864
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{A4649ED7-94F6-45FE-9131-DB454DAE27BB}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2017-05-24 11:15:53.054
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80508007
Descripción de error:Memoria insuficiente en el equipo. Cierre algunos programas e intente de nuevo, o busque información en Ayuda y soporte técnico para prevenir los problemas de memoria insuficiente. 
Versión de firma:1.209.2242.0
Versión de motor:1.1.12205.0

CodeIntegrity:
===================================

Date: 2018-12-27 11:38:48.409
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\rzpnk.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-12-27 11:38:48.352
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\rzpnk.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-12-27 07:57:36.161
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\rzpnk.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-12-27 07:57:36.073
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\rzpnk.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-12-27 00:21:16.513
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\rzpnk.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-12-27 00:21:16.390
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\rzpnk.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-12-27 00:07:50.233
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\rzpnk.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-12-27 00:07:50.166
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\rzpnk.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
Percentage of memory in use: 35%
Total physical RAM: 8110.65 MB
Available physical RAM: 5191.71 MB
Total Virtual: 16219.49 MB
Available Virtual: 13066.21 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:453.99 GB) (Free:114.11 GB) NTFS
Drive y: (RECOVERY) (Fixed) (Total:11.73 GB) (Free:3.99 GB) NTFS ==>[system with boot components (obtained from drive)]


==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================

#11

Hola @David_Ramirez:

Sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Inicie su ordenador en >>> Modo Seguro

Luego vaya a::

Inicio >>> Ejecutar >>> Escribe notepad.exe o abra un nuevo archivo Notepad y copie y pegue lo siguiente:

