Mis problemas son: Nº 1: Mi internet en una maquina especifica anda pésimo relice un test de velocidad solamente con esa maquina y me tiraba 0.5 mbs de bajada y 0 de subida. Al minuto siguiente lo hice con la otra maquina y me daba lo que realmente me llega siempre de internet. Entonces me da a pensar que algo hace que suceda eso en mi pc, informacion que puedan necesitar es windows 7 ultimate, tengo ese porque me resulta realmente cómodo mas que el 10. Seguí una guía para eliminación de malwares que había aquí pero luego de que termine la conexión seguía igual. Al ver esto intente matar procesos por así decirlo que tenían una conexión establecida con mi pc atravez del CMD usando el comando netstats -ano, para luego usar tasklist y taskilll pero ahi surge mi segundo problema cuando intento usar el comando tasklist me sale acceso denegado voy a donde esta alojado el cmd y le pongo abrir como administrador, para que no me diga acceso denegado y me sale error: error en la carga del proveedor. Esos son mis 2 problemas. Bueno desde ya muchas gracias.
Hola @Lucas_Brunetta
Nos puedes poner los informes de las herramientas que dices usaste de la guía que viste.??
si, Aquí están agrege un análisis de superantispyware. Rkill.txt (3,7 KB) Malwarebytes.txt (1,5 KB) SUPERAntiSpyware.txt (18,7 KB) eset.txt (2,7 KB)
Hola.
No parece que tengas grandes infecciones.
Pero vamos a realizar nuevos pasos para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado.
Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.
Vamos a descargar en TU ESCRITORIO(y NO en otro lugar ) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :
-
Malwarebytes’ Anti-Malware + Manual. revisa en detalle el manual, para que sepas usarlo y configurarlo correctamente.
-
Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1] ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]
Ejecutas las herramientas de una en una y en el orden indicado :
CCleaner.-
-
Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.
-
Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
-
Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).
Malwarebytes.-
-
Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.
-
Realiza un Análisis Completo.
-
Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.
-
En el apartado del manual Historial encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.
AdwCleaner.-
-
Ejecuta Adwcleaner.exe.
-
Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.
-
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
-
El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.
-
El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt
Junkware Removal Tool.-
-
Ejecuta JRT.exe.
-
Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.
-
Si en algún momento te pide Reiniciar hazlo.
-
Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
-
Copia y pega el contenido de JRT.txt en tu próxima respuesta.
Farbar Recovery Scan Tool.-
-
Ejecuta FRST.exe.
-
En el mensaje de la ventana del Disclaimer, pulsamos Yes
-
En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
-
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.
Poner los informes en tu próxima respuesta de :
- Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden.
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).
Y nos cuentas como funciona tu equipo en relación al problema planteado.
Saludos Javier.
Buenas, disculpa que no pude responder antes aquí están los analizis:
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 25/1/19
Hora del análisis: 13:29
Archivo de registro: 656bd595-20be-11e9-a3a5-00ffb812565c.json
-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.463
Versión del paquete de actualización: 1.0.8920
Licencia: Gratis
-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: User-PC\User
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 316790
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 22 min, 26 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 0
(No hay elementos maliciosos detectados)
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2018-12-17.4 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-25-2019
# Duration: 00:00:02
# OS: Windows 7 Ultimate
# Cleaned: 22
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\IObit\Advanced SystemCare V7
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare V7
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Program Files\minergate
Deleted C:\ProgramData\ByteFence
Deleted C:\Program Files\ByteFence
Deleted C:\Windows\Installer\{4D0A0750-B034-4DF8-97DE-26F1212AC2FF}
Deleted C:\Program Files (x86)\kuaiyong
Deleted C:\Users\Public\Documents\Tongbu
Deleted C:\extensions
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Solvusoft
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\SOFTWARE\e60d0c94fcf01fdaf4608ab8d225f836
Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted HKCU\Software\IObit\Advanced SystemCare
Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted HKU\S-1-5-18\Software\ByteFence
Deleted HKU\.DEFAULT\Software\ByteFence
Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Advanced SystemCare 9
Deleted HKLM\SOFTWARE\Classes\Applications\DriverDocSetup.exe
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2974 octets] - [25/01/2019 14:00:51]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Ultimate x64
Ran by User (Administrator) on 25/01/2019 at 14:23:02,48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 11
Successfully deleted: C:\ProgramData\mntemp (File)
Successfully deleted: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yjw0z6x7.default-1493320431356\Invalidprefs.js (File)
Successfully deleted: C:\Users\User\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3B6RMC71 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J6BMXMDH (Temporary Internet Files Folder)
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UTYL4MMZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XN0IQ20B (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3B6RMC71 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J6BMXMDH (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UTYL4MMZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XN0IQ20B (Temporary Internet Files Folder)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25/01/2019 at 14:27:03,03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.01.2019
Ran by User (administrator) on USER-PC (25-01-2019 14:28:45)
Running from C:\Users\User\Desktop\Desinfectar la pc
Loaded Profiles: User (Available Profiles: User)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
() C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd)
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {007fa624-4291-11e5-a872-74d43556f1f4} - 0
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {0832b0fd-65cc-11e6-903a-74d43556f1f4} - H:\AutoRun.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {4401db5f-19b6-11e4-a6a5-74d43556f1f4} - G:\setup.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {495dde5d-72b8-11e6-a500-74d43556f1f4} - setup.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {963ab058-76ca-11e5-80b3-74d43556f1f4} - F:\Startme.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {b678dfd2-dc77-11e6-aae1-74d43556f1f4} - E:\LGAutoRun.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {da84eacf-83fa-11e4-baee-74d43556f1f4} - H:\setup.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {da84ead2-83fa-11e4-baee-74d43556f1f4} - 0
HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\system32\CFHD.dll [1355264 2015-09-22] (CineForm Inc.)
HKLM\...\Drivers32-x32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/)
HKLM\...\Drivers32-x32: [VIDC.CFHD] => C:\Windows\SysWOW64\CFHD.dll [1138688 2015-09-22] (CineForm Inc.)
HKLM\...\Drivers32-x32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-13] (Intel Corporation)
HKLM\...\Drivers32-x32: [msacm.iac2] => C:\Windows\SysWOW64\iac25_32.ax [197632 2009-07-13] (Intel Corporation)
HKLM\...\Drivers32-x32: [VIDC.IV41] => IR41_32.AX
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-18] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 200.114.96.10 200.114.96.11
Tcpip\..\Interfaces\{0303FF7D-5DD1-4AE7-AB57-A2B01D931101}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{0EF98519-B074-4157-8ED6-46EAF9B18D53}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{199906C3-2974-459C-A00D-DAE2180787A1}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{222FE9D5-3B44-454B-9711-3A3EE89DB5B5}: [DhcpNameServer] 200.114.96.10 200.114.96.11
Tcpip\..\Interfaces\{465534B7-7B33-4D0E-8CDB-E0C84CDBAA6B}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{91C0A6AF-A193-4B51-8977-B1EAE22A903A}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{AA79CC30-6F8E-4E23-9E0D-A6196DEA0CDE}: [DhcpNameServer] 200.114.96.10 200.114.96.11
Tcpip\..\Interfaces\{B812565C-C70F-4C82-BDF0-1656AFD335DD}: [DhcpNameServer] 7.254.254.254
Tcpip\..\Interfaces\{D0DC6734-6964-41B8-B627-68C4DF18DD32}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{DAAB41C9-8F8F-4441-83A7-024DE3D0891A}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{E0DDFB6F-3A8E-47A5-9B9D-483249BB20DC}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{F226F962-B3D5-4B6D-96D1-A7858F6A1AC4}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{F7A3EE50-722B-478F-8EAA-042882E7104C}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.sxe-anticheat.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.sxe-anticheat.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.sxe-anticheat.com/
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.sxe-anticheat.com/
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ar.msn.com/?ocid=iehp
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-101217576-2858605893-2529171766-1000 -> {33D59858-89D9-4AC2-A956-93875EB02323} URL = hxxp://search.sxe-anticheat.com/?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO: BHOImpl Class -> {E1499FE7-129D-4B6E-B681-DDF21E14172C} -> C:\Program Files (x86)\ThinkSky\iTools 3\Extensions\iToolsBHO64.dll [2017-03-03] (iTools.hk)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-25] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-25] (Oracle Corporation)
BHO-x32: BHOImpl Class -> {E1499FE7-129D-4B6E-B681-DDF21E14172C} -> C:\Program Files (x86)\ThinkSky\iTools 3\Extensions\iToolsBHO.dll [2017-03-03] (iTools.hk)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-101217576-2858605893-2529171766-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yjw0z6x7.default-1493320431356 [2019-01-25]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-02-02] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-09] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [2014-08-27] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @itools.hk/npiTools, version=1.0.0 -> C:\Program Files (x86)\ThinkSky\iTools 3\Extensions\npiTools.dll [2017-03-03] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [2014-08-27] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @itools.hk/npiTools, version=1.0.0 -> C:\Program Files (x86)\ThinkSky\iTools 3\Extensions\npiTools.dll [2017-03-03] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-06-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-04-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-04-22] (NVIDIA Corporation)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-101217576-2858605893-2529171766-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\User\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-09-17] (Zoom Video Communications, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2019-01-25]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-08]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Búsqueda de Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Adobe Acrobat - Crear archivos PDF) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-12-08]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-01-16]
CHR Extension: (No Coin - Block miners on the web!) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojamcfopckidlocpkbelmpjcgmbgjcl [2019-01-21]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-18]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-01-21]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 119 [2019-01-25]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 119\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-23]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 119\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-23]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 119\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-23]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 119\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-23]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 119\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-23]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 121 [2019-01-25]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 121\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-23]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 121\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-23]
CHR Extension: (Adobe Acrobat) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 121\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-01-23]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 121\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-23]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 121\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-23]
CHR Extension: (Free VPN - El servicio VPN más rápido de la casa.) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 121\Extensions\ogojkdkkcopeepagdlddbninobfhfbcb [2019-01-23]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 121\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-23]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 121\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-23]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2019-01-25]
CHR HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-12-17]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
S4 AIPS; C:\Program Files (x86)\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [File not signed]
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7356680 2018-10-03] ()
S4 Droid4XService; C:\Program Files (x86)\Droid4X\Droid4XService.exe [269312 2016-01-06] () [File not signed]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2019-01-17] (EasyAntiCheat Ltd)
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-06-11] (Hi-Rez Studios) [File not signed]
S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S4 IQOptionUpdater; C:\Program Files (x86)\IQ Option\IQOptionUpdater.exe [2957832 2018-05-30] ()
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S4 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [242264 2014-11-20] ()
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [323632 2017-05-05] (Locktime Software)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation)
S4 Outfox; C:\Program Files\Outfox\OutfoxService.exe [83424 2018-02-26] (Golden Frog, GmbH)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2308424 2018-10-07] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-09-06] ()
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S4 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11294448 2018-03-09] (TeamViewer GmbH)
S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [838128 2016-12-15] (Tunngle.net GmbH) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-02-13] (Bluestack System Inc. )
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2016-09-04] (DT Soft Ltd)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [55232 2017-10-29] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-02-01] (REALiX(tm))
R0 nldrv; C:\Windows\System32\drivers\nldrv.sys [149880 2017-05-05] (Locktime Software)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [69544 2018-06-07] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [990864 2013-04-09] (Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12400 2017-05-03] (Macrovision Europe Ltd) [File not signed]
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [47736 2015-12-21] (Tunngle.net)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [231112 2013-01-02] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [301256 2013-01-02] (VIA Technologies, Inc.)
S3 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2018-07-01] (BigNox Corporation)
S1 Bfilter; \??\C:\Windows\System32\drivers\Bfilter.sys [X]
S1 Bfmon; \??\C:\Windows\System32\drivers\Bfmon.sys [X]
S1 Bnbase; System32\drivers\bnbasex64.sys [X]
S1 Bndef; \??\C:\Windows\System32\drivers\bndef64.sys [X]
S1 Bprotect; \??\C:\Windows\System32\drivers\Bprotect.sys [X]
S3 cpuz138; \??\C:\Users\User\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-25 14:28 - 2019-01-25 14:28 - 000000000 ____D C:\FRST
2019-01-25 14:27 - 2019-01-25 14:27 - 000002119 _____ C:\Users\User\Desktop\JRT.txt
2019-01-25 14:00 - 2019-01-25 14:02 - 000000000 ____D C:\AdwCleaner
2019-01-25 13:57 - 2019-01-25 14:28 - 000006452 _____ C:\Users\User\Desktop\Informes.txt
2019-01-25 13:27 - 2019-01-25 13:27 - 000008314 _____ C:\Users\User\Desktop\copia de seguridad.reg
2019-01-25 00:33 - 2019-01-25 00:33 - 000006740 _____ C:\Users\User\Downloads\f.txt
2019-01-24 20:48 - 2019-01-24 21:13 - 000000575 _____ C:\Users\User\Desktop\Lucas.txt
2019-01-24 16:03 - 2019-01-25 14:28 - 000000000 ____D C:\Users\User\Desktop\Desinfectar la pc
2019-01-24 00:13 - 2019-01-24 16:42 - 000001241 _____ C:\Users\User\Desktop\Lista de cuentas.txt
2019-01-23 20:32 - 2019-01-24 21:22 - 000086535 _____ C:\Users\User\Desktop\Bitecoin.xlsx
2019-01-23 19:04 - 2019-01-23 19:04 - 000002407 _____ C:\Users\User\Desktop\CacaDeCamello - Chrome.lnk
