Tengo 2 problemas en mi computadora


#1

Mis problemas son: Nº 1: Mi internet en una maquina especifica anda pésimo relice un test de velocidad solamente con esa maquina y me tiraba 0.5 mbs de bajada y 0 de subida. Al minuto siguiente lo hice con la otra maquina y me daba lo que realmente me llega siempre de internet. Entonces me da a pensar que algo hace que suceda eso en mi pc, informacion que puedan necesitar es windows 7 ultimate, tengo ese porque me resulta realmente cómodo mas que el 10. Seguí una guía para eliminación de malwares que había aquí pero luego de que termine la conexión seguía igual. Al ver esto intente matar procesos por así decirlo que tenían una conexión establecida con mi pc atravez del CMD usando el comando netstats -ano, para luego usar tasklist y taskilll pero ahi surge mi segundo problema cuando intento usar el comando tasklist me sale acceso denegado voy a donde esta alojado el cmd y le pongo abrir como administrador, para que no me diga acceso denegado y me sale error: error en la carga del proveedor. Esos son mis 2 problemas. Bueno desde ya muchas gracias.


#2

Hola @Lucas_Brunetta

Nos puedes poner los informes de las herramientas que dices usaste de la guía que viste.??


#3

si, Aquí están agrege un análisis de superantispyware. Rkill.txt (3,7 KB) Malwarebytes.txt (1,5 KB) SUPERAntiSpyware.txt (18,7 KB) eset.txt (2,7 KB)


#4

Hola.

No parece que tengas grandes infecciones. :thinking:

Pero vamos a realizar nuevos pasos para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Completo. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del manual :arrow_forward:Historial :arrow_backward: encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer, pulsamos Yes

  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos Javier.


#5

Buenas, disculpa que no pude responder antes aquí están los analizis:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 25/1/19
Hora del análisis: 13:29
Archivo de registro: 656bd595-20be-11e9-a3a5-00ffb812565c.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.463
Versión del paquete de actualización: 1.0.8920
Licencia: Gratis

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: User-PC\User

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 316790
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 22 min, 26 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build:    12-18-2018
# Database: 2018-12-17.4 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    01-25-2019
# Duration: 00:00:02
# OS:       Windows 7 Ultimate
# Cleaned:  22
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\IObit\Advanced SystemCare V7
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare V7
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted       C:\Program Files\minergate
Deleted       C:\ProgramData\ByteFence
Deleted       C:\Program Files\ByteFence
Deleted       C:\Windows\Installer\{4D0A0750-B034-4DF8-97DE-26F1212AC2FF}
Deleted       C:\Program Files (x86)\kuaiyong
Deleted       C:\Users\Public\Documents\Tongbu
Deleted       C:\extensions
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Solvusoft

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\SOFTWARE\e60d0c94fcf01fdaf4608ab8d225f836
Deleted       HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted       HKCU\Software\IObit\Advanced SystemCare
Deleted       HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted       HKU\S-1-5-18\Software\ByteFence
Deleted       HKU\.DEFAULT\Software\ByteFence
Deleted       HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
Deleted       HKCU\Software\Conduit
Deleted       HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Advanced SystemCare 9
Deleted       HKLM\SOFTWARE\Classes\Applications\DriverDocSetup.exe

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2974 octets] - [25/01/2019 14:00:51]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#6

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes

Version: 8.1.4 (07.09.2017)

Operating System: Windows 7 Ultimate x64

Ran by User (Administrator) on 25/01/2019 at 14:23:02,48

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 11

Successfully deleted: C:\ProgramData\mntemp (File)

Successfully deleted: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yjw0z6x7.default-1493320431356\Invalidprefs.js (File)

Successfully deleted: C:\Users\User\AppData\Roaming\productdata (Folder)

Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3B6RMC71 (Temporary Internet Files Folder)

Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J6BMXMDH (Temporary Internet Files Folder)

Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UTYL4MMZ (Temporary Internet Files Folder)

Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XN0IQ20B (Temporary Internet Files Folder)

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3B6RMC71 (Temporary Internet Files Folder)

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J6BMXMDH (Temporary Internet Files Folder)

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UTYL4MMZ (Temporary Internet Files Folder)

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XN0IQ20B (Temporary Internet Files Folder)

Registry: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 25/01/2019 at 14:27:03,03

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.01.2019

Ran by User (administrator) on USER-PC (25-01-2019 14:28:45)