Start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-07] (Piriform Ltd)
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\...\MountPoints2: D - D:\setup.exe
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\...\MountPoints2: {2a4ee2af-5f82-11e8-8397-b083fe6c0e43} - E:\LG_PC_Programs.exe
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\...\MountPoints2: {595968ce-830b-11e7-b48e-b083fe6c0e43} - E:\autorun.exe
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\...\MountPoints2: {8a0afd6e-62a2-11e8-90d2-b083fe6c0e43} - F:\LG_PC_Programs.exe
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <==== ATTENTION (Restriction - ProxySettings)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{882F91C7-D979-4CA0-834E-371FF3BBC766}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{882F91C7-D979-4CA0-834E-371FF3BBC766}: [DhcpNameServer] 192.168.1.254
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3776704974-2500858669-2478405549-1002 -> {96054D6D-2630-4588-98DB-9610834C90D6} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-05-01] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-01] (Oracle Corporation)
FF Extension: (Dell Data Protection | Security Tools) - C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\BrowserExt\dpchrome [2015-02-11] [Legacy] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-01] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin HKU\S-1-5-21-3776704974-2500858669-2478405549-1002: @citrixonline.com/appdetectorplugin -> C:\Users\tuckerh\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-04-21] (Citrix Online)
CHR HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\BrowserExt\dpchrome.crx [2014-03-17]
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-06-11] (Hi-Rez Studios) [File not signed]
S3 mracsvc; C:\Windows\System32\mracsvc.exe [8010968 2018-03-16] (LLC Mail.Ru)
C:\Windows\System32\mracsvc.exe
S2 LkjawfulSjointer; C:\Program Files (x86)\LkjawfulSjointer\LkjawfulSjointer.exe [X]
C:\Program Files (x86)\LkjawfulSjointer
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2017-05-16] (Anchorfree Inc.)
S3 AndnetBus; system32\DRIVERS\lgandnetbus64.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2018-12-27 08:40 - 2018-12-27 08:40 - 000000000 ____D C:\Users\tuckerh\AppData\Roaming\Tencent
2018-12-27 00:19 - 2018-12-27 08:42 - 000000000 ____D C:\ProgramData\Tencent
2018-12-26 20:24 - 2018-12-26 20:24 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\tuckerh\Downloads\iExplore.exe.exe
Task: {3076FCCB-1420-42B7-A807-B309F622B7BE} - System32\Tasks\{627FEA7C-C8C1-44ED-9931-8ED76330237E} => C:\Windows\system32\pcalua.exe -a "C:\Users\tuckerh\Desktop\Driver (binary)\vcredist_x64.exe" -d "C:\Users\tuckerh\Desktop\Driver (binary)"
C:\Windows\system32\pcalua.exe
Task: {41C80CD7-E20A-4E17-B875-9E2B71ADA5C4} - System32\Tasks\{225B74AE-9920-4DC3-B1FD-DC3CC3772E41} => C:\Windows\system32\pcalua.exe -a "C:\Users\tuckerh\Desktop\LisinCitKnives Out4.0.exe" -d C:\Users\tuckerh\Desktop
Task: {674A5465-102B-498C-845C-61B94A8AE8E3} - System32\Tasks\DSZOVRB => C:\Users\skyadmin\AppData\Roaming\DSZOVRB.exe <==== ATTENTION
C:\Users\skyadmin\AppData\Roaming\DSZOVRB.exe
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove -> No File <==== ATTENTION
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3728 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3771 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3869 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:4497 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:4661 [0]
AlternateDataStreams: C:\Users\Public\AppData:CSM [424]