2019-01-23 08:41 - 2019-01-23 08:41 - 000002407 _____ C:\Users\User\Desktop\Cacatua - Chrome.lnk
2019-01-23 02:36 - 2019-01-23 02:37 - 000000000 ____D C:\Users\User\Documents\Need for Speed(TM) Payback
2019-01-23 02:25 - 2019-01-23 02:25 - 000000765 _____ C:\Users\Public\Desktop\Need for Speed Payback.lnk
2019-01-23 02:25 - 2019-01-23 02:25 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2019-01-23 02:25 - 2019-01-23 02:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed Payback
2019-01-23 00:41 - 2019-01-23 00:47 - 000000075 _____ C:\Users\User\Desktop\liberar ram.vbe
2019-01-22 19:39 - 2019-01-22 19:40 - 000002750 _____ C:\Users\User\Desktop\eset.txt
2019-01-22 15:55 - 2019-01-22 15:58 - 007657592 _____ (ESET spol. s r.o.) C:\Users\User\Downloads\esetonlinescanner_enu.exe
2019-01-22 15:54 - 2019-01-22 15:54 - 000019152 _____ C:\Users\User\Desktop\SUPERAntiSpyware.txt
2019-01-22 15:30 - 2019-01-22 15:52 - 000001539 _____ C:\Users\User\Desktop\Malwarebytes.txt
2019-01-22 03:10 - 2019-01-22 03:11 - 001199668 _____ C:\Users\User\Desktop\elistara.zip
2019-01-22 02:20 - 2019-01-22 02:20 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-01-22 02:20 - 2019-01-22 02:20 - 000000000 ____D C:\Users\User\AppData\Local\mbamtray
2019-01-22 02:20 - 2019-01-22 02:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-01-22 02:20 - 2018-09-11 13:18 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-01-22 02:15 - 2019-01-22 02:49 - 000003822 _____ C:\Users\User\Desktop\Rkill.txt
2019-01-22 01:11 - 2019-01-22 01:11 - 000001457 _____ C:\Users\User\Desktop\iExplore.exe - Acceso directo.lnk
2019-01-22 01:11 - 2019-01-22 01:11 - 000000077 _____ C:\Users\User\Desktop\para hacer el tema.txt
2019-01-22 01:09 - 2019-01-22 01:11 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\User\Downloads\iExplore.exe
2019-01-21 21:51 - 2019-01-21 21:51 - 000000000 ____D C:\Users\User\AppData\Local\Microsoft_Corporation
2019-01-21 16:06 - 2019-01-25 04:24 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-01-21 16:00 - 2019-01-21 16:00 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-20 19:11 - 2019-01-20 19:15 - 011291834 _____ C:\Users\User\Downloads\Map_Pack.rar
2019-01-19 01:59 - 2019-01-23 08:41 - 000002351 _____ C:\Users\User\Desktop\Persona 1 - Chrome.lnk
2019-01-17 03:53 - 2019-01-17 03:53 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2019-01-17 00:17 - 2019-01-17 00:17 - 000000222 _____ C:\Users\User\Desktop\Paladins.url
2019-01-16 15:00 - 2019-01-17 23:48 - 000000000 ____D C:\Users\User\Desktop\Paks part
2019-01-11 14:54 - 2019-01-11 16:08 - 000000000 ____D C:\Users\User\Desktop\Excels,Words,txts y demas
2019-01-11 04:44 - 2019-01-11 04:44 - 000001183 _____ C:\Users\User\Desktop\LeagueClient.exe - Acceso directo.lnk
2019-01-11 03:34 - 2019-01-25 04:24 - 000000000 ____D C:\Users\User\Desktop\League of Legends
2019-01-11 03:26 - 2019-01-25 04:42 - 000002958 _____ C:\Windows\System32\Tasks\{D8256E88-EC27-4242-AED9-23C287D9E52B}
2019-01-11 02:47 - 2019-01-11 02:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Hextech Repair Tool
2019-01-11 02:40 - 2019-01-11 02:46 - 053616640 _____ C:\Users\User\Downloads\Hextech Repair Tool.msi
2019-01-11 00:06 - 2019-01-16 16:36 - 000000000 ____D C:\Users\User\Desktop\cuentas luckygames
2019-01-10 16:15 - 2019-01-17 03:50 - 000032742 _____ C:\Users\User\Desktop\9 dias.xlsx
2019-01-04 14:47 - 2019-01-04 14:48 - 000001362 _____ C:\Users\Public\Desktop\Mouse Controller.lnk
2019-01-04 14:47 - 2019-01-04 14:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuGiRi Software Development
2019-01-04 14:45 - 2019-01-25 04:42 - 000003036 _____ C:\Windows\System32\Tasks\{9BAECDCB-F6C0-475F-8CD5-3C95DA79044D}
2019-01-04 14:45 - 2019-01-25 04:42 - 000003036 _____ C:\Windows\System32\Tasks\{0A606A53-066D-4C2F-8779-724701AB65DC}
2018-12-28 00:34 - 2018-12-28 00:34 - 000070881 _____ C:\Users\User\Desktop\lucas luckygames.mcd
2018-12-27 16:05 - 2018-12-27 16:05 - 000000000 ____D C:\Users\User\AppData\Local\MuGiRi_Software_Developme
2018-12-27 16:04 - 2019-01-04 14:47 - 000000000 ____D C:\Program Files (x86)\MuGiRi Software Development
2018-12-27 16:03 - 2018-12-27 16:03 - 000432165 _____ (MuGiRi Software Development ) C:\Users\User\Downloads\MouseController_1.10.0.0.exe
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-25 14:29 - 2017-03-03 14:29 - 000000316 _____ C:\Windows\Tasks\iToolsDaemon.job
2019-01-25 14:24 - 2018-06-21 23:02 - 000005024 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for User-PC-User User-PC
2019-01-25 14:13 - 2009-07-14 01:45 - 000014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-25 14:13 - 2009-07-14 01:45 - 000014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-01-25 14:12 - 2018-05-19 20:29 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-01-25 14:05 - 2017-01-18 01:28 - 000000000 ____D C:\ProgramData\NVIDIA
2019-01-25 14:03 - 2017-11-11 05:29 - 000000000 ____D C:\ProgramData\AVAST Software
2019-01-25 14:03 - 2017-03-03 14:29 - 000003286 _____ C:\Windows\System32\Tasks\iToolsDaemon
2019-01-25 14:03 - 2014-07-31 08:26 - 000000244 _____ C:\Windows\Tasks\AutoKMS.job
2019-01-25 14:03 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-25 14:02 - 2016-01-29 13:58 - 000000000 ____D C:\ProgramData\IObit
2019-01-25 13:29 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2019-01-25 13:26 - 2016-09-04 13:24 - 000000000 ____D C:\Users\User\AppData\Roaming\DAEMON Tools Pro
2019-01-25 13:23 - 2014-12-14 22:54 - 000000000 ____D C:\Program Files (x86)\EA Games
2019-01-25 13:23 - 2014-11-28 06:32 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-01-25 13:22 - 2014-08-01 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2019-01-25 12:52 - 2017-07-17 23:57 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2019-01-25 12:52 - 2014-07-31 08:26 - 000000244 _____ C:\Windows\Tasks\AutoKMSDaily.job
2019-01-25 04:42 - 2018-09-27 11:56 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-25 04:42 - 2018-09-27 11:56 - 000003940 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-25 04:42 - 2018-09-27 11:56 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-25 04:42 - 2018-09-27 11:56 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-25 04:42 - 2018-09-27 11:56 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-25 04:42 - 2018-09-27 11:56 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-25 04:42 - 2018-09-27 11:56 - 000003790 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-25 04:42 - 2018-03-13 20:16 - 000004488 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-01-25 04:42 - 2018-01-18 21:27 - 000003448 _____ C:\Windows\System32\Tasks\{15DDAC37-4421-43C4-8898-E16C7EC905DA}
2019-01-25 04:42 - 2017-01-18 01:29 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-25 04:42 - 2017-01-18 01:29 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-25 04:42 - 2017-01-18 01:29 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-25 04:42 - 2017-01-18 01:29 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-25 04:42 - 2015-09-24 20:19 - 000004320 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-01-25 04:42 - 2015-05-13 12:30 - 000003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-01-25 04:42 - 2014-08-05 04:33 - 000002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-01-25 04:42 - 2014-08-01 02:04 - 000003470 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-25 04:42 - 2014-08-01 02:04 - 000003342 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-25 04:42 - 2014-07-31 08:26 - 000002842 _____ C:\Windows\System32\Tasks\AutoKMSDaily
2019-01-25 04:42 - 2014-07-31 08:26 - 000002536 _____ C:\Windows\System32\Tasks\AutoKMS
2019-01-25 04:20 - 2014-08-03 23:07 - 000007613 _____ C:\Users\User\AppData\Local\Resmon.ResmonCfg
2019-01-25 04:20 - 2009-07-14 02:08 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-01-24 23:51 - 2018-01-02 21:03 - 000000000 ____D C:\Users\User\AppData\Roaming\Telegram Desktop
2019-01-24 18:39 - 2014-08-08 22:05 - 000000000 ____D C:\Users\User\AppData\Roaming\Skype
2019-01-23 20:29 - 2018-10-16 19:10 - 000000000 ____D C:\Users\User\Desktop\Todo referido al trading
2019-01-22 02:11 - 2017-08-28 20:40 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2019-01-22 00:23 - 2016-03-24 04:24 - 000000433 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2019-01-22 00:11 - 2018-04-29 21:34 - 000000601 _____ C:\Users\User\Downloads\MP3.4.4 [www.tecnotutoshd.net].zip
2019-01-22 00:06 - 2018-06-09 19:03 - 000373019 _____ C:\Users\User\Downloads\xmrig-nvidia-2.6.1.zip
2019-01-22 00:05 - 2018-06-16 01:35 - 000563476 _____ C:\Users\User\Downloads\MaisBot.rar
2019-01-21 16:01 - 2017-04-11 18:35 - 000000000 ____D C:\Users\User\AppData\Roaming\TS3Client
2019-01-21 16:01 - 2016-08-30 23:59 - 000000000 ____D C:\Program Files (x86)\Steam
2019-01-21 16:00 - 2014-08-05 04:33 - 000000000 ____D C:\Program Files\CCleaner
2019-01-21 04:49 - 2017-05-03 01:48 - 000000000 ____D C:\Users\User\Documents\Command and Conquer Generals Zero Hour Data
2019-01-20 19:11 - 2017-01-12 13:17 - 000009216 ___SH C:\Users\User\Documents\Thumbs.db
2019-01-18 04:48 - 2017-10-11 16:22 - 000000000 ____D C:\Program Files\Epic Games
2019-01-17 03:49 - 2018-12-04 16:53 - 000000000 ____D C:\Users\User\AppData\Roaming\EasyAntiCheat
2019-01-17 00:00 - 2016-10-04 11:50 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-01-14 19:43 - 2018-01-03 17:03 - 000000000 ____D C:\Users\User\Downloads\Telegram Desktop
2019-01-11 15:00 - 2018-06-25 19:41 - 000000000 ____D C:\Users\User\Desktop\fotos test internet
2019-01-11 14:59 - 2018-10-16 19:13 - 000000000 ____D C:\Users\User\Desktop\Cosas de lol
2019-01-11 04:28 - 2009-07-14 06:31 - 004722194 _____ C:\Windows\system32\perfh00A.dat
2019-01-11 04:28 - 2009-07-14 06:31 - 001469870 _____ C:\Windows\system32\perfc00A.dat
2019-01-11 04:28 - 2009-07-14 02:13 - 000006508 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-11 03:12 - 2018-11-28 02:40 - 000000000 ____D C:\Users\User\AppData\Roaming\MPC-HC
2019-01-11 03:11 - 2015-12-26 15:48 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2019-01-11 02:18 - 2016-03-13 22:56 - 000000000 _____ C:\hsrv.txt
2019-01-10 21:06 - 2018-12-12 00:03 - 000000000 ____D C:\Users\User\Desktop\Referencias de lol
2019-01-09 19:15 - 2015-09-24 20:19 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-01-09 19:15 - 2015-09-24 20:19 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-09 19:15 - 2015-09-24 20:19 - 000000000 ____D C:\Windows\system32\Macromed
2019-01-09 19:15 - 2014-07-31 08:18 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-01-06 18:04 - 2018-06-02 16:42 - 000000000 ____D C:\Program Files (x86)\IQ Option
==================== Files in the root of some directories =======
2016-03-13 20:23 - 2016-03-13 22:56 - 000002661 _____ () C:\Users\User\AppData\Roaming\droid4xinstaller.log
2017-01-24 05:29 - 2017-01-24 05:29 - 000044988 _____ () C:\Users\User\AppData\Roaming\ICSW_0I1G0P1C1F1O1L2ZtJ1V0A0V0A0S0T.txt
2014-08-26 16:37 - 2014-10-16 21:21 - 000000781 _____ () C:\Users\User\AppData\Roaming\MPQEditor.ini
2015-06-14 15:14 - 2017-04-12 00:00 - 000045270 _____ () C:\Users\User\AppData\Roaming\room_v3.dat
2016-08-06 18:18 - 2016-09-05 00:21 - 000000176 _____ () C:\Users\User\AppData\Roaming\WB.CFG
2015-11-21 17:14 - 2015-11-21 17:14 - 000000001 _____ () C:\Users\User\AppData\Local\llftool.4.25.agreement
2018-07-03 23:46 - 2018-11-24 03:53 - 000000522 _____ () C:\Users\User\AppData\Local\Nox_crash.log
2014-08-03 23:07 - 2019-01-25 04:20 - 000007613 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-09-06 02:02
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.01.2019
Ran by User (25-01-2019 14:29:39)
Running from C:\Users\User\Desktop\Desinfectar la pc
Windows 7 Ultimate Service Pack 1 (X64) (2014-07-31 11:03:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-101217576-2858605893-2529171766-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-101217576-2858605893-2529171766-1018 - Limited - Enabled)
Invitado (S-1-5-21-101217576-2858605893-2529171766-501 - Limited - Disabled)
User (S-1-5-21-101217576-2858605893-2529171766-1000 - Administrator - Enabled) => C:\Users\User
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
Actualización de NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.14 - Adobe Systems)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Age of Mythology + The Titans (HKLM-x32\...\Age of Mythology + The Titans Expansion_is1) (Version: - )
AMX Mod X Installer 1.8.1 (HKLM-x32\...\AMX Mod X Installer) (Version: 1.8.1 - AMX Mod X Dev Team)
Apple Application Support (32 bits) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
Battlezone 98 Redux (HKLM-x32\...\Battlezone 98 Redux_is1) (Version: - )
Binance version 1.0.0 (HKLM-x32\...\{F7C9C013-C42C-440F-979C-46BA1F534351}_is1) (Version: 1.0.0 - Binance)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 3.56.73.1817 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.)
Call of Duty Modern Warfare 2 (HKLM-x32\...\Call of Duty Modern Warfare 2_is1) (Version: - Activision)
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
Championify (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\Championify) (Version: 2.1.5 - Dustin Blackman)
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
Command & Conquer Generals (HKLM-x32\...\{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts) Hidden
Command & Conquer Generals (HKLM-x32\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)
Command & Conquer™ Red Alert™ 3 (HKLM-x32\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.0.1.0 - Electronic Arts)
Command and Conquer 3 Tiberium Wars Complete Collection versión 1.02 (HKLM-x32\...\{01BB7046-6217-4225-BFA8-A5E5DB2B0977}_is1) (Version: 1.02 - Electronic Arts)
Command and ConquerTM Generals Zero Hour (HKLM-x32\...\{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts) Hidden
Command and ConquerTM Generals Zero Hour (HKLM-x32\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts)
Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Counter-Strike 1.6 (HKLM-x32\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )
CPUID HWMonitor 1.32 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.32 - )
Crysis 3 version 1.0 (HKLM-x32\...\{646928DD-48C1-461C-AF2D-4BC15CB44A5A}_is1) (Version: 1.0 - Electronic Arts)
Curse (HKLM-x32\...\{75080CC9-4C7A-45C4-B149-9C2790FA88F6}) (Version: 6.0.0.0 - Curse)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
Diablo Gold Repack (HKLM-x32\...\Diablo Gold Repack) (Version: - )
Discord (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 397.31 - NVIDIA Corporation) Hidden
Dolby Axon - 1.5.1.1 (HKLM-x32\...\{17936630-5344-4F18-9970-616129E2A114}_is1) (Version: 1.5.1.1 - Dolby Laboratories)
Droid4X (HKLM-x32\...\Droid4X) (Version: 0.9.0 - Haiyu Dongxiang Co.,Ltd.)
Dying Light (HKLM-x32\...\Dying Light_is1) (Version: - )
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
El Señor de los Anillos® - La Conquista™ (HKLM-x32\...\{628C3D50-F524-4C49-A958-672CE7953756}) (Version: 1.0.0.1 - Electronic Arts)
Entropia Universe (HKLM-x32\...\Entropia Universe) (Version: 15.19.0.156378 - MindArk PE AB)
Epic Games Launcher (HKLM-x32\...\{16639F01-568E-450C-B4EF-4878543EC172}) (Version: 1.1.125.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line)
Freemake Video Converter versión 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Game Summary (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\Overwolf_nafihghfcpikebhfhdhljejkcifgbdahdhngepfb) (Version: 118.3.3 - Overwolf app)
GameRanger (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\GameRanger) (Version: - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoPro App (HKLM-x32\...\{D0B85070-C2A8-4B3B-981B-D0D7229AA614}) (Version: 5.7.544 - GoPro, Inc.) Hidden
GoPro Studio 2.5.7 (HKLM-x32\...\{6cc291a1-549a-455c-bc7d-ec03aaf8f6b9}) (Version: 2.5.7.544 - GoPro, Inc.)
Hard Disk Low Level Format Tool 4.25 (HKLM-x32\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU)
Hero Editor V1.04 (HKLM-x32\...\ST6UNST #1) (Version: - )
Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.91 - Riot Games, Inc.)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.1.6.3 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HitFilm 4 Express (HKLM\...\{40EFEABF-B463-417A-B96D-CFDA42E1A70A}) (Version: 4.0.5609.10802 - FXHOME)
HP Deskjet 2510 series Estudio para la mejora del producto (HKLM\...\{D9C3A88D-5B0F-4FC3-8A7C-96B4E9AB1ADC}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2510 series Setup Guide (HKLM-x32\...\{216C7F38-4BBC-4E9A-8392-C9FA21B54386}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 2510 series Software básico del dispositivo (HKLM\...\{A8F738FC-F8E7-4581-8929-F22136401377}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Injected Anti-cheat (HKLM-x32\...\Injected Anti-cheat) (Version: 17.2.0.0 - Alejandro Cortés)
IQ Option (HKLM-x32\...\IQ Option) (Version: 1.1 - IQOption)
iTools 3 (HKLM-x32\...\ThinkSky) (Version: - Shenzhen Thinksky Technology Co., Ltd.)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Juego Prototype(TM) (HKLM-x32\...\InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}) (Version: 1.0 - Activision)
La Batalla por la Tierra Media™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Left 4 Dead 2 Standalone Patch™ (HKLM-x32\...\L4D2SP) (Version: 9.5 - Gaming eXtreme)
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.9.33 - www.leaguereplays.com)
LoLwiz (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\Overwolf_dmpfhbhjknfmncjinjaikncjjnklcplnodamiimn) (Version: 4.0.5 - Overwolf app)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
MetaTrader 5 (HKLM\...\MetaTrader 5) (Version: 5.00 - MetaQuotes Software Corp.)