Running from C:\Users\User\Desktop\Desinfectar la pc

Loaded Profiles: User (Available Profiles: User)

Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

() C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe

(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

(Microsoft Corporation) C:\Windows\System32\alg.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd)

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: F - F:\setup.exe

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: G - G:\setup.exe

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {007fa624-4291-11e5-a872-74d43556f1f4} - 0

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {0832b0fd-65cc-11e6-903a-74d43556f1f4} - H:\AutoRun.exe

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {4401db5f-19b6-11e4-a6a5-74d43556f1f4} - G:\setup.exe

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {495dde5d-72b8-11e6-a500-74d43556f1f4} - setup.exe

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {963ab058-76ca-11e5-80b3-74d43556f1f4} - F:\Startme.exe

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {b678dfd2-dc77-11e6-aae1-74d43556f1f4} - E:\LGAutoRun.exe

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {da84eacf-83fa-11e4-baee-74d43556f1f4} - H:\setup.exe

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {da84ead2-83fa-11e4-baee-74d43556f1f4} - 0

HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\system32\CFHD.dll [1355264 2015-09-22] (CineForm Inc.)

HKLM\...\Drivers32-x32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/)

HKLM\...\Drivers32-x32: [VIDC.CFHD] => C:\Windows\SysWOW64\CFHD.dll [1138688 2015-09-22] (CineForm Inc.)

HKLM\...\Drivers32-x32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-13] (Intel Corporation)

HKLM\...\Drivers32-x32: [msacm.iac2] => C:\Windows\SysWOW64\iac25_32.ax [197632 2009-07-13] (Intel Corporation)

HKLM\...\Drivers32-x32: [VIDC.IV41] => IR41_32.AX

HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-18] (Google Inc.)

HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache

HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

GroupPolicy: Restriction ? <==== ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 200.114.96.10 200.114.96.11

Tcpip\..\Interfaces\{0303FF7D-5DD1-4AE7-AB57-A2B01D931101}: [DhcpNameServer] 192.168.42.129

Tcpip\..\Interfaces\{0EF98519-B074-4157-8ED6-46EAF9B18D53}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Tcpip\..\Interfaces\{199906C3-2974-459C-A00D-DAE2180787A1}: [DhcpNameServer] 192.168.42.129

Tcpip\..\Interfaces\{222FE9D5-3B44-454B-9711-3A3EE89DB5B5}: [DhcpNameServer] 200.114.96.10 200.114.96.11

Tcpip\..\Interfaces\{465534B7-7B33-4D0E-8CDB-E0C84CDBAA6B}: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{91C0A6AF-A193-4B51-8977-B1EAE22A903A}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Tcpip\..\Interfaces\{AA79CC30-6F8E-4E23-9E0D-A6196DEA0CDE}: [DhcpNameServer] 200.114.96.10 200.114.96.11

Tcpip\..\Interfaces\{B812565C-C70F-4C82-BDF0-1656AFD335DD}: [DhcpNameServer] 7.254.254.254

Tcpip\..\Interfaces\{D0DC6734-6964-41B8-B627-68C4DF18DD32}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Tcpip\..\Interfaces\{DAAB41C9-8F8F-4441-83A7-024DE3D0891A}: [DhcpNameServer] 192.168.42.129

Tcpip\..\Interfaces\{E0DDFB6F-3A8E-47A5-9B9D-483249BB20DC}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Tcpip\..\Interfaces\{F226F962-B3D5-4B6D-96D1-A7858F6A1AC4}: [DhcpNameServer] 192.168.42.129

Tcpip\..\Interfaces\{F7A3EE50-722B-478F-8EAA-042882E7104C}: [DhcpNameServer] 192.168.42.129

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.sxe-anticheat.com/

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.sxe-anticheat.com/

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.sxe-anticheat.com/

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.sxe-anticheat.com/

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ar.msn.com/?ocid=iehp

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\Software\Microsoft\Internet Explorer\Main,Start Page =

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKLM-x32 -> DefaultScope value is missing

SearchScopes: HKU\S-1-5-21-101217576-2858605893-2529171766-1000 -> {33D59858-89D9-4AC2-A956-93875EB02323} URL = hxxp://search.sxe-anticheat.com/?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)

BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17] (Adobe Systems Incorporated)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)

BHO: BHOImpl Class -> {E1499FE7-129D-4B6E-B681-DDF21E14172C} -> C:\Program Files (x86)\ThinkSky\iTools 3\Extensions\iToolsBHO64.dll [2017-03-03] (iTools.hk)

BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17] (Adobe Systems Incorporated)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-25] (Oracle Corporation)

BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)

BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-25] (Oracle Corporation)

BHO-x32: BHOImpl Class -> {E1499FE7-129D-4B6E-B681-DDF21E14172C} -> C:\Program Files (x86)\ThinkSky\iTools 3\Extensions\iToolsBHO.dll [2017-03-03] (iTools.hk)

BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)

Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17] (Adobe Systems Incorporated)

Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)

Toolbar: HKU\S-1-5-21-101217576-2858605893-2529171766-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17] (Adobe Systems Incorporated)

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)

FireFox:

========

FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yjw0z6x7.default-1493320431356 [2019-01-25]

FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn

FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-02-02] [Legacy] [not signed]

FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-09] ()

FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [2014-08-27] (EA Digital Illusions CE AB)

FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)

FF Plugin: @itools.hk/npiTools, version=1.0.0 -> C:\Program Files (x86)\ThinkSky\iTools 3\Extensions\npiTools.dll [2017-03-03] ()

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()

FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [2014-08-27] (EA Digital Illusions CE AB)

FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)

FF Plugin-x32: @itools.hk/npiTools, version=1.0.0 -> C:\Program Files (x86)\ThinkSky\iTools 3\Extensions\npiTools.dll [2017-03-03] ()

FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-25] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-25] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-06-25] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-04-22] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-04-22] (NVIDIA Corporation)

FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)

FF Plugin HKU\S-1-5-21-101217576-2858605893-2529171766-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\User\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-09-17] (Zoom Video Communications, Inc.)

Chrome:

=======

CHR DefaultProfile: Default

CHR HomePage: Default -> msn.com

CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2019-01-25]

CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-08]

CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]

CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]

CHR Extension: (Búsqueda de Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]

CHR Extension: (Adobe Acrobat - Crear archivos PDF) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-12-08]

CHR Extension: (Documentos de Google sin conexión) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]

CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-01-16]

CHR Extension: (No Coin - Block miners on the web!) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojamcfopckidlocpkbelmpjcgmbgjcl [2019-01-21]

CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]

CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-18]

CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-01-21]

CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 119 [2019-01-25]

CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 119\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-23]

CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 119\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-23]

CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 119\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-23]

CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 119\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-23]

CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 119\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-23]

CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 121 [2019-01-25]

CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 121\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-23]

CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 121\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-23]

CHR Extension: (Adobe Acrobat) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 121\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-01-23]

CHR Extension: (Documentos de Google sin conexión) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 121\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-23]

CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 121\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-23]

CHR Extension: (Free VPN - El servicio VPN más rápido de la casa.) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 121\Extensions\ogojkdkkcopeepagdlddbninobfhfbcb [2019-01-23]

CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 121\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-23]

CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 121\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-23]

CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2019-01-25]

CHR HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-12-17]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)

S4 AIPS; C:\Program Files (x86)\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [File not signed]

S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)

S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7356680 2018-10-03] ()

S4 Droid4XService; C:\Program Files (x86)\Droid4X\Droid4XService.exe [269312 2016-01-06] () [File not signed]

S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2019-01-17] (EasyAntiCheat Ltd)

S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-06-11] (Hi-Rez Studios) [File not signed]

S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)

S4 IQOptionUpdater; C:\Program Files (x86)\IQ Option\IQOptionUpdater.exe [2957832 2018-05-30] ()

S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)

S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)

S4 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [242264 2014-11-20] ()

R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [323632 2017-05-05] (Locktime Software)

R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation)

S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation)

S4 Outfox; C:\Program Files\Outfox\OutfoxService.exe [83424 2018-02-26] (Golden Frog, GmbH)

S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2308424 2018-10-07] (Overwolf LTD)

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-09-06] ()

S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)

S4 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]

S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)

S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11294448 2018-03-09] (TeamViewer GmbH)

S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [838128 2016-12-15] (Tunngle.net GmbH) [File not signed]

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-02-13] (Bluestack System Inc. )

S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2016-09-04] (DT Soft Ltd)

S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [55232 2017-10-29] ()

R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-02-01] (REALiX(tm))

R0 nldrv; C:\Windows\System32\drivers\nldrv.sys [149880 2017-05-05] (Locktime Software)

R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)

S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [69544 2018-06-07] (NVIDIA Corporation)

R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)

S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)

S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [990864 2013-04-09] (Realtek Semiconductor Corporation )

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12400 2017-05-03] (Macrovision Europe Ltd) [File not signed]

S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)

R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [47736 2015-12-21] (Tunngle.net)

R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [231112 2013-01-02] (VIA Technologies, Inc.)