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
FirewallRules: [{DFF4FF7B-CF21-4D68-ADBA-065C151A1B0E}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe (Tencent)
FirewallRules: [{18EC6F89-C450-45CA-9B05-7603408B15CE}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\TInst.exe ()
FirewallRules: [{994B5E84-3B78-46EF-8909-1CED2E2D43B0}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\bugreport.exe (腾讯公司)
FirewallRules: [{C8B485DE-9F7D-4072-A34D-C1C9FDEA4DFD}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe ()
FirewallRules: [{C3A009BE-7A89-4CB4-9A5C-66AEA627A0E4}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\GameDownload.exe (Tencent)
FirewallRules: [{F5283FA4-D446-4814-A371-F097DC5D1B2C}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\GF186\TUpdate.exe (Tencent)
FirewallRules: [{222646A6-9BCB-4E3C-92A7-BDFE7175F53A}] => (Allow) C:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe (Tencent)
FirewallRules: [{549D46F9-6916-4EE9-BF12-7CC0DCAF50E2}] => (Allow) C:\Program Files\TxGameAssistant\UI\adb.exe ()
FirewallRules: [{A9CE8A14-BBD3-49FE-8782-28620063B246}] => (Allow) C:\Program Files\TxGameAssistant\UI\TInst.exe ()
FirewallRules: [{143C29A0-52E6-4256-BC35-C481C04C8BEA}] => (Allow) C:\Program Files\TxGameAssistant\UI\bugreport.exe (Tencent)
FirewallRules: [{3488D7EE-8F2B-4F22-8CC1-86FDE7FDC41F}] => (Allow) C:\Program Files\TxGameAssistant\UI\TxGaDcc.exe (Tencent)
FirewallRules: [{94B3FEBD-E522-48FD-9499-837CECB4A89B}] => (Allow) C:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe (Tencent)
FirewallRules: [{9C96E8CF-53D3-4988-AF5A-CC52AE9556F7}] => (Allow) C:\Program Files\TxGameAssistant\UI\adb.exe ()
FirewallRules: [{A367AD57-32A9-409E-BCF6-687AEA874E83}] => (Allow) C:\Program Files\TxGameAssistant\UI\TInst.exe ()
FirewallRules: [{E0278180-3BDA-4754-A524-769E6456B326}] => (Allow) C:\Program Files\TxGameAssistant\UI\bugreport.exe (Tencent)
FirewallRules: [{86A1A7D6-4C43-4107-B376-175309496F4B}] => (Allow) C:\Program Files\TxGameAssistant\UI\TxGaDcc.exe (Tencent)
FirewallRules: [{343F57F5-8A70-4305-A29E-1AD84A7DAA5C}] => (Allow) C:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe (Tencent)
FirewallRules: [{FFADF90F-34B2-446F-8263-0E98A48DF92E}] => (Allow) C:\Program Files\TxGameAssistant\UI\adb.exe ()
FirewallRules: [{EC9F1688-0E86-4D5D-81FC-1FA7D30320FE}] => (Allow) C:\Program Files\TxGameAssistant\UI\TInst.exe ()
FirewallRules: [{9004AA6A-5169-4D00-BD00-29ACBDD79103}] => (Allow) C:\Program Files\TxGameAssistant\UI\bugreport.exe (Tencent)
FirewallRules: [{3E315B12-20EE-4377-B0D1-F90A62F1D74D}] => (Allow) C:\Program Files\TxGameAssistant\UI\TxGaDcc.exe (Tencent)
FirewallRules: [{C886CFFB-520A-43CF-ADAC-2BC8EE9B7C4A}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe (Tencent)
FirewallRules: [{43BAE8E1-18C0-42C3-8E07-44518933F4EE}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\TInst.exe ()
FirewallRules: [{25EAFE5C-FCAB-4E2E-ABE3-CD02A7246AAD}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\bugreport.exe (腾讯公司)
FirewallRules: [{07B5B39D-1A0F-4102-85B2-024DA03511D1}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe ()
FirewallRules: [{DFB62A78-8F50-467E-B11A-C51E596F3772}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\GameDownload.exe (Tencent)
FirewallRules: [{48ABD34D-4831-4280-817B-CBC3C794B915}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\GF186\TUpdate.exe (Tencent)
R2 QMEmulatorService; C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [342776 2018-12-21] (Tencent)
C:\Program Files\TxGameAssistant
R2 aow_drv; C:\Program Files\TxGameAssistant\UI\aow_drv_x64.sys [858672 2018-12-23] (Tencent)