Microsoft .NET Framework 4.6.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 (HKLM-x32\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.26.02.03 - Huawei Technologies Co.,Ltd)
Mouse Controller version 1.10.0.0 (HKLM-x32\...\{558409e4-71ad-4b5f-9db7-15e987d0e3aa}_is1) (Version: 1.10.0.0 - MuGiRi Software Development)
Mozilla Firefox 61.0.1 (x64 es-AR) (HKLM\...\Mozilla Firefox 61.0.1 (x64 es-AR)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 61.0.1.6759 - Mozilla)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Need for Speed™ Most Wanted (HKLM-x32\...\{ADE91A13-434D-4229-00BC-182BAD607303}) (Version: - )
Need for Speed™ Payback (HKLM-x32\...\{F4CF3D08-565C-40B7-B351-D3033DE2172B}) (Version: 1.0.51.15364 - Electronic Arts)
Nero 7.10.1.0 (HKLM-x32\...\Nero7_is1) (Version: 7.10.1.0 - Nero AG)
NetLimiter 4 (HKLM\...\{C2475E06-0F70-4CDC-906E-DC48F716A376}) (Version: 4.0.30.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.30.0) (Version: 4.0.30.0 - Locktime Software)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.0.5.0 - Duodian Technology Co. Ltd.)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA Controlador de 3D Vision 397.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 397.31 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.37.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.1 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 397.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 397.31 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.15.0.164 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.164 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 19.0.3 - OBS Project)
OldSchool RuneScape Launcher 1.2.7 (HKLM-x32\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd)
Oracle VM VirtualBox 4.3.12_ZZZZ (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Outfox (HKLM\...\{D6F22242-0EDB-4505-B1E9-DF536EB7D477}) (Version: 1.3.0 - Golden Frog, GmbH)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.118.3.8 - Overwolf Ltd.)
Panel de control de NVIDIA 397.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 397.31 - NVIDIA Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2211.0 - CyberLink Corporation)
Prototype(TM) (HKLM-x32\...\{9322A850-9091-4D0E-B252-3E82EDA3D94A}) (Version: 1.0 - Activision) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
RESIDENT EVIL 5 (HKLM-x32\...\{AC08BBA0-96B9-431A-A7D0-D8598E493775}) (Version: 1.0.0.129 - CAPCOM CO., LTD.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
RMVB Converter 1.8 (HKLM-x32\...\{C3BDF1C8-66EF-4A0F-B427-A99E39706F45}_is1) (Version: - RMVB Codec)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Seven Kingdoms (HKLM-x32\...\Seven Kingdoms) (Version: - )
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16104.4 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16104.4 - Samsung Electronics Co., Ltd.)
Sony PC Companion 2.10.235 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.235 - Sony)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.4.2.20141 - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1250 - SUPERAntiSpyware.com)
sXe Injected (HKLM-x32\...\sXe Injected) (Version: 15.8.0.0 - Alejandro Cortés)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.3 - TeamSpeak Systems GmbH)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.1548 - TeamViewer)
Telegram Desktop version 1.5.8 (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.5.8 - Telegram Messenger LLP)
TL-WN822N/TL-WN821N Driver (HKLM-x32\...\{62FE0726-9652-4CD2-9F09-C769D8699C21}) (Version: 1.0.0 - TP-LINK)
TP-LINK TL-WN8200ND Controlador (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{DAFCD7DE-1531-4483-9F53-170766074E85}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
UserTesting (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\UserTestingPlugin) (Version: - UserTesting.com)
VFW_Codec32 (HKLM-x32\...\{D935F8D7-8B51-4C56-8BF6-3C35CBADCF39}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (HKLM\...\{188A81E4-B0F0-4B0F-9627-1C1FE192EA58}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - BigNox Corporation YSDrv System (01/20/2017 4.3.12) (HKLM\...\1FF524CF3E58304F349D809470EC4A689914A4D5) (Version: 01/20/2017 4.3.12 - BigNox Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Zoom (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-05-17] ()
ContextMenuHandlers1: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-05-22] ()
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-05-22] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-04-22] (NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-05-22] ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00BB77F1-7C85-44E0-B50F-DA41FFE9C05A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-12] (NVIDIA Corporation)
Task: {011A2450-74BF-40AC-9383-DDAF319C6B6F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {05A8E3F5-DFAF-44C0-B670-80BB72D152B2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-12] (NVIDIA Corporation)
Task: {0E5D70EE-B83E-4DAD-A3F7-8BA2A8F1DF87} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-12] (NVIDIA Corporation)
Task: {1555DA2D-95E7-4858-8819-DE157F86C699} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation)
Task: {17245DAD-07FE-4DD0-AF96-E61D0C12F2FF} - System32\Tasks\{D7A3690E-9DE4-40A3-8914-F2B3A424AB7F} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.18.0.112/es/abandoninstall?page=tsProgressBar
Task: {22024E13-6921-4E40-A370-F3D40B0597E1} - System32\Tasks\{EF37042D-7BCF-4331-8CD5-563F3200665C} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.18.0.109/es/abandoninstall?page=tsProgressBar
Task: {23255BAB-6943-4A9D-A155-8CDBE2038FC9} - \CGN -> No File <==== ATTENTION
Task: {24D40D4C-9A91-42D7-8BAF-0EEBF5ECB502} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-09-12] (NVIDIA Corporation)
Task: {27700DDD-D025-40FA-9E2D-41DCAB90479C} - System32\Tasks\{DE09D17B-43CE-4DB5-81B4-DB946900C8E8} => C:\Users\User\Desktop\lol.launcher.admin.exe
Task: {2860C992-92DE-4D9E-A4CB-E75AA5D71B20} - System32\Tasks\{15DDAC37-4421-43C4-8898-E16C7EC905DA} => C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\NetLimiter.Pro + Crack by ZeixGames\NetLimiter.Pro.v3.0.0.11.Final.Incl.Serial-DOA\nl3setup.exe" -d "C:\Users\User\Desktop\NetLimiter.Pro + Crack by ZeixGames\NetLimiter.Pro.v3.0.0.11.Final.Incl.Serial-DOA"
Task: {2B917CFB-7759-4343-AFE7-3DFF0ECB8B13} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {2CB60399-9C0B-4CEB-B330-CEB141219656} - System32\Tasks\{DB1463C0-98E9-4CD2-8CF1-10169A0BC204} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.40.0.104/es/go/help.faq.installer?LastError=1603
Task: {2D49F724-939D-41EF-A9CF-557131033F59} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {2EAD83E9-40AF-4EE2-AD7C-8832912FFA40} - System32\Tasks\{B6EAFEC2-F62D-490C-9680-2AB300580857} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.18.0.112/es/abandoninstall?page=tsProgressBar
Task: {392582B4-618E-49EF-BB71-3A814A8062DC} - System32\Tasks\{F680BDD0-BF01-491C-8041-F6830C2FEBDF} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.18.0.112/es/abandoninstall?page=tsProgressBar
Task: {3A770D46-2522-43A2-81AB-794D8D9A6C57} - System32\Tasks\{36EE2500-BABE-424F-B57A-673A9F6F6C75} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.18.0.109/es/abandoninstall?source=lightinstaller&page=tsInstall
Task: {422D6301-1C73-47A0-9AE1-04E441C65F57} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-09-12] (NVIDIA Corporation)
Task: {42F181CE-4A2A-4B9F-858D-313C847F75A2} - System32\Tasks\{E303D852-6CD1-4123-9612-2298EF0F1201} => C:\Users\User\Desktop\Age of Empires II\age2_x1\age2_x1.exe
Task: {43BD4099-386B-48CB-83C5-F5FA4B91F52C} - System32\Tasks\{22A4202A-218C-40E7-8911-F0B9D95F3F65} => C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE
Task: {4492B81C-EB29-4F90-B953-F575F41434BD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {4747A4AC-738B-414B-A263-AABE80235196} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation)
Task: {483072B7-DF51-4A89-84AE-871EFAECDD32} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS\AutoKMS.exe
Task: {48CF9BAE-3BC5-4005-8207-D1961F734D95} - System32\Tasks\{9BAECDCB-F6C0-475F-8CD5-3C95DA79044D} => C:\Program Files (x86)\MuGiRi Software Development\Mouse Controller\MouseController.exe [2018-09-22] (MuGiRi Software Development)
Task: {5355586F-91B2-4BA3-BCCE-E3C4448AE15C} - System32\Tasks\{0A606A53-066D-4C2F-8779-724701AB65DC} => C:\Program Files (x86)\MuGiRi Software Development\Mouse Controller\MouseController.exe [2018-09-22] (MuGiRi Software Development)
Task: {53DD5F1A-7722-4C5A-84C0-FCD12EB2751D} - System32\Tasks\{BB7394AE-42C9-4837-91AC-D5E37B9D9C8F} => C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE
Task: {5BB5D420-6440-4209-9219-82A032CF7DB5} - System32\Tasks\{F3222736-4F9E-41F9-8B26-50EF87A21FB8} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.20.0.104/es/abandoninstall?page=tsProgressBar
Task: {608CDBDB-62CA-4193-8C15-97A88F0E38F7} - System32\Tasks\{A1521378-FD08-42DC-B3E8-60A407AA3D61} => C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE
Task: {62C7F1B4-A5AF-4562-91B7-F834D8F7B27A} - System32\Tasks\{C2C2AB1A-8E37-4293-A55B-0C92698D0FE1} => C:\Windows\system32\pcalua.exe -a "D:\Archivos de Programa\Electronic Arts\La Batalla por la Tierra Media II\extra_uninst.exe" -d "D:\Archivos de Programa\Electronic Arts\La Batalla por la Tierra Media II"
Task: {64DB0993-A4DD-437F-8377-C55EC0232E73} - System32\Tasks\{BCE46DC2-551C-4904-B596-128DA2586151} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.18.0.112/es/abandoninstall?page=tsProgressBar
Task: {684A64C7-2864-4FDD-8B80-6CF5DBBB50FF} - System32\Tasks\{0C647C7C-9D90-47C7-8991-80684F708098} => C:\Users\User\Desktop\lol.launcher.admin.exe
Task: {6A132511-0D45-4AEE-98A7-D84C42F1F324} - System32\Tasks\{7A8D9BBF-65BC-4EBE-93E4-F585491A4089} => C:\Users\User\Desktop\Age of Empires II\age2_x1\age2_x1.exe
Task: {6E7E9E94-E8D6-47F4-A9A4-C2D6005067ED} - System32\Tasks\{C4DF1F81-48E6-4702-8D16-42FA90F0D69F} => C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE
Task: {6FEC5104-49BC-4A4A-9276-28DF209F0965} - System32\Tasks\{CBF17FE6-6449-4174-ACD9-6872818A6985} => C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\TODO\001CS\cs16full_vprimetime.exe -d C:\Users\User\Desktop\TODO\001CS
Task: {73BD2EF4-B23A-4579-B078-60E02AFA95A0} - System32\Tasks\{6A4329F1-BCAC-4C04-AD73-DF7493D613B4} => C:\Users\User\Desktop\Valve\hl.exe
Task: {7C6891BC-BE94-46F4-A828-EBF9C7F18217} - System32\Tasks\{D8256E88-EC27-4242-AED9-23C287D9E52B} => C:\Riot Games\League of Legends\LeagueClient.exe
Task: {7C7991A2-C2FD-474F-9ADE-19A603C369F4} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {869C6040-C48F-4906-ACC9-046835F05004} - System32\Tasks\{64A464BF-395E-4982-AF30-2F77C02DE80C} => C:\Program Files (x86)\Droid4X\Droid4X.exe [2016-02-03] ()
Task: {88D42418-CD40-47E7-97F8-77A9A94DF755} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {89A1BB60-19C1-4975-8E96-28BC70BF34E8} - System32\Tasks\{CB7759DF-25F7-43DE-8237-2D6DE19E0483} => C:\Program Files (x86)\Nox\bin\Nox.exe [2018-02-12] (Duodian Technology Co. Ltd.)