R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [301256 2013-01-02] (VIA Technologies, Inc.)

S3 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2018-07-01] (BigNox Corporation)

S1 Bfilter; \??\C:\Windows\System32\drivers\Bfilter.sys [X]

S1 Bfmon; \??\C:\Windows\System32\drivers\Bfmon.sys [X]

S1 Bnbase; System32\drivers\bnbasex64.sys [X]

S1 Bndef; \??\C:\Windows\System32\drivers\bndef64.sys [X]

S1 Bprotect; \??\C:\Windows\System32\drivers\Bprotect.sys [X]

S3 cpuz138; \??\C:\Users\User\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION

S3 gdrv; \??\C:\Windows\gdrv.sys [X]

S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]

S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]

S3 tsusbhub; system32\drivers\tsusbhub.sys [X]

S3 VGPU; System32\drivers\rdvgkmd.sys [X]

S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-25 14:28 - 2019-01-25 14:28 - 000000000 ____D C:\FRST

2019-01-25 14:27 - 2019-01-25 14:27 - 000002119 _____ C:\Users\User\Desktop\JRT.txt

2019-01-25 14:00 - 2019-01-25 14:02 - 000000000 ____D C:\AdwCleaner

2019-01-25 13:57 - 2019-01-25 14:28 - 000006452 _____ C:\Users\User\Desktop\Informes.txt

2019-01-25 13:27 - 2019-01-25 13:27 - 000008314 _____ C:\Users\User\Desktop\copia de seguridad.reg

2019-01-25 00:33 - 2019-01-25 00:33 - 000006740 _____ C:\Users\User\Downloads\f.txt

2019-01-24 20:48 - 2019-01-24 21:13 - 000000575 _____ C:\Users\User\Desktop\Lucas.txt

2019-01-24 16:03 - 2019-01-25 14:28 - 000000000 ____D C:\Users\User\Desktop\Desinfectar la pc

2019-01-24 00:13 - 2019-01-24 16:42 - 000001241 _____ C:\Users\User\Desktop\Lista de cuentas.txt

2019-01-23 20:32 - 2019-01-24 21:22 - 000086535 _____ C:\Users\User\Desktop\Bitecoin.xlsx

2019-01-23 19:04 - 2019-01-23 19:04 - 000002407 _____ C:\Users\User\Desktop\CacaDeCamello - Chrome.lnk

2019-01-23 08:41 - 2019-01-23 08:41 - 000002407 _____ C:\Users\User\Desktop\Cacatua - Chrome.lnk

2019-01-23 02:36 - 2019-01-23 02:37 - 000000000 ____D C:\Users\User\Documents\Need for Speed(TM) Payback

2019-01-23 02:25 - 2019-01-23 02:25 - 000000765 _____ C:\Users\Public\Desktop\Need for Speed™ Payback.lnk

2019-01-23 02:25 - 2019-01-23 02:25 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller

2019-01-23 02:25 - 2019-01-23 02:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™ Payback

2019-01-23 00:41 - 2019-01-23 00:47 - 000000075 _____ C:\Users\User\Desktop\liberar ram.vbe

2019-01-22 19:39 - 2019-01-22 19:40 - 000002750 _____ C:\Users\User\Desktop\eset.txt

2019-01-22 15:55 - 2019-01-22 15:58 - 007657592 _____ (ESET spol. s r.o.) C:\Users\User\Downloads\esetonlinescanner_enu.exe

2019-01-22 15:54 - 2019-01-22 15:54 - 000019152 _____ C:\Users\User\Desktop\SUPERAntiSpyware.txt

2019-01-22 15:30 - 2019-01-22 15:52 - 000001539 _____ C:\Users\User\Desktop\Malwarebytes.txt

2019-01-22 03:10 - 2019-01-22 03:11 - 001199668 _____ C:\Users\User\Desktop\elistara.zip

2019-01-22 02:20 - 2019-01-22 02:20 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2019-01-22 02:20 - 2019-01-22 02:20 - 000000000 ____D C:\Users\User\AppData\Local\mbamtray