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guarda bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe/Frst64.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajará.

  • Ejecute Frst.exe o Frst64.exe. según el caso.
  • Presione el botón Fix y aguarde a que termine.
  • La Herramienta guardará el reporte en su escritorio (Fixlog.txt).
  • Reinicia y lo pega en su próxima respuesta.

Nos comentas luego de reiniciar que tal sientes el equipo.

Salu2


#12

Hola que tal buenas noches muchas gracias por tomarse la molestia de apoyarme con el problema.

Aqui le dejo lo pedido se siente bien equipo responde rapido vamos a ver que pasa en unos días y te comento si vuelve aparecer el problema.

Fix result of Farbar Recovery Scan Tool (x64) Version: 28.12.2018 01
Ran by tuckerh (28-12-2018 20:25:36) Run:1
Running from C:\Users\tuckerh\Desktop
Loaded Profiles: tuckerh (Available Profiles: tuckerh & alex 2 & Guest)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-07] (Piriform Ltd)
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\...\MountPoints2: D - D:\setup.exe
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\...\MountPoints2: {2a4ee2af-5f82-11e8-8397-b083fe6c0e43} - E:\LG_PC_Programs.exe
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\...\MountPoints2: {595968ce-830b-11e7-b48e-b083fe6c0e43} - E:\autorun.exe
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\...\MountPoints2: {8a0afd6e-62a2-11e8-90d2-b083fe6c0e43} - F:\LG_PC_Programs.exe
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <==== ATTENTION (Restriction - ProxySettings)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{882F91C7-D979-4CA0-834E-371FF3BBC766}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{882F91C7-D979-4CA0-834E-371FF3BBC766}: [DhcpNameServer] 192.168.1.254
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3776704974-2500858669-2478405549-1002 -> {96054D6D-2630-4588-98DB-9610834C90D6} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-05-01] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-01] (Oracle Corporation)
FF Extension: (Dell Data Protection | Security Tools) - C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\BrowserExt\dpchrome [2015-02-11] [Legacy] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-01] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin HKU\S-1-5-21-3776704974-2500858669-2478405549-1002: @citrixonline.com/appdetectorplugin -> C:\Users\tuckerh\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-04-21] (Citrix Online)
CHR HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\BrowserExt\dpchrome.crx [2014-03-17]
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-06-11] (Hi-Rez Studios) [File not signed]
S3 mracsvc; C:\Windows\System32\mracsvc.exe [8010968 2018-03-16] (LLC Mail.Ru)
C:\Windows\System32\mracsvc.exe
S2 LkjawfulSjointer; C:\Program Files (x86)\LkjawfulSjointer\LkjawfulSjointer.exe [X]
C:\Program Files (x86)\LkjawfulSjointer
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2017-05-16] (Anchorfree Inc.)
S3 AndnetBus; system32\DRIVERS\lgandnetbus64.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2018-12-27 08:40 - 2018-12-27 08:40 - 000000000 ____D C:\Users\tuckerh\AppData\Roaming\Tencent
2018-12-27 00:19 - 2018-12-27 08:42 - 000000000 ____D C:\ProgramData\Tencent
2018-12-26 20:24 - 2018-12-26 20:24 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\tuckerh\Downloads\iExplore.exe.exe
Task: {3076FCCB-1420-42B7-A807-B309F622B7BE} - System32\Tasks\{627FEA7C-C8C1-44ED-9931-8ED76330237E} => C:\Windows\system32\pcalua.exe -a "C:\Users\tuckerh\Desktop\Driver (binary)\vcredist_x64.exe" -d "C:\Users\tuckerh\Desktop\Driver (binary)"
C:\Windows\system32\pcalua.exe
Task: {41C80CD7-E20A-4E17-B875-9E2B71ADA5C4} - System32\Tasks\{225B74AE-9920-4DC3-B1FD-DC3CC3772E41} => C:\Windows\system32\pcalua.exe -a "C:\Users\tuckerh\Desktop\LisinCitKnives Out4.0.exe" -d C:\Users\tuckerh\Desktop
Task: {674A5465-102B-498C-845C-61B94A8AE8E3} - System32\Tasks\DSZOVRB => C:\Users\skyadmin\AppData\Roaming\DSZOVRB.exe <==== ATTENTION
C:\Users\skyadmin\AppData\Roaming\DSZOVRB.exe