Task: {8AE476BF-C3E8-4B00-93E1-E97100A79F08} - System32\Tasks\{78AC6297-DB29-430B-A4CD-4227B7AE99B5} => C:\Users\User\Desktop\age of empires\AGE2_X1.EXE
Task: {8E1B6539-1377-4240-BDA7-1DE221991ACC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {92A9C6BA-B932-408C-B26D-F335BC5E1089} - System32\Tasks\iToolsDaemon => C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe [2017-03-03] ()
Task: {97BE40CE-989E-4F96-B427-FF866A41E906} - System32\Tasks\{BAC6C9A5-E3AF-45FB-84B4-4B19C2788FCE} => C:\Windows\system32\pcalua.exe -a C:\Users\User\Downloads\UdieToo.exe -d C:\Users\User\Downloads
Task: {A16463B3-9253-4825-B028-3AEAD78092EB} - System32\Tasks\{220FCD14-C560-4B5F-AA08-A5C7F560CCC3} => C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\WC3Setup_wc3\WC3 Setup\WC3 Setup.exe" -d "C:\Users\User\Desktop\WC3Setup_wc3\WC3 Setup"
Task: {ACBD316A-B981-407F-B38E-9CEB3142C823} - System32\Tasks\HPCustParticipation HP Deskjet 2510 series => C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {B7B9483E-EF53-4663-9FC4-AD7CB42F9E08} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-22] (AVAST Software)
Task: {B7FABADE-1685-4FDE-B717-A009CC190F82} - System32\Tasks\{55777623-B17E-4BEC-AE22-7E2D9B602595} => C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\Medicina Battlefield 3.exe" -d C:\Users\User\Desktop
Task: {B9EB1849-20B7-42C3-90CF-7B7DE19633A1} - System32\Tasks\{826057AF-69D4-4D52-9F67-FDFF824125DA} => C:\Program Files (x86)\EA Games\Command and Conquer Generals\generals.exe [2003-02-15] ()
Task: {BD924637-0497-47B5-958A-C8CD095830D6} - System32\Tasks\{A84F0D04-404B-4F87-B437-499FE90DB621} => C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE -d C:\Users\User\Desktop\Conquerors
Task: {C3DF8CB6-491F-4217-B401-D930573BA7AF} - System32\Tasks\{9A8580AD-6123-41DC-84C8-48D050120C18} => C:\Windows\system32\pcalua.exe -a C:\Users\User\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe -c /uninstall
Task: {C729B86A-4D59-414F-A8A2-698942B4E79F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-12] (NVIDIA Corporation)
Task: {CB107FCD-1A4C-44FC-8BED-55E55ADFAE34} - System32\Tasks\{F7B22FD6-F487-4CA9-93E3-720D2F9E4120} => C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE
Task: {CBA748B0-2945-467B-B865-98B750711657} - System32\Tasks\{B096B678-60BD-43D1-832E-BFA638450CA8} => C:\Users\User\Desktop\Counter-Strike 1.6\hl.exe
Task: {CD55B1A8-16D6-4DE1-BE59-F4A87F9C37E9} - System32\Tasks\{60491E74-E748-4F9D-815F-C74977720FCD} => C:\Users\User\Desktop\Valve\hl.exe
Task: {D140E52B-0941-492B-90F1-5FEC0EE476E9} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation)
Task: {D5106996-1733-4B0C-ABB6-2A8EF82C3A85} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2018-10-07] (Overwolf LTD)
Task: {D7897A18-37D4-4887-BDAF-10BECA202F01} - System32\Tasks\{53D8F08C-5419-4E1C-9CBD-D2E0023F263C} => C:\Users\User\Desktop\age\AGE2_X1.EXE
Task: {D8C21948-3FC7-42C3-90F4-0CBA999B3576} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E176E7D9-27F2-47AE-A316-808B0B758D53} - System32\Tasks\Microsoft Office 15 Sync Maintenance for User-PC-User User-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-04-14] (Microsoft Corporation)
Task: {E1C4FBB6-96C6-421C-96FA-7DC938156940} - System32\Tasks\{CDB71C8D-E08A-4653-9B87-0D7ED7B7FB8D} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.20.0.104/es/abandoninstall?page=tsProgressBar
Task: {E2832CC9-CD55-4E64-9555-F08C1EB942C0} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation)
Task: {E7069BF4-D921-4419-B9BA-6A13A8C3D908} - System32\Tasks\{454FCEFD-3FE1-421D-9E90-1467034F19E8} => C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\age of empires\AOCSETUP.EXE" -d "C:\Users\User\Desktop\age of empires"
Task: {E9A14DF7-7F37-449A-B949-92EDF26903BB} - System32\Tasks\{9DA9751A-7DA0-4276-B67A-E3C20D81088A} => C:\Program Files (x86)\Electronic Arts\La Batalla por la Tierra Media II\lotrbfme2.exe [2006-01-26] ()
Task: {E9E30515-85A1-4C1A-A24D-7BC585138CF9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {EACE0372-C71A-4F62-BC4F-931671B967FD} - System32\Tasks\{C6BEA6B0-4CE8-4EC2-AF6B-5FDFEBD6E7B9} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.18.0.112/es/abandoninstall?page=tsProgressBar
Task: {EB904BB8-D785-4C09-A81D-C6EF7DC46897} - System32\Tasks\{849BFDEC-A19E-4596-9FFF-0550736879B5} => D:\Counter-Strike 1.6Lucas\hl.exe
Task: {ECB32314-4A1E-4D61-87BF-771E6AF33BA7} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-09-12] (NVIDIA Corporation)
Task: {F996E00E-42C1-4AAC-A862-07803F3C4CB4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd)
Task: {FD48FA52-2E09-4916-9A7B-0A378A40B317} - System32\Tasks\{A1B02E15-4B3E-4FB8-B8F0-20603798C5B5} => C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\cs16full_by_clanco.exe -d C:\Users\User\Desktop
Task: {FD975823-BDDB-4277-96B2-F08F9C341F15} - System32\Tasks\{5C343C60-F899-4C80-937C-70E3040EEE50} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.18.0.109/es/abandoninstall?source=lightinstaller&page=tsInstall
Task: {FF04685B-064E-4A78-9A10-816FF8D208B5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-01-10] (Piriform Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\iToolsDaemon.job => C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\User\Desktop\Games\Dark Reign.lnk -> C:\Program Files (x86)\Activision\Dark Reign\Dark Reign W7.bat ()
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk
ShortcutWithArgument: C:\Users\User\Desktop\CacaDeCamello - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 121"
ShortcutWithArgument: C:\Users\User\Desktop\Cacatua - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 119"
ShortcutWithArgument: C:\Users\User\Desktop\Persona 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\User\Desktop\cuentas luckygames\NightElf - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 26"
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Vendedor - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 110"
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b739e5c93ca27df0\Optica - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 79"
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6c4e6cd5a0fae580\LecheEntera - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 108"
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\495da1bfff1f1192\ElTriste - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 118"
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\2b69239aeffb3861\HitFilm 4 Express Activation.lnk -> C:\Program Files\FXHOME\HitFilm 4 Express\ActivationApp\hitfilm-4-express.exe (The NWJS Community) -> --user-data-dir="C:\Users\User\AppData\Local\HitFilm 4 Express Activation\User Data" --profile-directory=Default --app-id=jbdgcoiicbhjmjpelekgpdamimehdecj
==================== Loaded Modules (Whitelisted) ==============
2015-06-16 16:58 - 2013-04-15 11:50 - 000198144 _____ () C:\Windows\System32\HP1006LM.DLL
2015-06-16 16:58 - 2013-04-15 11:50 - 000065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1006PP.dll
2017-03-03 14:41 - 2017-03-03 14:41 - 000494992 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe
2018-09-27 11:56 - 2018-09-12 08:45 - 001315024 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2014-08-17 21:03 - 2014-09-06 17:21 - 000076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2017-03-03 14:41 - 2017-03-03 14:41 - 002564496 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\iOSDevice.dll
2017-03-03 14:41 - 2017-03-03 14:41 - 000051600 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\Common.dll
2017-03-03 14:41 - 2017-03-03 14:41 - 000460176 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\TSLib.dll
2017-03-03 14:41 - 2017-03-03 14:41 - 000109968 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\ZLib.dll
2017-03-03 14:41 - 2017-03-03 14:41 - 001375120 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\MiscCore.dll
2017-03-03 14:41 - 2017-03-03 14:41 - 000676240 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\UICore.dll
2017-03-03 14:41 - 2017-03-03 14:41 - 000555408 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\Sqlite.dll
2017-03-03 14:41 - 2017-03-03 14:41 - 000164752 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\Network.dll
2017-03-03 14:41 - 2017-03-03 14:41 - 000189840 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\MiscMods.dll
2017-03-03 14:41 - 2017-03-03 14:41 - 000392592 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\MediaUtil.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 001041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\AppData:CSM [476]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\84623655.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\84623655.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\100sexlinks.com -> 100sexlinks.com
There are 4788 more sites.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 23:34 - 2018-07-05 02:56 - 000001936 ____R C:\Windows\system32\drivers\etc\hosts
191.205.84.86 ww1.moonbit.co.in
191.205.84.86 ww1.moondash.co.in
191.205.84.86 ww1.faucetwhite.com
191.205.84.86 ww1.cutsouf.com
191.205.84.86 ww1.tny.ec
191.205.84.86 ww1.clicksfly.com
191.205.84.86 ww1.cashat.net
191.205.84.86 ww1.cut-earn.com
191.205.84.86 ww1.123short.com
191.205.84.86 ww1.short2win.com
191.205.84.86 ww1.fautsy.com
191.205.84.86 ww1.oturl.com
191.205.84.86 ww1.kuturl.com
191.205.84.86 ww1.btc.ms
2016-03-24 04:24 - 2019-01-22 00:23 - 000000433 _____ C:\Windows\system32\drivers\etc\hosts.ics
192.168.0.101 User-PC.mshome.net # 2023 12 6 9 6 18 25 88
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: %SystemRoot%\system32;%SystemRoot%
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\Services: AIPS => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BstHdAndroidSvc => 3
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: Droid4XService => 2
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: Mobile Broadband HL Service => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Outfox => 2
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Sony PC Companion => 3
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: TunngleService => 3
MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Chrome.exe => C:\Windows\pss\Chrome.exe.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: BingSvc => C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Chromium => "c:\users\user\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: Discord => C:\Users\User\AppData\Local\Discord\app-0.0.298\Discord.exe
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: EpicGamesLauncher => "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
MSCONFIG\startupreg: GarenaPlus => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
MSCONFIG\startupreg: GoPro Studio Importer => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"
MSCONFIG\startupreg: MinerGateGui => C:\Program Files\MinerGate\minergate.exe --auto
MSCONFIG\startupreg: NetLimiter => "C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe" /minimized
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent
MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Spotify => "C:\Users\User\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\User\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
MSCONFIG\startupreg: Windscribe => "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{2BA2804E-93AD-40CE-8E10-B9E4DC71E30A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.)
FirewallRules: [{2B58B955-4710-4563-9108-D8D3A1859D80}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.)
FirewallRules: [{4B755843-4740-40CF-A8D3-132528693684}] => (Allow) D:\Archivos de Programa\CAMPCOM\RE5DX9.EXE (CAPCOM CO., LTD.)
FirewallRules: [{E8FC09E2-1B90-48D3-AF2C-053E7032C3BE}] => (Allow) D:\Archivos de Programa\CAMPCOM\RE5DX9.EXE (CAPCOM CO., LTD.)
FirewallRules: [{B2E1B4AB-1F0B-4C2E-A9E8-C011DA55F5AB}] => (Allow) D:\Archivos de Programa\CAMPCOM\RE5DX10.EXE (CAPCOM CO., LTD.)
FirewallRules: [{ECE581D7-A7B8-4DB6-8943-672A0B1736F3}] => (Allow) D:\Archivos de Programa\CAMPCOM\RE5DX10.EXE (CAPCOM CO., LTD.)
FirewallRules: [{8C5B4A51-05C4-43CA-B62A-BFE6EC5F1184}] => (Allow) D:\Archivos de Programa\StarCraft II\StarCraft II.exe (Blizzard Entertainment)
FirewallRules: [{B3770DA8-16DC-4BAF-903D-A089A522E9FC}] => (Allow) D:\Archivos de Programa\StarCraft II\StarCraft II.exe (Blizzard Entertainment)
FirewallRules: [{8F550315-15C2-4A4E-BCB8-BB37A9610622}] => (Allow) C:\Program Files\HP\HP Deskjet 2510 series\Bin\USBSetup.exe (Hewlett-Packard Co.)
FirewallRules: [{CA3CD12A-12FC-4BD4-8516-83DCAB33EB10}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{44256504-59D9-45A4-B038-33070F4C1E69}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (EA Digital Illusions CE AB)
FirewallRules: [{5D03D51D-0AA6-44A2-941F-C90BA7A3DF36}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (EA Digital Illusions CE AB)
FirewallRules: [{BE7656BF-8D1B-4D19-9811-C8061A42447E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{83C100A7-EF86-492F-AD1D-A249759D357E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{42AD781B-4AE4-4D09-9B72-FF2822F61B87}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{FF954C2F-D333-404C-9331-5A2066C66D51}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{931EED9E-F27C-4022-9F14-AFDC06B10C75}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe ()
FirewallRules: [{5A7FA081-6D45-49FA-9EFC-ADAAF08428B8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe ()
FirewallRules: [{BB9896B8-5053-4B91-A866-5C45BE83EABB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe ()
FirewallRules: [{747F0CBE-01B0-431E-9BCF-A7E8CA4A92CC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe ()
FirewallRules: [{C8F3BE1A-BCFE-45A1-BC31-4813D69BAF03}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{080513D0-1A4B-4C64-89D3-368BA75D2547}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{D11E334F-8E22-4317-8CE1-D91F55DA8343}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{09954D28-AF37-45E6-A189-06E454643684}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{91F06D1A-476C-4305-B30F-82CB8731E697}] => (Allow) D:\Archivos de Programa\StarCraft II\Versions\Base10089\SC2.exe (Blizzard Entertainment, Inc.)
FirewallRules: [{90A53F97-F47A-4B95-B21A-01A443DCD992}] => (Allow) D:\Archivos de Programa\StarCraft II\Versions\Base10089\SC2.exe (Blizzard Entertainment, Inc.)
FirewallRules: [{212AD59B-DF88-4C0C-9E73-EA539ECE0F19}] => (Allow) D:\Archivos de Programa\StarCraft II\Versions\Base19132\SC2.exe (Blizzard Entertainment, Inc.)
FirewallRules: [{2B0227A2-B629-41AE-A7C3-26D270501346}] => (Allow) D:\Archivos de Programa\StarCraft II\Versions\Base19132\SC2.exe (Blizzard Entertainment, Inc.)
FirewallRules: [{15F480B7-7B5E-4C54-9ADB-CED553EC9598}] => (Allow) D:\Archivos de Programa\StarCraft II\Versions\Base19132\SC2.exe (Blizzard Entertainment, Inc.)
FirewallRules: [{A4DB51A1-F763-4B03-ACCE-BD40151E8C8D}] => (Allow) D:\Archivos de Programa\StarCraft II\Versions\Base19132\SC2.exe (Blizzard Entertainment, Inc.)
FirewallRules: [{DF6A39AE-1E02-4BAC-82B8-7208CEB23121}] => (Allow) D:\Archivos de Programa\Activision\Prototype\prototypef.exe (Activision)
FirewallRules: [{6A6CADA8-58E0-47B2-B074-7FB59A884332}] => (Allow) D:\Archivos de Programa\Activision\Prototype\prototypef.exe (Activision)
FirewallRules: [{4B4292B3-EC3C-42E9-AFBC-E67C03CF9B9E}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{6A41C5F7-B43D-4583-96B1-A6100F43A9F5}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [TCP Query User{47D89323-C265-46E6-B019-309A423A4E51}C:\program files (x86)\victorval\diablo gold repack\diablo ii + lord of destruction\d2loader-1.12.exe] => (Allow) C:\program files (x86)\victorval\diablo gold repack\diablo ii + lord of destruction\d2loader-1.12.exe (Tsinghua Unversity)
FirewallRules: [UDP Query User{B56930F6-9FCC-46FE-A382-A204E3136D5D}C:\program files (x86)\victorval\diablo gold repack\diablo ii + lord of destruction\d2loader-1.12.exe] => (Allow) C:\program files (x86)\victorval\diablo gold repack\diablo ii + lord of destruction\d2loader-1.12.exe (Tsinghua Unversity)
FirewallRules: [TCP Query User{CC9B5A3C-E63A-40A1-98DF-FFB97B1C5920}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe ()
FirewallRules: [UDP Query User{8BC301B7-D73B-4EF1-B666-4A042C215216}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe ()
FirewallRules: [TCP Query User{D3F78ADD-AB4F-4969-B3F4-6D8BAA198E70}C:\program files (x86)\left 4 dead 2\left4dead2.exe] => (Allow) C:\program files (x86)\left 4 dead 2\left4dead2.exe (Gaming eXtreme)
FirewallRules: [UDP Query User{9F379A46-4638-44CC-B204-4DA3B6AA0D4D}C:\program files (x86)\left 4 dead 2\left4dead2.exe] => (Allow) C:\program files (x86)\left 4 dead 2\left4dead2.exe (Gaming eXtreme)
FirewallRules: [{C3164108-7C1B-435C-8874-56FA55291F2B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{31514AA3-70BF-4A1F-A915-73F1C9DDDE5A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [TCP Query User{DE74FA70-1F71-494F-9109-26BB672C3BC9}C:\program files (x86)\techland\dying light\dyinglightgame.exe] => (Allow) C:\program files (x86)\techland\dying light\dyinglightgame.exe (Techland)
FirewallRules: [UDP Query User{6665B82C-7CDA-4C73-A24A-2DED4BDF5470}C:\program files (x86)\techland\dying light\dyinglightgame.exe] => (Allow) C:\program files (x86)\techland\dying light\dyinglightgame.exe (Techland)
FirewallRules: [{9CAD1FB1-D6D7-4C45-AD8F-29E6D1E10D46}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
FirewallRules: [{57FAEA13-B17E-46A8-8EAA-BE5DCC86AC1D}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
FirewallRules: [{28CF32C2-690F-416D-A025-0A17914AF483}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe (Tunngle.net GmbH)
FirewallRules: [{8CFD34C8-D700-4E30-A54A-2EC789C3226B}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe (Tunngle.net GmbH)
FirewallRules: [TCP Query User{719EC4BA-A7CD-4C55-B31E-01D12B741278}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Corporation)
FirewallRules: [UDP Query User{191EFF71-281A-4001-B51E-91B68EAD6886}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Corporation)
FirewallRules: [TCP Query User{4AB73CA9-4C00-4EE6-BDBE-D17FB940187F}C:\program files (x86)\droid4x\download\minithunderplatform.exe] => (Block) C:\program files (x86)\droid4x\download\minithunderplatform.exe (?????????????)
FirewallRules: [UDP Query User{B4C85E67-0082-45E3-9297-3BCD0523AB7A}C:\program files (x86)\droid4x\download\minithunderplatform.exe] => (Block) C:\program files (x86)\droid4x\download\minithunderplatform.exe (?????????????)
FirewallRules: [TCP Query User{06717E7D-0171-474F-8AE8-0CAE4131CFDA}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Corporation)
FirewallRules: [UDP Query User{5C1A3837-3AE1-460D-98D8-59F6FD0E1DC0}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Corporation)
FirewallRules: [{D6D9947E-ED1A-416D-9D73-128D4A951227}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{D9D098A2-2F37-4F24-93D3-B328C2D7A6B8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{77DF2652-D633-4993-A3A4-CBB3936A2585}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{B1CACFE2-BA98-47D5-AF30-E7758890FC00}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{467D491F-9D9E-4B26-A595-5B3C8675ECD0}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
FirewallRules: [TCP Query User{96C004C7-C52C-4BCF-BF42-07B48C260B3C}C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Pty Ltd)
FirewallRules: [UDP Query User{A4693208-6A2A-4E3F-AC94-05E5C3E21C6F}C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Pty Ltd)
FirewallRules: [{B1C92095-4514-4278-9837-698A53517215}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{307DBF25-C853-40C2-81DC-E4A70D2811A6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [TCP Query User{8205B348-AE25-4235-8268-9AC3EBC07AEF}C:\program files (x86)\electronic arts\crysis 3\bin32\crysis3.exe] => (Block) C:\program files (x86)\electronic arts\crysis 3\bin32\crysis3.exe (Crytek GmbH)
FirewallRules: [UDP Query User{A5879A18-8FE4-421E-B68D-6CCF21309073}C:\program files (x86)\electronic arts\crysis 3\bin32\crysis3.exe] => (Block) C:\program files (x86)\electronic arts\crysis 3\bin32\crysis3.exe (Crytek GmbH)
FirewallRules: [TCP Query User{F04CE1D3-A523-4015-9822-A8CA0E0C956D}C:\program files (x86)\rise of nations gold\nations.exe] => (Allow) C:\program files (x86)\rise of nations gold\nations.exe (Big Huge Games, Inc.)
FirewallRules: [UDP Query User{06CB8107-504B-44B0-AE41-D9F84C2D9D54}C:\program files (x86)\rise of nations gold\nations.exe] => (Allow) C:\program files (x86)\rise of nations gold\nations.exe (Big Huge Games, Inc.)
FirewallRules: [{4C5FD45B-3776-47FD-B032-8F7328DBC090}] => (Allow) C:\Program Files (x86)\Electronic Arts\La Batalla por la Tierra Media II\game.dat (Electronic Arts Inc.)
FirewallRules: [{5B3D0569-0C61-4E06-B684-B42821AD7F1B}] => (Allow) C:\Program Files (x86)\Electronic Arts\La Batalla por la Tierra Media II\game.dat (Electronic Arts Inc.)
FirewallRules: [TCP Query User{CA6B90C7-3B34-4B5E-8FB6-5D91A9E37EC5}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe (Valve)
FirewallRules: [UDP Query User{38CA5301-6B04-465A-8E8E-E93BC816D248}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe (Valve)
FirewallRules: [TCP Query User{5C10AEA4-E53D-40B7-B892-2A2BC0714C89}C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Pty Ltd)
FirewallRules: [UDP Query User{B5CDA72F-B8E0-4E02-9069-306F9E42DB5D}C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Pty Ltd)
FirewallRules: [{B7D02861-C1E1-478E-8C17-A0DF5E226651}] => (Allow) C:\Program Files (x86)\DolbyAxon\Axon.exe (Dolby Laboratories)
FirewallRules: [{89A2DF76-C853-4967-B8D4-F56A828CF893}] => (Allow) C:\Program Files (x86)\DolbyAxon\Axon.exe (Dolby Laboratories)
FirewallRules: [TCP Query User{39DB4F7A-B0D3-4F00-B18F-D7A887721ED1}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe (Valve)
FirewallRules: [UDP Query User{6A865B84-4BAC-4DE4-B8DD-B495966ABF68}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe (Valve)
FirewallRules: [TCP Query User{6BF26709-8AA8-49B3-A57F-FAD59BD6C18B}C:\program files (x86)\electronic arts\la batalla por la tierra media ii\game.dat] => (Allow) C:\program files (x86)\electronic arts\la batalla por la tierra media ii\game.dat (Electronic Arts Inc.)
FirewallRules: [UDP Query User{495D3E4D-EABA-4389-9509-65AC3AD69AFA}C:\program files (x86)\electronic arts\la batalla por la tierra media ii\game.dat] => (Allow) C:\program files (x86)\electronic arts\la batalla por la tierra media ii\game.dat (Electronic Arts Inc.)
FirewallRules: [{B3B22368-7368-4ADF-AF64-F93B0F692D0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation)
FirewallRules: [{80332C80-057B-4082-8894-CC7EBDB8E516}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation)
FirewallRules: [{D9E20EDC-8A69-4044-A459-3A98C428626F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{1904B0B6-E642-4B2A-97E4-C980C6FC1948}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{91CF3BB3-9062-4E5A-A762-7823ED43DC68}] => (Allow) C:\Program Files (x86)\Garena Plus\Room\garena_room.exe ()
FirewallRules: [{4FFF6424-C765-45F9-9C81-96CDBD606ADE}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
FirewallRules: [{C3F4BDF6-6AB2-4DAA-A2DC-79FE478D790F}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
FirewallRules: [{5265B5FF-539B-44BF-870A-E5A21A955BE7}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe (Tunngle.net GmbH)
FirewallRules: [{A3F9C7EC-4503-4A54-BA92-4140C1088BE4}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe (Tunngle.net GmbH)
FirewallRules: [{BD6D6224-8DB9-48E8-A197-B57CF23179F3}] => (Allow) LPort=11443
FirewallRules: [{97B8EDBF-AA7C-4F17-A8FA-51BC70F57A47}] => (Allow) LPort=11155
FirewallRules: [TCP Query User{A49BF97B-E159-4940-9D81-F56ADCD70215}C:\program files (x86)\ea games\command & conquer generals zero hour\game.dat] => (Allow) C:\program files (x86)\ea games\command & conquer generals zero hour\game.dat ()
FirewallRules: [UDP Query User{56FB3B9D-1237-4FA6-9D75-2ACB2B027441}C:\program files (x86)\ea games\command & conquer generals zero hour\game.dat] => (Allow) C:\program files (x86)\ea games\command & conquer generals zero hour\game.dat ()
FirewallRules: [TCP Query User{6847E3DF-4A38-4AB9-9EC1-DD3706B1178E}D:\archivos de programa\campcom\re5dx10.exe] => (Allow) D:\archivos de programa\campcom\re5dx10.exe (CAPCOM CO., LTD.)
FirewallRules: [UDP Query User{69F1DC82-9424-4653-9773-4FADEF5B096B}D:\archivos de programa\campcom\re5dx10.exe] => (Allow) D:\archivos de programa\campcom\re5dx10.exe (CAPCOM CO., LTD.)
FirewallRules: [TCP Query User{3ED1B3D8-211C-4570-AB72-EF2D380AFA7E}C:\program files (x86)\activision\dark reign\dkreign.exe] => (Allow) C:\program files (x86)\activision\dark reign\dkreign.exe ()
FirewallRules: [UDP Query User{2EC057C5-2B87-4289-9997-20B9B722BF86}C:\program files (x86)\activision\dark reign\dkreign.exe] => (Allow) C:\program files (x86)\activision\dark reign\dkreign.exe ()
FirewallRules: [TCP Query User{4EFAE423-A403-4EE7-BFAD-4E795C8025E3}C:\program files (x86)\activision\dark reign\dkreign.exe] => (Allow) C:\program files (x86)\activision\dark reign\dkreign.exe ()
FirewallRules: [UDP Query User{CD679F3C-2F4A-4B20-9BE9-D516C1046616}C:\program files (x86)\activision\dark reign\dkreign.exe] => (Allow) C:\program files (x86)\activision\dark reign\dkreign.exe ()
FirewallRules: [{82DB57D9-377E-4223-BE17-AB5C8673AD71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe (Microsoft)
FirewallRules: [{B43F5566-1337-4E55-9EA8-14E87D648235}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe (Microsoft)
FirewallRules: [TCP Query User{B259B950-10AA-4981-8844-3A3C90B92307}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe (Hirez Studios, Inc.)
FirewallRules: [UDP Query User{0704DE29-0542-4BCB-A1AC-B4EB5782150A}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe (Hirez Studios, Inc.)
FirewallRules: [{11ED5779-2328-41C3-986B-EAA98E597F16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe (Digital Extremes)
FirewallRules: [{28B02F69-B086-4383-97C5-B71077726F9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes)
FirewallRules: [{7DB84881-8289-4D51-92FF-9DB96DA408B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe (Digital Extremes)
FirewallRules: [{2C8BD6F7-7F14-4B13-9D96-527E79D5EB4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes)
FirewallRules: [{224D0870-968B-43C6-868A-BFC7D3A30D80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes)
FirewallRules: [{CF73F770-84E4-49C0-B8F3-12AC2621CF86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe ()
FirewallRules: [{9729BF82-64AD-4751-87BB-7D4D08D974AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe (Digital Extremes)
FirewallRules: [{666D008D-B176-41E7-AB5A-C9DBA153A6BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes)
FirewallRules: [{1A7E1FD4-8C7D-40EE-AA22-DD2418076802}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe (Digital Extremes)
FirewallRules: [{455A1D72-A2BA-4F28-BBA6-F8354956E47C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes)
FirewallRules: [{C1EDC967-735C-4A1D-A665-E327569AE182}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes)
FirewallRules: [{92CA7EAE-7545-4CF2-8377-D56D5C486AD1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe ()
FirewallRules: [TCP Query User{98DDD91A-5D29-4035-9A38-E1BA7E4B7F17}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{F6C865B1-86E9-4FE4-921B-8B8DC14AD72B}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{67B93D41-6AF4-48DE-A3FB-CF50264F2A36}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{A2F47298-B5C3-492B-97BE-08FF7860FEDF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{690025A4-A0D5-4CBD-9F6E-98A6DEADFD5D}C:\users\user\desktop\escritorio\age of empires\age2_x1.exe] => (Allow) C:\users\user\desktop\escritorio\age of empires\age2_x1.exe (Microsoft Corporation)
FirewallRules: [UDP Query User{874EB9B2-EB3B-40F1-890B-17FA4D9A5832}C:\users\user\desktop\escritorio\age of empires\age2_x1.exe] => (Allow) C:\users\user\desktop\escritorio\age of empires\age2_x1.exe (Microsoft Corporation)
FirewallRules: [TCP Query User{A6A23553-E018-43DD-9768-7D720416CAD1}C:\users\user\desktop\killingfloor sin serverperk\system\killingfloor.exe] => (Allow) C:\users\user\desktop\killingfloor sin serverperk\system\killingfloor.exe ()
FirewallRules: [UDP Query User{B3B20549-E70F-4C11-95B3-FA88D17DF3B1}C:\users\user\desktop\killingfloor sin serverperk\system\killingfloor.exe] => (Allow) C:\users\user\desktop\killingfloor sin serverperk\system\killingfloor.exe ()
FirewallRules: [TCP Query User{62713C21-3D64-4EAB-AFD3-666E5D9B959F}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe (Hirez Studios, Inc.)
FirewallRules: [UDP Query User{E8AB30E3-E82A-4A19-A275-57E9EADCF9CC}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe (Hirez Studios, Inc.)
FirewallRules: [{3383B89B-3EEA-4D55-A170-B76B2ECD300C}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe (Duodian Technology Co. Ltd.)
FirewallRules: [{DB7B4BDF-717C-486E-BDF7-E6D35679CE33}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe ()
FirewallRules: [{A553CCCA-D085-4D60-B660-BF521298B860}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe (BlueStack Systems, Inc.)
FirewallRules: [TCP Query User{42C43A89-D7DD-4B3C-B7C8-89786D4BA9E0}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.)
FirewallRules: [UDP Query User{25231153-6887-49F6-A3F0-4C9B6C9EB75C}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.)
FirewallRules: [{3AA5634D-308E-4703-95FB-ED10EED62F26}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{1B41A904-2765-4CCA-9320-4640C2C257AA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{0FAB7E5C-6198-454D-AD68-E534AB9B9C18}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{A84CA543-AE8D-4AF4-8C62-FC1C3ED72EB6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{4E9B3521-56E3-4756-A64C-68B21592E759}] => (Allow) %USERPROFILE%\Desktop\lol\lol.launcher.exe ()
FirewallRules: [{7FC0915E-06F0-4C9D-9541-6852823ACBB8}] => (Allow) %USERPROFILE%\Desktop\lol\lol.launcher.exe ()
FirewallRules: [TCP Query User{B5F0ACD2-3506-4E02-8D50-362DECCCDC2B}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.)
FirewallRules: [UDP Query User{D2A58F5D-DD74-4A64-A17F-95196F4F3A0A}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.)
FirewallRules: [{69BB6040-E4E4-4BBD-8686-B82C8A6ED989}] => (Allow) C:\Program Files (x86)\Command and Conquer 3 Tiberium Wars Complete Collection\Command and Conquer 3\RetailExe\1.9\cnc3game.dat (Electronic Arts Inc.)
FirewallRules: [TCP Query User{7E50173F-B16F-4BE8-9CAF-06B848AE007F}C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe ()
FirewallRules: [UDP Query User{B2C07DFF-55BF-409A-8CA3-71269D306BE4}C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe ()
FirewallRules: [TCP Query User{840A2567-881E-4152-A0EB-D4D0A24FDF25}C:\program files (x86)\steam\steamapps\common\steamcabal\launcher\launcher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\steamcabal\launcher\launcher.exe ()
FirewallRules: [UDP Query User{8B1A01BB-6A35-4349-AC02-664DB0CED062}C:\program files (x86)\steam\steamapps\common\steamcabal\launcher\launcher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\steamcabal\launcher\launcher.exe ()
FirewallRules: [TCP Query User{FCC1D8A0-0176-4D82-87A8-C83F3A114430}C:\users\user\appdata\local\championify\app-2.0.4\championify.exe] => (Allow) C:\users\user\appdata\local\championify\app-2.0.4\championify.exe (Dustin Blackman)
FirewallRules: [UDP Query User{78EC98CB-752D-4719-82AB-4081CD61BFF9}C:\users\user\appdata\local\championify\app-2.0.4\championify.exe] => (Allow) C:\users\user\appdata\local\championify\app-2.0.4\championify.exe (Dustin Blackman)
FirewallRules: [TCP Query User{1ADD9CF2-99D2-4384-98A6-43A72ED6C24B}C:\users\user\desktop\todo\left 4 dead\left4dead.exe] => (Allow) C:\users\user\desktop\todo\left 4 dead\left4dead.exe ()
FirewallRules: [UDP Query User{088B15B7-94ED-4F28-8934-3E9AB963CA98}C:\users\user\desktop\todo\left 4 dead\left4dead.exe] => (Allow) C:\users\user\desktop\todo\left 4 dead\left4dead.exe ()
FirewallRules: [TCP Query User{B77CAE20-9B53-49BC-BF68-A52D6C5BDE5B}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe (Oracle Corporation)
FirewallRules: [UDP Query User{E9E41EFE-157A-4705-8E19-84494B78CD7A}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe (Oracle Corporation)
FirewallRules: [TCP Query User{127027DC-5C8D-42FA-9465-01B18A30266E}C:\users\user\desktop\todo\series\copia del l4d1 sin el sourcemod\left 4 dead\left4dead -console -toggleconsole.exe] => (Allow) C:\users\user\desktop\todo\series\copia del l4d1 sin el sourcemod\left 4 dead\left4dead -console -toggleconsole.exe ()
FirewallRules: [UDP Query User{B87003C9-E118-4CAD-A27C-5A843BC8DD74}C:\users\user\desktop\todo\series\copia del l4d1 sin el sourcemod\left 4 dead\left4dead -console -toggleconsole.exe] => (Allow) C:\users\user\desktop\todo\series\copia del l4d1 sin el sourcemod\left 4 dead\left4dead -console -toggleconsole.exe ()
FirewallRules: [{8ABFFB84-D1A6-4C8E-A3AB-F5DDFDD54C8C}] => (Allow) C:\Program Files\MetaTrader 5\metatester64.exe (MetaQuotes Software Corp.)