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove -> No File <==== ATTENTION
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3728 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3771 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3869 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:4497 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:4661 [0]
AlternateDataStreams: C:\Users\Public\AppData:CSM [424]
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
FirewallRules: [{DFF4FF7B-CF21-4D68-ADBA-065C151A1B0E}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe (Tencent)
FirewallRules: [{18EC6F89-C450-45CA-9B05-7603408B15CE}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\TInst.exe ()
FirewallRules: [{994B5E84-3B78-46EF-8909-1CED2E2D43B0}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\bugreport.exe (????)
FirewallRules: [{C8B485DE-9F7D-4072-A34D-C1C9FDEA4DFD}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe ()
FirewallRules: [{C3A009BE-7A89-4CB4-9A5C-66AEA627A0E4}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\GameDownload.exe (Tencent)
FirewallRules: [{F5283FA4-D446-4814-A371-F097DC5D1B2C}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\GF186\TUpdate.exe (Tencent)
FirewallRules: [{222646A6-9BCB-4E3C-92A7-BDFE7175F53A}] => (Allow) C:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe (Tencent)
FirewallRules: [{549D46F9-6916-4EE9-BF12-7CC0DCAF50E2}] => (Allow) C:\Program Files\TxGameAssistant\UI\adb.exe ()
FirewallRules: [{A9CE8A14-BBD3-49FE-8782-28620063B246}] => (Allow) C:\Program Files\TxGameAssistant\UI\TInst.exe ()
FirewallRules: [{143C29A0-52E6-4256-BC35-C481C04C8BEA}] => (Allow) C:\Program Files\TxGameAssistant\UI\bugreport.exe (Tencent)
FirewallRules: [{3488D7EE-8F2B-4F22-8CC1-86FDE7FDC41F}] => (Allow) C:\Program Files\TxGameAssistant\UI\TxGaDcc.exe (Tencent)
FirewallRules: [{94B3FEBD-E522-48FD-9499-837CECB4A89B}] => (Allow) C:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe (Tencent)
FirewallRules: [{9C96E8CF-53D3-4988-AF5A-CC52AE9556F7}] => (Allow) C:\Program Files\TxGameAssistant\UI\adb.exe ()
FirewallRules: [{A367AD57-32A9-409E-BCF6-687AEA874E83}] => (Allow) C:\Program Files\TxGameAssistant\UI\TInst.exe ()
FirewallRules: [{E0278180-3BDA-4754-A524-769E6456B326}] => (Allow) C:\Program Files\TxGameAssistant\UI\bugreport.exe (Tencent)
FirewallRules: [{86A1A7D6-4C43-4107-B376-175309496F4B}] => (Allow) C:\Program Files\TxGameAssistant\UI\TxGaDcc.exe (Tencent)
FirewallRules: [{343F57F5-8A70-4305-A29E-1AD84A7DAA5C}] => (Allow) C:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe (Tencent)
FirewallRules: [{FFADF90F-34B2-446F-8263-0E98A48DF92E}] => (Allow) C:\Program Files\TxGameAssistant\UI\adb.exe ()
FirewallRules: [{EC9F1688-0E86-4D5D-81FC-1FA7D30320FE}] => (Allow) C:\Program Files\TxGameAssistant\UI\TInst.exe ()
FirewallRules: [{9004AA6A-5169-4D00-BD00-29ACBDD79103}] => (Allow) C:\Program Files\TxGameAssistant\UI\bugreport.exe (Tencent)
FirewallRules: [{3E315B12-20EE-4377-B0D1-F90A62F1D74D}] => (Allow) C:\Program Files\TxGameAssistant\UI\TxGaDcc.exe (Tencent)
FirewallRules: [{C886CFFB-520A-43CF-ADAC-2BC8EE9B7C4A}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe (Tencent)
FirewallRules: [{43BAE8E1-18C0-42C3-8E07-44518933F4EE}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\TInst.exe ()
FirewallRules: [{25EAFE5C-FCAB-4E2E-ABE3-CD02A7246AAD}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\bugreport.exe (????)
FirewallRules: [{07B5B39D-1A0F-4102-85B2-024DA03511D1}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe ()
FirewallRules: [{DFB62A78-8F50-467E-B11A-C51E596F3772}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\GameDownload.exe (Tencent)
FirewallRules: [{48ABD34D-4831-4280-817B-CBC3C794B915}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\GF186\TUpdate.exe (Tencent)
R2 QMEmulatorService; C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [342776 2018-12-21] (Tencent)
C:\Program Files\TxGameAssistant
R2 aow_drv; C:\Program Files\TxGameAssistant\UI\aow_drv_x64.sys [858672 2018-12-23] (Tencent)

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring" => removed successfully
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D => removed successfully
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2a4ee2af-5f82-11e8-8397-b083fe6c0e43} => removed successfully
HKLM\Software\Classes\CLSID\{2a4ee2af-5f82-11e8-8397-b083fe6c0e43} => not found
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{595968ce-830b-11e7-b48e-b083fe6c0e43} => removed successfully
HKLM\Software\Classes\CLSID\{595968ce-830b-11e7-b48e-b083fe6c0e43} => not found
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8a0afd6e-62a2-11e8-90d2-b083fe6c0e43} => removed successfully
HKLM\Software\Classes\CLSID\{8a0afd6e-62a2-11e8-90d2-b083fe6c0e43} => not found
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
"HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxySettingsPerUser" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{882F91C7-D979-4CA0-834E-371FF3BBC766}\\NameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{882F91C7-D979-4CA0-834E-371FF3BBC766}\\DhcpNameServer" => removed successfully
"HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{96054D6D-2630-4588-98DB-9610834C90D6} => removed successfully
HKLM\Software\Classes\CLSID\{96054D6D-2630-4588-98DB-9610834C90D6} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\Software\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully
HKLM\Software\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully
C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\BrowserExt\dpchrome => moved successfully
HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.171.2 => removed successfully
C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll => moved successfully
HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.171.2 => removed successfully
C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll => moved successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin => removed successfully
C:\Users\tuckerh\AppData\Local\Citrix\Plugins\104\npappdetector.dll => moved successfully
HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\SOFTWARE\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab => removed successfully
C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\BrowserExt\dpchrome.crx => moved successfully
HKLM\System\CurrentControlSet\Services\HiPatchService => removed successfully
HiPatchService => service removed successfully
HKLM\System\CurrentControlSet\Services\mracsvc => removed successfully
mracsvc => service removed successfully
C:\Windows\System32\mracsvc.exe => moved successfully
HKLM\System\CurrentControlSet\Services\LkjawfulSjointer => removed successfully
LkjawfulSjointer => service removed successfully
C:\Program Files (x86)\LkjawfulSjointer => moved successfully
taphss6 => Unable to stop service.
HKLM\System\CurrentControlSet\Services\taphss6 => removed successfully
taphss6 => service removed successfully
HKLM\System\CurrentControlSet\Services\AndnetBus => removed successfully
AndnetBus => service removed successfully
HKLM\System\CurrentControlSet\Services\AndNetDiag => removed successfully
AndNetDiag => service removed successfully
HKLM\System\CurrentControlSet\Services\ANDNetModem => removed successfully
ANDNetModem => service removed successfully
HKLM\System\CurrentControlSet\Services\andnetndis => removed successfully
andnetndis => service removed successfully
HKLM\System\CurrentControlSet\Services\lmimirr => removed successfully
lmimirr => service removed successfully
HKLM\System\CurrentControlSet\Services\xhunter1 => removed successfully
xhunter1 => service removed successfully
C:\Users\tuckerh\AppData\Roaming\Tencent => moved successfully
C:\ProgramData\Tencent => moved successfully
C:\Users\tuckerh\Downloads\iExplore.exe.exe => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3076FCCB-1420-42B7-A807-B309F622B7BE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3076FCCB-1420-42B7-A807-B309F622B7BE}" => removed successfully
C:\Windows\System32\Tasks\{627FEA7C-C8C1-44ED-9931-8ED76330237E} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{627FEA7C-C8C1-44ED-9931-8ED76330237E}" => removed successfully
C:\Windows\system32\pcalua.exe => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{41C80CD7-E20A-4E17-B875-9E2B71ADA5C4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41C80CD7-E20A-4E17-B875-9E2B71ADA5C4}" => removed successfully
C:\Windows\System32\Tasks\{225B74AE-9920-4DC3-B1FD-DC3CC3772E41} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{225B74AE-9920-4DC3-B1FD-DC3CC3772E41}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{674A5465-102B-498C-845C-61B94A8AE8E3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{674A5465-102B-498C-845C-61B94A8AE8E3}" => removed successfully
C:\Windows\System32\Tasks\DSZOVRB => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DSZOVRB" => removed successfully
"C:\Users\skyadmin\AppData\Roaming\DSZOVRB.exe" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{EB02381F-D652-4B1C-894A-712498C62C51}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB02381F-D652-4B1C-894A-712498C62C51}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MUI\LPRemove" => removed successfully
C:\Windows\SysWOW64\MSIHANDLE => ":3728" ADS removed successfully
C:\Windows\SysWOW64\MSIHANDLE => ":3771" ADS removed successfully
C:\Windows\SysWOW64\MSIHANDLE => ":3869" ADS removed successfully
C:\Windows\SysWOW64\MSIHANDLE => ":4497" ADS removed successfully
C:\Windows\SysWOW64\MSIHANDLE => ":4661" ADS removed successfully
C:\Users\Public\AppData => ":CSM" ADS removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DFF4FF7B-CF21-4D68-ADBA-065C151A1B0E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{18EC6F89-C450-45CA-9B05-7603408B15CE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{994B5E84-3B78-46EF-8909-1CED2E2D43B0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C8B485DE-9F7D-4072-A34D-C1C9FDEA4DFD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C3A009BE-7A89-4CB4-9A5C-66AEA627A0E4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F5283FA4-D446-4814-A371-F097DC5D1B2C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{222646A6-9BCB-4E3C-92A7-BDFE7175F53A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{549D46F9-6916-4EE9-BF12-7CC0DCAF50E2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A9CE8A14-BBD3-49FE-8782-28620063B246}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{143C29A0-52E6-4256-BC35-C481C04C8BEA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3488D7EE-8F2B-4F22-8CC1-86FDE7FDC41F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{94B3FEBD-E522-48FD-9499-837CECB4A89B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9C96E8CF-53D3-4988-AF5A-CC52AE9556F7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A367AD57-32A9-409E-BCF6-687AEA874E83}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E0278180-3BDA-4754-A524-769E6456B326}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{86A1A7D6-4C43-4107-B376-175309496F4B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{343F57F5-8A70-4305-A29E-1AD84A7DAA5C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FFADF90F-34B2-446F-8263-0E98A48DF92E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EC9F1688-0E86-4D5D-81FC-1FA7D30320FE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9004AA6A-5169-4D00-BD00-29ACBDD79103}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3E315B12-20EE-4377-B0D1-F90A62F1D74D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C886CFFB-520A-43CF-ADAC-2BC8EE9B7C4A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{43BAE8E1-18C0-42C3-8E07-44518933F4EE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{25EAFE5C-FCAB-4E2E-ABE3-CD02A7246AAD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{07B5B39D-1A0F-4102-85B2-024DA03511D1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DFB62A78-8F50-467E-B11A-C51E596F3772}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{48ABD34D-4831-4280-817B-CBC3C794B915}" => removed successfully
HKLM\System\CurrentControlSet\Services\QMEmulatorService => removed successfully
QMEmulatorService => service removed successfully
C:\Program Files\TxGameAssistant => moved successfully
HKLM\System\CurrentControlSet\Services\aow_drv => removed successfully
aow_drv => service removed successfully