FirewallRules: [{8B4F0A26-C359-40E4-857B-A531204BB71D}] => (Allow) C:\Users\User\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
FirewallRules: [{90976CEC-6E4C-48F7-9A1F-3D7FBBF670E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{A78A6116-C070-4FA4-B06C-710756CDEA98}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{65DEAF7B-132B-47FA-BA73-FC18BB49758D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{5B03AC0D-2742-4A5D-8167-F718E9726985}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{FED06727-DE06-463C-8719-769A76F3F740}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{0493A8A1-498D-4A9C-9A37-612F855789E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [TCP Query User{31C5954D-0953-4392-BAE3-2C258370179F}C:\program files (x86)\entropia universe\bin64\entropia.exe] => (Allow) C:\program files (x86)\entropia universe\bin64\entropia.exe ()
FirewallRules: [UDP Query User{94AE4278-B95E-447D-95D7-2166EE825430}C:\program files (x86)\entropia universe\bin64\entropia.exe] => (Allow) C:\program files (x86)\entropia universe\bin64\entropia.exe ()
FirewallRules: [TCP Query User{40E44BC4-9247-41BB-A52E-E807A65D768F}C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe ()
FirewallRules: [UDP Query User{B34DF9D6-A1F6-4A0E-B133-B3FB45E7ABDE}C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe ()
FirewallRules: [TCP Query User{13106551-0942-4421-947F-4E7EADBB6923}C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe ()
FirewallRules: [UDP Query User{1FE82EF7-8169-48C9-ACA2-7E5FC830E2D5}C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe ()
FirewallRules: [TCP Query User{8A88E5FE-2E78-444E-A642-C8E65F6BD9C0}C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe ()
FirewallRules: [UDP Query User{5000F367-84EE-48BA-8B2C-E0C78426F465}C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe ()
FirewallRules: [{DC50B22B-D8BF-45F1-9F7F-D3BCFFA5BF50}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{0EC5F08E-A3B3-480F-A06F-4EE1211E6CA0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{87CC8D22-B82F-46C9-93AB-7FD99BD41818}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [TCP Query User{B6F5C9C0-6342-48DA-8A6E-F98D668DDA84}C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe ()
FirewallRules: [UDP Query User{069045E1-9540-4388-BC04-AF1AA065280C}C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe ()
FirewallRules: [{48E2CB12-22EF-4978-9610-82F3F3FE258E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Ltd)
FirewallRules: [{6B840637-B394-430C-A378-A6D61C604212}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{A58779C0-6473-4B55-B8A5-8B0513211191}C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe ()
FirewallRules: [UDP Query User{20E1380E-8BA3-4C2E-850C-EF6AEBC0CE2C}C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe ()
FirewallRules: [{9E54CF9D-780E-4D49-BD72-BB506C5DE201}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{9E7E705C-00BC-41DC-AA4B-340396C58E10}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{3B805D10-3D09-4091-85FF-D842688D41E4}] => (Allow) D:\Archivos de Programa\NFS Payback\NeedForSpeedPaybackTrial.exe (Electronic Arts)
FirewallRules: [{75D9C305-AD83-415F-9D07-3A59C24BDE71}] => (Allow) D:\Archivos de Programa\NFS Payback\NeedForSpeedPaybackTrial.exe (Electronic Arts)
FirewallRules: [{DFE97DC6-B5FA-42DC-85C6-9A6C80D5F6BD}] => (Allow) D:\Archivos de Programa\NFS Payback\NeedForSpeedPayback.exe (Electronic Arts)
FirewallRules: [{B8B1422A-C7E0-44F8-85B4-E7D1163C5410}] => (Allow) D:\Archivos de Programa\NFS Payback\NeedForSpeedPayback.exe (Electronic Arts)
FirewallRules: [TCP Query User{67124A13-1789-4D0C-805E-B209DE036FAC}C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe ()
FirewallRules: [UDP Query User{81FC070A-504E-4BF3-B768-5398D6C1DA23}C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe ()
==================== Restore Points =========================
Check "winmgmt" service or repair WMI.
==================== Faulty Device Manager Devices =============
Could not list Devices. Check "winmgmt" service or repair WMI.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/25/2019 02:02:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamservice.exe, versión: 3.2.0.704, marca de tiempo: 0x5b9acf90
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.19110, marca de tiempo: 0x568429e5
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000004ac04
Id. del proceso con errores: 0x5cc
Hora de inicio de la aplicación con errores: 0x01d4b4cb1bdaee1c
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Id. del informe: fb19a58b-20c2-11e9-a89d-74d43556f1f4
System errors:
=============
Error: (01/25/2019 02:05:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio NVIDIA Telemetry Container se cerró con el siguiente error:
Un ejecutable de comandos genéricos devolvió un resultado que indica un error.
Error: (01/25/2019 02:05:22 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
Bnbase
Bndef
Bprotect
Error: (01/25/2019 02:05:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio NVIDIA Telemetry Container se cerró con el siguiente error:
Un ejecutable de comandos genéricos devolvió un resultado que indica un error.
Error: (01/25/2019 02:04:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Hi-Rez Studios Authenticate and Update Service.
Error: (01/25/2019 02:02:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Malwarebytes Service no pudo iniciarse debido al siguiente error:
Ha terminado la canalización.
Error: (01/25/2019 02:02:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Malwarebytes Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 5000 milisegundos: Reiniciar el servicio.
Error: (01/25/2019 02:02:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.
Error: (01/25/2019 02:02:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.
CodeIntegrity:
===================================
Date: 2015-10-06 12:58:29.354
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\sXe Injected\ddsxei.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2015-10-06 12:58:29.314
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\sXe Injected\ddsxei.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2015-09-29 18:52:34.343
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\sXe Injected\ddsxei.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2015-09-29 18:52:34.303
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\sXe Injected\ddsxei.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
==================== Memory info ===========================
Processor: AMD FX(tm)-8350 Eight-Core Processor
Percentage of memory in use: 15%
Total physical RAM: 16348.63 MB
Available physical RAM: 13860.3 MB
Total Virtual: 32695.46 MB
Available Virtual: 29938.19 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:976.46 GB) (Free:47.95 GB) NTFS
Drive d: () (Fixed) (Total:886.45 GB) (Free:453.98 GB) NTFS
Drive f: (NFS.Payback) (CDROM) (Total:27.55 GB) (Free:0 GB) CDFS
\\?\Volume{26f5efa5-1899-11e4-ac21-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 93A663B9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=976.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=886.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Un saludo Lucas.
Hola @Lucas_Brunetta, perdona el retraso en contestar pero NO me había llegado aviso de tu respuesta.
Bien… y ahora sigue estos pasos, MUY Importante Realiza una copia de seguridad del registro :
-
Para hacerlo descarga DelFix.exe(en tu escritorio).
-
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
-
Atención, ahora marca/selecciona únicamente la casilla Create registry backup, las demás casillas NO.
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
Y ahora inicia tu equipo desde el Modo Seguro – con funciones de Red, de Windows
Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.
- Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [00asw] - {472083B0-C522-11CF-8763-00608CC02F24} = - No File
ContextMenuHandlers1: [UnLockerMenu] - {A6FF0E3A-8437-482C-8E04-4F9E15C57538} = - No File
Task: {23255BAB-6943-4A9D-A155-8CDBE2038FC9} - \CGN - No File <==== ATTENTION
Task: {27700DDD-D025-40FA-9E2D-41DCAB90479C} - System32\Tasks\{DE09D17B-43CE-4DB5-81B4-DB946900C8E8} = C:\Users\User\Desktop\lol.launcher.admin.exe
Task: {2860C992-92DE-4D9E-A4CB-E75AA5D71B20} - System32\Tasks\{15DDAC37-4421-43C4-8898-E16C7EC905DA} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\NetLimiter.Pro + Crack by ZeixGames\NetLimiter.Pro.v3.0.0.11.Final.Incl.Serial-DOA\nl3setup.exe" -d "C:\Users\User\Desktop\NetLimiter.Pro + Crack by ZeixGames\NetLimiter.Pro.v3.0.0.11.Final.Incl.Serial-DOA"
Task: {2CB60399-9C0B-4CEB-B330-CEB141219656} - System32\Tasks\{DB1463C0-98E9-4CD2-8CF1-10169A0BC204} = "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.40.0.104/es/go/help.faq.installer?LastError=1603
Task: {42F181CE-4A2A-4B9F-858D-313C847F75A2} - System32\Tasks\{E303D852-6CD1-4123-9612-2298EF0F1201} = C:\Users\User\Desktop\Age of Empires II\age2_x1\age2_x1.exe
Task: {43BD4099-386B-48CB-83C5-F5FA4B91F52C} - System32\Tasks\{22A4202A-218C-40E7-8911-F0B9D95F3F65} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE
Task: {53DD5F1A-7722-4C5A-84C0-FCD12EB2751D} - System32\Tasks\{BB7394AE-42C9-4837-91AC-D5E37B9D9C8F} = C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE
Task: {608CDBDB-62CA-4193-8C15-97A88F0E38F7} - System32\Tasks\{A1521378-FD08-42DC-B3E8-60A407AA3D61} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE
Task: {62C7F1B4-A5AF-4562-91B7-F834D8F7B27A} - System32\Tasks\{C2C2AB1A-8E37-4293-A55B-0C92698D0FE1} = C:\Windows\system32\pcalua.exe -a "D:\Archivos de Programa\Electronic Arts\La Batalla por la Tierra Media II\extra_uninst.exe" -d "D:\Archivos de Programa\Electronic Arts\La Batalla por la Tierra Media II"
Task: {684A64C7-2864-4FDD-8B80-6CF5DBBB50FF} - System32\Tasks\{0C647C7C-9D90-47C7-8991-80684F708098} = C:\Users\User\Desktop\lol.launcher.admin.exe
Task: {6A132511-0D45-4AEE-98A7-D84C42F1F324} - System32\Tasks\{7A8D9BBF-65BC-4EBE-93E4-F585491A4089} = C:\Users\User\Desktop\Age of Empires II\age2_x1\age2_x1.exe
Task: {6E7E9E94-E8D6-47F4-A9A4-C2D6005067ED} - System32\Tasks\{C4DF1F81-48E6-4702-8D16-42FA90F0D69F} = C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE
Task: {6FEC5104-49BC-4A4A-9276-28DF209F0965} - System32\Tasks\{CBF17FE6-6449-4174-ACD9-6872818A6985} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\TODO\001CS\cs16full_vprimetime.exe -d C:\Users\User\Desktop\TODO\001CS
Task: {869C6040-C48F-4906-ACC9-046835F05004} - System32\Tasks\{64A464BF-395E-4982-AF30-2F77C02DE80C} = C:\Program Files (x86)\Droid4X\Droid4X.exe [2016-02-03] ()
Task: {89A1BB60-19C1-4975-8E96-28BC70BF34E8} - System32\Tasks\{CB7759DF-25F7-43DE-8237-2D6DE19E0483} = C:\Program Files (x86)\Nox\bin\Nox.exe [2018-02-12] (Duodian Technology Co. Ltd.)
Task: {8AE476BF-C3E8-4B00-93E1-E97100A79F08} - System32\Tasks\{78AC6297-DB29-430B-A4CD-4227B7AE99B5} = C:\Users\User\Desktop\age of empires\AGE2_X1.EXE
Task: {97BE40CE-989E-4F96-B427-FF866A41E906} - System32\Tasks\{BAC6C9A5-E3AF-45FB-84B4-4B19C2788FCE} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Downloads\UdieToo.exe -d C:\Users\User\Downloads
Task: {A16463B3-9253-4825-B028-3AEAD78092EB} - System32\Tasks\{220FCD14-C560-4B5F-AA08-A5C7F560CCC3} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\WC3Setup_wc3\WC3 Setup\WC3 Setup.exe" -d "C:\Users\User\Desktop\WC3Setup_wc3\WC3 Setup"
Task: {B7B9483E-EF53-4663-9FC4-AD7CB42F9E08} - System32\Tasks\Avast Software\Overseer = C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-22] (AVAST Software)
Task: {B9EB1849-20B7-42C3-90CF-7B7DE19633A1} - System32\Tasks\{826057AF-69D4-4D52-9F67-FDFF824125DA} = C:\Program Files (x86)\EA Games\Command and Conquer Generals\generals.exe [2003-02-15] ()
Task: {BD924637-0497-47B5-958A-C8CD095830D6} - System32\Tasks\{A84F0D04-404B-4F87-B437-499FE90DB621} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE -d C:\Users\User\Desktop\Conquerors
Task: {C3DF8CB6-491F-4217-B401-D930573BA7AF} - System32\Tasks\{9A8580AD-6123-41DC-84C8-48D050120C18} = C:\Windows\system32\pcalua.exe -a C:\Users\User\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe -c /uninstall
Task: {CB107FCD-1A4C-44FC-8BED-55E55ADFAE34} - System32\Tasks\{F7B22FD6-F487-4CA9-93E3-720D2F9E4120} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE
Task: {CBA748B0-2945-467B-B865-98B750711657} - System32\Tasks\{B096B678-60BD-43D1-832E-BFA638450CA8} = C:\Users\User\Desktop\Counter-Strike 1.6\hl.exe
Task: {CD55B1A8-16D6-4DE1-BE59-F4A87F9C37E9} - System32\Tasks\{60491E74-E748-4F9D-815F-C74977720FCD} = C:\Users\User\Desktop\Valve\hl.exe
Task: {D7897A18-37D4-4887-BDAF-10BECA202F01} - System32\Tasks\{53D8F08C-5419-4E1C-9CBD-D2E0023F263C} = C:\Users\User\Desktop\age\AGE2_X1.EXE
Task: {E7069BF4-D921-4419-B9BA-6A13A8C3D908} - System32\Tasks\{454FCEFD-3FE1-421D-9E90-1467034F19E8} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\age of empires\AOCSETUP.EXE" -d "C:\Users\User\Desktop\age of empires"
Task: {E9A14DF7-7F37-449A-B949-92EDF26903BB} - System32\Tasks\{9DA9751A-7DA0-4276-B67A-E3C20D81088A} = C:\Program Files (x86)\Electronic Arts\La Batalla por la Tierra Media II\lotrbfme2.exe [2006-01-26] ()
Task: {EB904BB8-D785-4C09-A81D-C6EF7DC46897} - System32\Tasks\{849BFDEC-A19E-4596-9FFF-0550736879B5} = D:\Counter-Strike 1.6Lucas\hl.exe
Task: {F996E00E-42C1-4AAC-A862-07803F3C4CB4} - System32\Tasks\CCleanerSkipUAC = C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd)
Task: {FD48FA52-2E09-4916-9A7B-0A378A40B317} - System32\Tasks\{A1B02E15-4B3E-4FB8-B8F0-20603798C5B5} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\cs16full_by_clanco.exe -d C:\Users\User\Desktop
AlternateDataStreams: C:\Users\Public\AppData:CSM [476]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]
HKLM-x32\...\Run: [] = [X]
HKLM-x32\...\Run: [AvastUI.exe] = "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {007fa624-4291-11e5-a872-74d43556f1f4} - 0
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {0832b0fd-65cc-11e6-903a-74d43556f1f4} - H:\AutoRun.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {4401db5f-19b6-11e4-a6a5-74d43556f1f4} - G:\setup.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {495dde5d-72b8-11e6-a500-74d43556f1f4} - setup.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {963ab058-76ca-11e5-80b3-74d43556f1f4} - F:\Startme.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {b678dfd2-dc77-11e6-aae1-74d43556f1f4} - E:\LGAutoRun.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {da84eacf-83fa-11e4-baee-74d43556f1f4} - H:\setup.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {da84ead2-83fa-11e4-baee-74d43556f1f4} - 0
GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird = not found
FF Plugin: @microsoft.com/GENUINE - disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE - disabled [No File]
FF Plugin-x32: @t.garena.com/garenatalk - C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12400 2017-05-03] (Macrovision Europe Ltd) [File not signed]
S1 Bnbase; System32\drivers\bnbasex64.sys [X]
S1 Bndef; \??\C:\Windows\System32\drivers\bndef64.sys [X]
S1 Bprotect; \??\C:\Windows\System32\drivers\Bprotect.sys [X]
S3 cpuz138; \??\C:\Users\User\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2019-01-25 14:02 - 2016-01-29 13:58 - 000000000 ____D C:\ProgramData\IObit
2016-03-13 20:23 - 2016-03-13 22:56 - 000002661 _____ () C:\Users\User\AppData\Roaming\droid4xinstaller.log
2017-01-24 05:29 - 2017-01-24 05:29 - 000044988 _____ () C:\Users\User\AppData\Roaming\ICSW_0I1G0P1C1F1O1L2ZtJ1V0A0V0A0S0T.txt
2014-08-26 16:37 - 2014-10-16 21:21 - 000000781 _____ () C:\Users\User\AppData\Roaming\MPQEditor.ini
2015-06-14 15:14 - 2017-04-12 00:00 - 000045270 _____ () C:\Users\User\AppData\Roaming\room_v3.dat
2016-08-06 18:18 - 2016-09-05 00:21 - 000000176 _____ () C:\Users\User\AppData\Roaming\WB.CFG
2015-11-21 17:14 - 2015-11-21 17:14 - 000000001 _____ () C:\Users\User\AppData\Local\llftool.4.25.agreement
2018-07-03 23:46 - 2018-11-24 03:53 - 000000522 _____ () C:\Users\User\AppData\Local\Nox_crash.log
2014-08-03 23:07 - 2019-01-25 04:20 - 000007613 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
2019-01-21 16:06 - 2019-01-25 04:24 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-01-25 14:03 - 2017-11-11 05:29 - 000000000 ____D C:\ProgramData\AVAST Software
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
-
Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
-
Presionar el botón FIX y aguardar a que termine.
-
La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).
Pegar el contenido de este fichero en tu próxima respuesta.
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Saludos.