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Evolve Gaming Connection mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* mientras los medios
est‚n desconectados.

Adaptador de Ethernet Evolve Gaming Connection:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet Conexi¢n de  rea local*:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet Local Area Connection:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::b5a1:108c:d715:82ed%11
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.68
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.254

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


========= RemoveProxy: =========

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3776704974-2500858669-2478405549-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14050514 B
Java, Flash, Steam htmlcache => 365531243 B
Windows/system/drivers => 25773726 B
Edge => 0 B
Chrome => 418166897 B
Firefox => 14705919 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66356 B
systemprofile32 => 141703 B
LocalService => 0 B
NetworkService => 1330 B
skyadmin => 0 B
tuckerh => 45322864 B
alex 2 => 60326 B
Guest => 79077 B

RecycleBin => 152177 B
EmptyTemp: => 843.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:28:18 ====

#13

Hola @David_Ramirez

Prueba reiniciando varias veces.

Para eliminar las herramientas utilizadas:

Descargas >> Delfix, a tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >> “Ejecutar como Administrador”)
  • Marca las casilla Remove disinfection tools y Purgue Sistem Restore
  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Nos comentas si todo esta en orden para dar por Solucionado el tema.

Salu2.


#15

Hola que tal buenos días.

ayer me paso de nuevo y ya era muy tarde y mejor la apague pero me paso mientras entraba ha esta pagina. op.gg ( yo entro mucho ha esa pagina para ver a jugadores de league of legends) y de echo creo que siempre me pasa eso cuando entro ahí no se si tenga algo que ver ahorita en la mañana la prendí y todo bien y namas busque aun jugador y le di a la opcion actualizar de la pagina y ya se bloqueo todo y tuve que reiniciar de nuevo y todo bien volví a hacer lo mismo buscar un jugador y darle al cuadrito actualizar de la pagina y bloque Internet de nuevo. D: no se si ayude en algo o sea la pagina que ya no deba entrar pero es muy raro por que siempre he usado la pagina esa por mucho tiempo y nunca paso nada hasta ahora.