Fix result of Farbar Recovery Scan Tool (x64) Version: 30.01.2019
Ran by User (01-02-2019 23:44:05) Run:1
Running from C:\Users\User\Desktop\Desinfectar la pc
Loaded Profiles: User & (Available Profiles: User)
Boot Mode: Safe Mode (with Networking)
==============================================
fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [00asw] - {472083B0-C522-11CF-8763-00608CC02F24} = - No File
ContextMenuHandlers1: [UnLockerMenu] - {A6FF0E3A-8437-482C-8E04-4F9E15C57538} = - No File
Task: {23255BAB-6943-4A9D-A155-8CDBE2038FC9} - \CGN - No File &lt;==== ATTENTION
Task: {27700DDD-D025-40FA-9E2D-41DCAB90479C} - System32\Tasks\{DE09D17B-43CE-4DB5-81B4-DB946900C8E8} = C:\Users\User\Desktop\lol.launcher.admin.exe
Task: {2860C992-92DE-4D9E-A4CB-E75AA5D71B20} - System32\Tasks\{15DDAC37-4421-43C4-8898-E16C7EC905DA} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\NetLimiter.Pro + Crack by ZeixGames\NetLimiter.Pro.v3.0.0.11.Final.Incl.Serial-DOA\nl3setup.exe" -d "C:\Users\User\Desktop\NetLimiter.Pro + Crack by ZeixGames\NetLimiter.Pro.v3.0.0.11.Final.Incl.Serial-DOA"
Task: {2CB60399-9C0B-4CEB-B330-CEB141219656} - System32\Tasks\{DB1463C0-98E9-4CD2-8CF1-10169A0BC204} = "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.40.0.104/es/go/help.faq.installer?LastError=1603
Task: {42F181CE-4A2A-4B9F-858D-313C847F75A2} - System32\Tasks\{E303D852-6CD1-4123-9612-2298EF0F1201} = C:\Users\User\Desktop\Age of Empires II\age2_x1\age2_x1.exe
Task: {43BD4099-386B-48CB-83C5-F5FA4B91F52C} - System32\Tasks\{22A4202A-218C-40E7-8911-F0B9D95F3F65} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE
Task: {53DD5F1A-7722-4C5A-84C0-FCD12EB2751D} - System32\Tasks\{BB7394AE-42C9-4837-91AC-D5E37B9D9C8F} = C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE
Task: {608CDBDB-62CA-4193-8C15-97A88F0E38F7} - System32\Tasks\{A1521378-FD08-42DC-B3E8-60A407AA3D61} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE
Task: {62C7F1B4-A5AF-4562-91B7-F834D8F7B27A} - System32\Tasks\{C2C2AB1A-8E37-4293-A55B-0C92698D0FE1} = C:\Windows\system32\pcalua.exe -a "D:\Archivos de Programa\Electronic Arts\La Batalla por la Tierra Media II\extra_uninst.exe" -d "D:\Archivos de Programa\Electronic Arts\La Batalla por la Tierra Media II"
Task: {684A64C7-2864-4FDD-8B80-6CF5DBBB50FF} - System32\Tasks\{0C647C7C-9D90-47C7-8991-80684F708098} = C:\Users\User\Desktop\lol.launcher.admin.exe
Task: {6A132511-0D45-4AEE-98A7-D84C42F1F324} - System32\Tasks\{7A8D9BBF-65BC-4EBE-93E4-F585491A4089} = C:\Users\User\Desktop\Age of Empires II\age2_x1\age2_x1.exe
Task: {6E7E9E94-E8D6-47F4-A9A4-C2D6005067ED} - System32\Tasks\{C4DF1F81-48E6-4702-8D16-42FA90F0D69F} = C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE
Task: {6FEC5104-49BC-4A4A-9276-28DF209F0965} - System32\Tasks\{CBF17FE6-6449-4174-ACD9-6872818A6985} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\TODO\001CS\cs16full_vprimetime.exe -d C:\Users\User\Desktop\TODO\001CS
Task: {869C6040-C48F-4906-ACC9-046835F05004} - System32\Tasks\{64A464BF-395E-4982-AF30-2F77C02DE80C} = C:\Program Files (x86)\Droid4X\Droid4X.exe [2016-02-03] ()
Task: {89A1BB60-19C1-4975-8E96-28BC70BF34E8} - System32\Tasks\{CB7759DF-25F7-43DE-8237-2D6DE19E0483} = C:\Program Files (x86)\Nox\bin\Nox.exe [2018-02-12] (Duodian Technology Co. Ltd.)
Task: {8AE476BF-C3E8-4B00-93E1-E97100A79F08} - System32\Tasks\{78AC6297-DB29-430B-A4CD-4227B7AE99B5} = C:\Users\User\Desktop\age of empires\AGE2_X1.EXE
Task: {97BE40CE-989E-4F96-B427-FF866A41E906} - System32\Tasks\{BAC6C9A5-E3AF-45FB-84B4-4B19C2788FCE} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Downloads\UdieToo.exe -d C:\Users\User\Downloads
Task: {A16463B3-9253-4825-B028-3AEAD78092EB} - System32\Tasks\{220FCD14-C560-4B5F-AA08-A5C7F560CCC3} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\WC3Setup_wc3\WC3 Setup\WC3 Setup.exe" -d "C:\Users\User\Desktop\WC3Setup_wc3\WC3 Setup"
Task: {B7B9483E-EF53-4663-9FC4-AD7CB42F9E08} - System32\Tasks\Avast Software\Overseer = C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-22] (AVAST Software)
Task: {B9EB1849-20B7-42C3-90CF-7B7DE19633A1} - System32\Tasks\{826057AF-69D4-4D52-9F67-FDFF824125DA} = C:\Program Files (x86)\EA Games\Command and Conquer Generals\generals.exe [2003-02-15] ()
Task: {BD924637-0497-47B5-958A-C8CD095830D6} - System32\Tasks\{A84F0D04-404B-4F87-B437-499FE90DB621} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE -d C:\Users\User\Desktop\Conquerors
Task: {C3DF8CB6-491F-4217-B401-D930573BA7AF} - System32\Tasks\{9A8580AD-6123-41DC-84C8-48D050120C18} = C:\Windows\system32\pcalua.exe -a C:\Users\User\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe -c /uninstall
Task: {CB107FCD-1A4C-44FC-8BED-55E55ADFAE34} - System32\Tasks\{F7B22FD6-F487-4CA9-93E3-720D2F9E4120} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE
Task: {CBA748B0-2945-467B-B865-98B750711657} - System32\Tasks\{B096B678-60BD-43D1-832E-BFA638450CA8} = C:\Users\User\Desktop\Counter-Strike 1.6\hl.exe
Task: {CD55B1A8-16D6-4DE1-BE59-F4A87F9C37E9} - System32\Tasks\{60491E74-E748-4F9D-815F-C74977720FCD} = C:\Users\User\Desktop\Valve\hl.exe
Task: {D7897A18-37D4-4887-BDAF-10BECA202F01} - System32\Tasks\{53D8F08C-5419-4E1C-9CBD-D2E0023F263C} = C:\Users\User\Desktop\age\AGE2_X1.EXE
Task: {E7069BF4-D921-4419-B9BA-6A13A8C3D908} - System32\Tasks\{454FCEFD-3FE1-421D-9E90-1467034F19E8} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\age of empires\AOCSETUP.EXE" -d "C:\Users\User\Desktop\age of empires"
Task: {E9A14DF7-7F37-449A-B949-92EDF26903BB} - System32\Tasks\{9DA9751A-7DA0-4276-B67A-E3C20D81088A} = C:\Program Files (x86)\Electronic Arts\La Batalla por la Tierra Media II\lotrbfme2.exe [2006-01-26] ()
Task: {EB904BB8-D785-4C09-A81D-C6EF7DC46897} - System32\Tasks\{849BFDEC-A19E-4596-9FFF-0550736879B5} = D:\Counter-Strike 1.6Lucas\hl.exe
Task: {F996E00E-42C1-4AAC-A862-07803F3C4CB4} - System32\Tasks\CCleanerSkipUAC = C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd)
Task: {FD48FA52-2E09-4916-9A7B-0A378A40B317} - System32\Tasks\{A1B02E15-4B3E-4FB8-B8F0-20603798C5B5} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\cs16full_by_clanco.exe -d C:\Users\User\Desktop
AlternateDataStreams: C:\Users\Public\AppData:CSM [476]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]
HKLM-x32\...\Run: [] = [X]
HKLM-x32\...\Run: [AvastUI.exe] = "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {007fa624-4291-11e5-a872-74d43556f1f4} - 0
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {0832b0fd-65cc-11e6-903a-74d43556f1f4} - H:\AutoRun.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {4401db5f-19b6-11e4-a6a5-74d43556f1f4} - G:\setup.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {495dde5d-72b8-11e6-a500-74d43556f1f4} - setup.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {963ab058-76ca-11e5-80b3-74d43556f1f4} - F:\Startme.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {b678dfd2-dc77-11e6-aae1-74d43556f1f4} - E:\LGAutoRun.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {da84eacf-83fa-11e4-baee-74d43556f1f4} - H:\setup.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {da84ead2-83fa-11e4-baee-74d43556f1f4} - 0
GroupPolicy: Restriction ? &lt;==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction &lt;==== ATTENTION
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird = not found
FF Plugin: @microsoft.com/GENUINE - disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE - disabled [No File]
FF Plugin-x32: @t.garena.com/garenatalk - C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12400 2017-05-03] (Macrovision Europe Ltd) [File not signed]
S1 Bnbase; System32\drivers\bnbasex64.sys [X]
S1 Bndef; \??\C:\Windows\System32\drivers\bndef64.sys [X]
S1 Bprotect; \??\C:\Windows\System32\drivers\Bprotect.sys [X]
S3 cpuz138; \??\C:\Users\User\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] &lt;==== ATTENTION
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2019-01-25 14:02 - 2016-01-29 13:58 - 000000000 ____D C:\ProgramData\IObit
2016-03-13 20:23 - 2016-03-13 22:56 - 000002661 _____ () C:\Users\User\AppData\Roaming\droid4xinstaller.log
2017-01-24 05:29 - 2017-01-24 05:29 - 000044988 _____ () C:\Users\User\AppData\Roaming\ICSW_0I1G0P1C1F1O1L2ZtJ1V0A0V0A0S0T.txt
2014-08-26 16:37 - 2014-10-16 21:21 - 000000781 _____ () C:\Users\User\AppData\Roaming\MPQEditor.ini
2015-06-14 15:14 - 2017-04-12 00:00 - 000045270 _____ () C:\Users\User\AppData\Roaming\room_v3.dat
2016-08-06 18:18 - 2016-09-05 00:21 - 000000176 _____ () C:\Users\User\AppData\Roaming\WB.CFG
2015-11-21 17:14 - 2015-11-21 17:14 - 000000001 _____ () C:\Users\User\AppData\Local\llftool.4.25.agreement
2018-07-03 23:46 - 2018-11-24 03:53 - 000000522 _____ () C:\Users\User\AppData\Local\Nox_crash.log
2014-08-03 23:07 - 2019-01-25 04:20 - 000007613 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
2019-01-21 16:06 - 2019-01-25 04:24 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-01-25 14:03 - 2017-11-11 05:29 - 000000000 ____D C:\ProgramData\AVAST Software
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers: [00asw] - {472083B0-C522-11CF-8763-00608CC02F24} = - No File => not found
HKLM\Software\Classes\CLSID\ShellIconOverlayIdentifiers: [00asw] - {472083B0-C522-11CF-8763-00608CC02F24} = - No File => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ContextMenuHandlers1: [UnLockerMenu] - {A6FF0E3A-8437-482C-8E04-4F9E15C57538} = - No File => not found
HKLM\Software\Classes\CLSID\ContextMenuHandlers1: [UnLockerMenu] - {A6FF0E3A-8437-482C-8E04-4F9E15C57538} = - No File => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23255BAB-6943-4A9D-A155-8CDBE2038FC9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23255BAB-6943-4A9D-A155-8CDBE2038FC9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{27700DDD-D025-40FA-9E2D-41DCAB90479C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27700DDD-D025-40FA-9E2D-41DCAB90479C}" => removed successfully
"C:\Windows\System32\Tasks\{DE09D17B-43CE-4DB5-81B4-DB946900C8E8} = C:\Users\User\Desktop\lol.launcher.admin.exe" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DE09D17B-43CE-4DB5-81B4-DB946900C8E8} = C:\Users\User\Desktop\lol.launcher.admin.exe" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2860C992-92DE-4D9E-A4CB-E75AA5D71B20}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2860C992-92DE-4D9E-A4CB-E75AA5D71B20}" => removed successfully
"C:\Windows\System32\Tasks\{15DDAC37-4421-43C4-8898-E16C7EC905DA} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\NetLimiter.Pro + Crack by ZeixGames\NetLimiter.Pro.v3.0.0.11.Final.Incl.Serial-DOA\nl3setup.exe" -d "C:\Users\User\Desktop\NetLimiter.Pro + Crack by ZeixGames\NetLimiter.Pro.v3.0.0.11.Final.Incl.Serial-DOA"" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{15DDAC37-4421-43C4-8898-E16C7EC905DA} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\NetLimiter.Pro + Crack by ZeixGames\NetLimiter.Pro.v3.0.0.11.Final.Incl.Serial-DOA\nl3setup.exe" -d "C:\Users\User\Desktop\NetLimiter.Pro + Crack by ZeixGames\NetLimiter.Pro.v3.0.0.11.Final.Incl.Serial-DOA"" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2CB60399-9C0B-4CEB-B330-CEB141219656}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CB60399-9C0B-4CEB-B330-CEB141219656}" => removed successfully
"C:\Windows\System32\Tasks\{DB1463C0-98E9-4CD2-8CF1-10169A0BC204} = "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.40.0.104/es/go/help.faq.installer?LastError=1603" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DB1463C0-98E9-4CD2-8CF1-10169A0BC204} = "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.40.0.104/es/go/help.faq.installer?LastError=1603" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{42F181CE-4A2A-4B9F-858D-313C847F75A2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42F181CE-4A2A-4B9F-858D-313C847F75A2}" => removed successfully
"C:\Windows\System32\Tasks\{E303D852-6CD1-4123-9612-2298EF0F1201} = C:\Users\User\Desktop\Age of Empires II\age2_x1\age2_x1.exe" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E303D852-6CD1-4123-9612-2298EF0F1201} = C:\Users\User\Desktop\Age of Empires II\age2_x1\age2_x1.exe" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{43BD4099-386B-48CB-83C5-F5FA4B91F52C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43BD4099-386B-48CB-83C5-F5FA4B91F52C}" => removed successfully
"C:\Windows\System32\Tasks\{22A4202A-218C-40E7-8911-F0B9D95F3F65} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{22A4202A-218C-40E7-8911-F0B9D95F3F65} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{53DD5F1A-7722-4C5A-84C0-FCD12EB2751D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53DD5F1A-7722-4C5A-84C0-FCD12EB2751D}" => removed successfully
"C:\Windows\System32\Tasks\{BB7394AE-42C9-4837-91AC-D5E37B9D9C8F} = C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BB7394AE-42C9-4837-91AC-D5E37B9D9C8F} = C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{608CDBDB-62CA-4193-8C15-97A88F0E38F7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{608CDBDB-62CA-4193-8C15-97A88F0E38F7}" => removed successfully
"C:\Windows\System32\Tasks\{A1521378-FD08-42DC-B3E8-60A407AA3D61} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A1521378-FD08-42DC-B3E8-60A407AA3D61} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62C7F1B4-A5AF-4562-91B7-F834D8F7B27A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62C7F1B4-A5AF-4562-91B7-F834D8F7B27A}" => removed successfully
"C:\Windows\System32\Tasks\{C2C2AB1A-8E37-4293-A55B-0C92698D0FE1} = C:\Windows\system32\pcalua.exe -a "D:\Archivos de Programa\Electronic Arts\La Batalla por la Tierra Media II\extra_uninst.exe" -d "D:\Archivos de Programa\Electronic Arts\La Batalla por la Tierra Media II"" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C2C2AB1A-8E37-4293-A55B-0C92698D0FE1} = C:\Windows\system32\pcalua.exe -a "D:\Archivos de Programa\Electronic Arts\La Batalla por la Tierra Media II\extra_uninst.exe" -d "D:\Archivos de Programa\Electronic Arts\La Batalla por la Tierra Media II"" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{684A64C7-2864-4FDD-8B80-6CF5DBBB50FF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{684A64C7-2864-4FDD-8B80-6CF5DBBB50FF}" => removed successfully
"C:\Windows\System32\Tasks\{0C647C7C-9D90-47C7-8991-80684F708098} = C:\Users\User\Desktop\lol.launcher.admin.exe" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0C647C7C-9D90-47C7-8991-80684F708098} = C:\Users\User\Desktop\lol.launcher.admin.exe" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A132511-0D45-4AEE-98A7-D84C42F1F324}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A132511-0D45-4AEE-98A7-D84C42F1F324}" => removed successfully
"C:\Windows\System32\Tasks\{7A8D9BBF-65BC-4EBE-93E4-F585491A4089} = C:\Users\User\Desktop\Age of Empires II\age2_x1\age2_x1.exe" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7A8D9BBF-65BC-4EBE-93E4-F585491A4089} = C:\Users\User\Desktop\Age of Empires II\age2_x1\age2_x1.exe" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E7E9E94-E8D6-47F4-A9A4-C2D6005067ED}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E7E9E94-E8D6-47F4-A9A4-C2D6005067ED}" => removed successfully
"C:\Windows\System32\Tasks\{C4DF1F81-48E6-4702-8D16-42FA90F0D69F} = C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C4DF1F81-48E6-4702-8D16-42FA90F0D69F} = C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6FEC5104-49BC-4A4A-9276-28DF209F0965}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6FEC5104-49BC-4A4A-9276-28DF209F0965}" => removed successfully
"C:\Windows\System32\Tasks\{CBF17FE6-6449-4174-ACD9-6872818A6985} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\TODO\001CS\cs16full_vprimetime.exe -d C:\Users\User\Desktop\TODO\001CS" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CBF17FE6-6449-4174-ACD9-6872818A6985} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\TODO\001CS\cs16full_vprimetime.exe -d C:\Users\User\Desktop\TODO\001CS" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{869C6040-C48F-4906-ACC9-046835F05004}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{869C6040-C48F-4906-ACC9-046835F05004}" => removed successfully
"C:\Windows\System32\Tasks\{64A464BF-395E-4982-AF30-2F77C02DE80C} = C:\Program Files (x86)\Droid4X\Droid4X.exe [2016-02-03] ()" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{64A464BF-395E-4982-AF30-2F77C02DE80C} = C:\Program Files (x86)\Droid4X\Droid4X.exe [2016-02-03] ()" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89A1BB60-19C1-4975-8E96-28BC70BF34E8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89A1BB60-19C1-4975-8E96-28BC70BF34E8}" => removed successfully
"C:\Windows\System32\Tasks\{CB7759DF-25F7-43DE-8237-2D6DE19E0483} = C:\Program Files (x86)\Nox\bin\Nox.exe [2018-02-12] (Duodian Technology Co. Ltd.)" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CB7759DF-25F7-43DE-8237-2D6DE19E0483} = C:\Program Files (x86)\Nox\bin\Nox.exe [2018-02-12] (Duodian Technology Co. Ltd.)" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8AE476BF-C3E8-4B00-93E1-E97100A79F08}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8AE476BF-C3E8-4B00-93E1-E97100A79F08}" => removed successfully
"C:\Windows\System32\Tasks\{78AC6297-DB29-430B-A4CD-4227B7AE99B5} = C:\Users\User\Desktop\age of empires\AGE2_X1.EXE" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{78AC6297-DB29-430B-A4CD-4227B7AE99B5} = C:\Users\User\Desktop\age of empires\AGE2_X1.EXE" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{97BE40CE-989E-4F96-B427-FF866A41E906}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97BE40CE-989E-4F96-B427-FF866A41E906}" => removed successfully
"C:\Windows\System32\Tasks\{BAC6C9A5-E3AF-45FB-84B4-4B19C2788FCE} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Downloads\UdieToo.exe -d C:\Users\User\Downloads" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BAC6C9A5-E3AF-45FB-84B4-4B19C2788FCE} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Downloads\UdieToo.exe -d C:\Users\User\Downloads" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A16463B3-9253-4825-B028-3AEAD78092EB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A16463B3-9253-4825-B028-3AEAD78092EB}" => removed successfully
"C:\Windows\System32\Tasks\{220FCD14-C560-4B5F-AA08-A5C7F560CCC3} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\WC3Setup_wc3\WC3 Setup\WC3 Setup.exe" -d "C:\Users\User\Desktop\WC3Setup_wc3\WC3 Setup"" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{220FCD14-C560-4B5F-AA08-A5C7F560CCC3} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\WC3Setup_wc3\WC3 Setup\WC3 Setup.exe" -d "C:\Users\User\Desktop\WC3Setup_wc3\WC3 Setup"" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{B7B9483E-EF53-4663-9FC4-AD7CB42F9E08}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7B9483E-EF53-4663-9FC4-AD7CB42F9E08}" => removed successfully
"C:\Windows\System32\Tasks\Avast Software\Overseer = C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-22] (AVAST Software)" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer = C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-22] (AVAST Software)" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9EB1849-20B7-42C3-90CF-7B7DE19633A1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9EB1849-20B7-42C3-90CF-7B7DE19633A1}" => removed successfully
"C:\Windows\System32\Tasks\{826057AF-69D4-4D52-9F67-FDFF824125DA} = C:\Program Files (x86)\EA Games\Command and Conquer Generals\generals.exe [2003-02-15] ()" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{826057AF-69D4-4D52-9F67-FDFF824125DA} = C:\Program Files (x86)\EA Games\Command and Conquer Generals\generals.exe [2003-02-15] ()" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD924637-0497-47B5-958A-C8CD095830D6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD924637-0497-47B5-958A-C8CD095830D6}" => removed successfully
"C:\Windows\System32\Tasks\{A84F0D04-404B-4F87-B437-499FE90DB621} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE -d C:\Users\User\Desktop\Conquerors" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A84F0D04-404B-4F87-B437-499FE90DB621} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE -d C:\Users\User\Desktop\Conquerors" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3DF8CB6-491F-4217-B401-D930573BA7AF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3DF8CB6-491F-4217-B401-D930573BA7AF}" => removed successfully
"C:\Windows\System32\Tasks\{9A8580AD-6123-41DC-84C8-48D050120C18} = C:\Windows\system32\pcalua.exe -a C:\Users\User\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe -c /uninstall" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9A8580AD-6123-41DC-84C8-48D050120C18} = C:\Windows\system32\pcalua.exe -a C:\Users\User\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe -c /uninstall" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB107FCD-1A4C-44FC-8BED-55E55ADFAE34}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB107FCD-1A4C-44FC-8BED-55E55ADFAE34}" => removed successfully
"C:\Windows\System32\Tasks\{F7B22FD6-F487-4CA9-93E3-720D2F9E4120} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F7B22FD6-F487-4CA9-93E3-720D2F9E4120} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBA748B0-2945-467B-B865-98B750711657}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBA748B0-2945-467B-B865-98B750711657}" => removed successfully
"C:\Windows\System32\Tasks\{B096B678-60BD-43D1-832E-BFA638450CA8} = C:\Users\User\Desktop\Counter-Strike 1.6\hl.exe" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B096B678-60BD-43D1-832E-BFA638450CA8} = C:\Users\User\Desktop\Counter-Strike 1.6\hl.exe" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CD55B1A8-16D6-4DE1-BE59-F4A87F9C37E9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD55B1A8-16D6-4DE1-BE59-F4A87F9C37E9}" => removed successfully
"C:\Windows\System32\Tasks\{60491E74-E748-4F9D-815F-C74977720FCD} = C:\Users\User\Desktop\Valve\hl.exe" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{60491E74-E748-4F9D-815F-C74977720FCD} = C:\Users\User\Desktop\Valve\hl.exe" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D7897A18-37D4-4887-BDAF-10BECA202F01}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7897A18-37D4-4887-BDAF-10BECA202F01}" => removed successfully
"C:\Windows\System32\Tasks\{53D8F08C-5419-4E1C-9CBD-D2E0023F263C} = C:\Users\User\Desktop\age\AGE2_X1.EXE" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{53D8F08C-5419-4E1C-9CBD-D2E0023F263C} = C:\Users\User\Desktop\age\AGE2_X1.EXE" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E7069BF4-D921-4419-B9BA-6A13A8C3D908}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7069BF4-D921-4419-B9BA-6A13A8C3D908}" => removed successfully
"C:\Windows\System32\Tasks\{454FCEFD-3FE1-421D-9E90-1467034F19E8} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\age of empires\AOCSETUP.EXE" -d "C:\Users\User\Desktop\age of empires"" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{454FCEFD-3FE1-421D-9E90-1467034F19E8} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\age of empires\AOCSETUP.EXE" -d "C:\Users\User\Desktop\age of empires"" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E9A14DF7-7F37-449A-B949-92EDF26903BB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9A14DF7-7F37-449A-B949-92EDF26903BB}" => removed successfully
"C:\Windows\System32\Tasks\{9DA9751A-7DA0-4276-B67A-E3C20D81088A} = C:\Program Files (x86)\Electronic Arts\La Batalla por la Tierra Media II\lotrbfme2.exe [2006-01-26] ()" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9DA9751A-7DA0-4276-B67A-E3C20D81088A} = C:\Program Files (x86)\Electronic Arts\La Batalla por la Tierra Media II\lotrbfme2.exe [2006-01-26] ()" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB904BB8-D785-4C09-A81D-C6EF7DC46897}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB904BB8-D785-4C09-A81D-C6EF7DC46897}" => removed successfully
"C:\Windows\System32\Tasks\{849BFDEC-A19E-4596-9FFF-0550736879B5} = D:\Counter-Strike 1.6Lucas\hl.exe" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{849BFDEC-A19E-4596-9FFF-0550736879B5} = D:\Counter-Strike 1.6Lucas\hl.exe" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F996E00E-42C1-4AAC-A862-07803F3C4CB4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F996E00E-42C1-4AAC-A862-07803F3C4CB4}" => removed successfully
"C:\Windows\System32\Tasks\CCleanerSkipUAC = C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd)" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC = C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd)" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD48FA52-2E09-4916-9A7B-0A378A40B317}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD48FA52-2E09-4916-9A7B-0A378A40B317}" => removed successfully
"C:\Windows\System32\Tasks\{A1B02E15-4B3E-4FB8-B8F0-20603798C5B5} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\cs16full_by_clanco.exe -d C:\Users\User\Desktop" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A1B02E15-4B3E-4FB8-B8F0-20603798C5B5} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\cs16full_by_clanco.exe -d C:\Users\User\Desktop" => not found
C:\Users\Public\AppData => ":CSM" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HKLM-x32\...\Run: [] = [X]" => not found
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HKLM-x32\...\Run: [AvastUI.exe] = "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui" => not found
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F => removed successfully
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G => removed successfully
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{007fa624-4291-11e5-a872-74d43556f1f4} => removed successfully
HKLM\Software\Classes\CLSID\{007fa624-4291-11e5-a872-74d43556f1f4} => not found
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0832b0fd-65cc-11e6-903a-74d43556f1f4} => removed successfully
HKLM\Software\Classes\CLSID\{0832b0fd-65cc-11e6-903a-74d43556f1f4} => not found
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4401db5f-19b6-11e4-a6a5-74d43556f1f4} => removed successfully
HKLM\Software\Classes\CLSID\{4401db5f-19b6-11e4-a6a5-74d43556f1f4} => not found
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{495dde5d-72b8-11e6-a500-74d43556f1f4} => removed successfully
HKLM\Software\Classes\CLSID\{495dde5d-72b8-11e6-a500-74d43556f1f4} => not found
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{963ab058-76ca-11e5-80b3-74d43556f1f4} => removed successfully
HKLM\Software\Classes\CLSID\{963ab058-76ca-11e5-80b3-74d43556f1f4} => not found
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b678dfd2-dc77-11e6-aae1-74d43556f1f4} => removed successfully
HKLM\Software\Classes\CLSID\{b678dfd2-dc77-11e6-aae1-74d43556f1f4} => not found
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{da84eacf-83fa-11e4-baee-74d43556f1f4} => removed successfully
HKLM\Software\Classes\CLSID\{da84eacf-83fa-11e4-baee-74d43556f1f4} => not found
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{da84ead2-83fa-11e4-baee-74d43556f1f4} => removed successfully
HKLM\Software\Classes\CLSID\{da84ead2-83fa-11e4-baee-74d43556f1f4} => not found
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Mozilla\Thunderbird\Extensions\\[email protected]" => removed successfully
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled [No File] => not found
HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled [No File] => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @t.garena.com/garenatalk - C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]" => not found
HKLM\System\CurrentControlSet\Services\LiveUpdateSvc => removed successfully
LiveUpdateSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\secdrv => removed successfully
secdrv => service removed successfully
HKLM\System\CurrentControlSet\Services\Bnbase => removed successfully
Bnbase => service removed successfully
HKLM\System\CurrentControlSet\Services\Bndef => removed successfully
Bndef => service removed successfully
HKLM\System\CurrentControlSet\Services\Bprotect => removed successfully
Bprotect => service removed successfully
HKLM\System\CurrentControlSet\Services\cpuz138 => removed successfully
cpuz138 => service removed successfully
HKLM\System\CurrentControlSet\Services\gdrv => removed successfully
gdrv => service removed successfully
HKLM\System\CurrentControlSet\Services\GGSAFERDriver => removed successfully
GGSAFERDriver => service removed successfully
HKLM\System\CurrentControlSet\Services\Synth3dVsc => removed successfully
Synth3dVsc => service removed successfully
HKLM\System\CurrentControlSet\Services\tsusbhub => removed successfully
tsusbhub => service removed successfully
HKLM\System\CurrentControlSet\Services\VGPU => removed successfully
VGPU => service removed successfully
HKLM\System\CurrentControlSet\Services\xhunter1 => removed successfully
xhunter1 => service removed successfully
C:\ProgramData\IObit => moved successfully
C:\Users\User\AppData\Roaming\droid4xinstaller.log => moved successfully
C:\Users\User\AppData\Roaming\ICSW_0I1G0P1C1F1O1L2ZtJ1V0A0V0A0S0T.txt => moved successfully
C:\Users\User\AppData\Roaming\MPQEditor.ini => moved successfully
C:\Users\User\AppData\Roaming\room_v3.dat => moved successfully
C:\Users\User\AppData\Roaming\WB.CFG => moved successfully
C:\Users\User\AppData\Local\llftool.4.25.agreement => moved successfully
C:\Users\User\AppData\Local\Nox_crash.log => moved successfully
C:\Users\User\AppData\Local\Resmon.ResmonCfg => moved successfully
C:\Windows\System32\Tasks\Avast Software => moved successfully
C:\ProgramData\AVAST Software => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-101217576-2858605893-2529171766-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02012019234015133\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-101217576-2858605893-2529171766-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02012019234015133\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= End of CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
No se puede realizar ninguna operaci¢n en Conexi¢n de rea local 9 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de rea local 6 mientras los medios
est‚n desconectados.
Adaptador de Ethernet Conexi¢n de rea local 9:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de Ethernet Conexi¢n de rea local 6:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de Ethernet Conexi¢n de rea local:
Sufijo DNS espec¡fico para la conexi¢n. . :
V¡nculo: direcci¢n IPv6 local. . . : fe80::6d7c:1667:acda:d3dc%10
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.102
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : 192.168.0.1
Adaptador de t£nel isatap.{AA79CC30-6F8E-4E23-9E0D-A6196DEA0CDE}:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de t£nel Teredo Tunneling Pseudo-Interface:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
========= End of CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
Unable to connect to BITS - 0x8007042c
========= End of CMD: =========
========= netsh advfirewall reset =========
Aceptar
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= End of CMD: =========
========= netsh int ipv4 reset =========
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
========= netsh int ipv6 reset =========
Interfaz se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15497143 B
Java, Flash, Steam htmlcache => 249379383 B
Windows/system/drivers => 49506 B
Edge => 0 B
Chrome => 319855554 B
Firefox => 25304692 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33186 B
systemprofile32 => 740008 B
LocalService => 33326 B
NetworkService => 33058 B
User => 147390837 B
RecycleBin => 332969 B
EmptyTemp: => 723.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 23:44:54 ====
Al fin puede realizarlo, aparentemente con respecto al problema del internet a tenido resultado porque le realize un test y me muestra realmente lo que llega lo compare con otro dispositivo, cosa que antes no hacia siempre me mostraba poquito y la misma cantidad como si estuviera mini pillada. Pero ahora se ve bien. Gracias por la ayuda y por tu tiempo!
Perfecto excelente, nos alegra ver que ya está el problema inicial completamente arreglado, ahora solo queda eliminar las herramientas usadas.
Para hacerlo descarga DelFix.exe en tu escritorio.
-
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador -).
-
Marca todas las casillas, y pulsas en Run
Se abrirá el informe (DelFix.txt), puedes cerrarlo.
Para cualquier otro problema, no dudes en volver a postear., ya sabes dónde estamos.
Tema Solucionado.
Saludos, Javier.