Muchas gracias por seguir ayudando.

Espero respuesta saludos.

oh alo mejor solo fue coincidencia por que ahorita la estoy usando para ver si pasa de nuevo y no :frowning: .


#16

Hola:

La verdad no sabría decirte si el problema solo lo tienes con esa pagina.

Por las dudas realizale un análisis de URL con VirusTotal te dejo su Manual:

Manual de VirusTotal.

Salu2.


#17

Hola buenas tardes. Gracias por seguir apoyándome.

Ya analice la pagina y esta limpia parece que eso no es el problema.

Crees que pueda que este fallando mi tarjeta de red o cual sera el verdadero problema ?

Saludos espero respuesta.


#18

Hola @David_Ramirez

Si tuvieras problemas con la tarjeta de red, no tendrías errores en solo una pagina.

Descarga FSS.exe a tu escritorio.

  • Ejecuta FSS.exe (Presiona clic derecho y seleccionas Ejecutar como administrador)

Marca todas las opciones:

  • Internet Services.
  • Windows Firewall
  • System Restore.
  • Security Center/Action Center.
  • Windows Update.
  • Windows Defender.

Presiona el botón Scan y espera a que termine su trabajo.

Se abrirá un Bloc de notas. Copia y pega el contenido en tu próxima respuesta.

Salu2.


#20

Hola Bueno a lo mejor no me explique bien yo me refería que se me bloquea el Internet en toda la pc al entrar ha esa pagina pero hace rato anduve en ella normal así que dudo que sea eso y luego le pase el scan que tu dijiste y no marco nada. asi que algo mas es lo que bloquea mi internet cuando quiere xD .

bueno deja hago los pasos y te respondo.

Gracias por responder saludos.

Aqui te dejo lo pedido.

Farbar Service Scanner Version: 27-01-2016
Ran by tuckerh (administrator) on 29-12-2018 at 17:04:06
Running from "C:\Users\tuckerh\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Policy: 
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
"NoAutoUpdate"=DWORD:1


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

#21

Hola:

Lo que yo creo y entiendo no es un problema de internet, se da cuando navegas porque seguramente siempre estas nevegando, pero lo que sufres es un congelamiento del PC eso suena mas a Hardware.

No solo se te bloquea Internet sino todo el equipo.

Lo que nos dice el reporte es que todos tus Servicios están bien, incluso los de Internet están todos OK:

Y que tienes Windows Update desactivado por lo cual te faltan actualizaciones de seguridad y estabilidad para tu equipo, por lo que supongo que tu SO es pirata.

Le aviso al compañero @frica a ver si se puede dar una vueltita por aqui y darte pasos para descartar que el problema sea de Hardware.

Salu2.


#22

Hola @SanMar, hola @David_Ramirez

Intentaré ayudar. @David_Ramirez, necesito saber

  1. si estás usando un portátil o un PC de sobremesa.

  2. En otros equipos de la casa (móvil, tabletas u otros PCs) ¿les pasa lo mismo? O con esos otros equipos no tienes ningún problema. La comparación será válida si usas esos otros dispositivos con frecuencia para navegar.

Por tus mensaje estás usando el dispositivo wifi para conectarte a internet.

  1. ¿qué conexión a internet tienes?¿Cual es su ancho de banda en Mbps?

Yo haría las siguientes pruebas:

  1. Probar a conectarte a internet durante unos dias usando cable Ethernet. Si no tienes compra uno con una longitud que te venga bien. Si durante varios días no tienes problemas al navegar, entonces tu problema está localizados en el adaptador wifi. En caso contrario, tu problema o bien depende de tu conexión a internet en la casa o bien se debe a otro problema en tu PC.

  2. Prueba también a navegar con otro explorador. ¿Cual has estado usando estos dias?