2019-01-22 02:20 - 2019-01-22 02:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2019-01-22 02:20 - 2018-09-11 13:18 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys

2019-01-22 02:15 - 2019-01-22 02:49 - 000003822 _____ C:\Users\User\Desktop\Rkill.txt

2019-01-22 01:11 - 2019-01-22 01:11 - 000001457 _____ C:\Users\User\Desktop\iExplore.exe - Acceso directo.lnk

2019-01-22 01:11 - 2019-01-22 01:11 - 000000077 _____ C:\Users\User\Desktop\para hacer el tema.txt

2019-01-22 01:09 - 2019-01-22 01:11 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\User\Downloads\iExplore.exe

2019-01-21 21:51 - 2019-01-21 21:51 - 000000000 ____D C:\Users\User\AppData\Local\Microsoft_Corporation

2019-01-21 16:06 - 2019-01-25 04:24 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software

2019-01-21 16:00 - 2019-01-21 16:00 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk

2019-01-20 19:11 - 2019-01-20 19:15 - 011291834 _____ C:\Users\User\Downloads\Map_Pack.rar

2019-01-19 01:59 - 2019-01-23 08:41 - 000002351 _____ C:\Users\User\Desktop\Persona 1 - Chrome.lnk

2019-01-17 03:53 - 2019-01-17 03:53 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat

2019-01-17 00:17 - 2019-01-17 00:17 - 000000222 _____ C:\Users\User\Desktop\Paladins.url

2019-01-16 15:00 - 2019-01-17 23:48 - 000000000 ____D C:\Users\User\Desktop\Paks part

2019-01-11 14:54 - 2019-01-11 16:08 - 000000000 ____D C:\Users\User\Desktop\Excels,Words,txts y demas

2019-01-11 04:44 - 2019-01-11 04:44 - 000001183 _____ C:\Users\User\Desktop\LeagueClient.exe - Acceso directo.lnk

2019-01-11 03:34 - 2019-01-25 04:24 - 000000000 ____D C:\Users\User\Desktop\League of Legends

2019-01-11 03:26 - 2019-01-25 04:42 - 000002958 _____ C:\Windows\System32\Tasks\{D8256E88-EC27-4242-AED9-23C287D9E52B}

2019-01-11 02:47 - 2019-01-11 02:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Hextech Repair Tool

2019-01-11 02:40 - 2019-01-11 02:46 - 053616640 _____ C:\Users\User\Downloads\Hextech Repair Tool.msi

2019-01-11 00:06 - 2019-01-16 16:36 - 000000000 ____D C:\Users\User\Desktop\cuentas luckygames

2019-01-10 16:15 - 2019-01-17 03:50 - 000032742 _____ C:\Users\User\Desktop\9 dias.xlsx

2019-01-04 14:47 - 2019-01-04 14:48 - 000001362 _____ C:\Users\Public\Desktop\Mouse Controller.lnk

2019-01-04 14:47 - 2019-01-04 14:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuGiRi Software Development

2019-01-04 14:45 - 2019-01-25 04:42 - 000003036 _____ C:\Windows\System32\Tasks\{9BAECDCB-F6C0-475F-8CD5-3C95DA79044D}

2019-01-04 14:45 - 2019-01-25 04:42 - 000003036 _____ C:\Windows\System32\Tasks\{0A606A53-066D-4C2F-8779-724701AB65DC}

2018-12-28 00:34 - 2018-12-28 00:34 - 000070881 _____ C:\Users\User\Desktop\lucas luckygames.mcd

2018-12-27 16:05 - 2018-12-27 16:05 - 000000000 ____D C:\Users\User\AppData\Local\MuGiRi_Software_Developme

2018-12-27 16:04 - 2019-01-04 14:47 - 000000000 ____D C:\Program Files (x86)\MuGiRi Software Development

2018-12-27 16:03 - 2018-12-27 16:03 - 000432165 _____ (MuGiRi Software Development ) C:\Users\User\Downloads\MouseController_1.10.0.0.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-25 14:29 - 2017-03-03 14:29 - 000000316 _____ C:\Windows\Tasks\iToolsDaemon.job

2019-01-25 14:24 - 2018-06-21 23:02 - 000005024 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for User-PC-User User-PC

2019-01-25 14:13 - 2009-07-14 01:45 - 000014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2019-01-25 14:13 - 2009-07-14 01:45 - 000014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2019-01-25 14:12 - 2018-05-19 20:29 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update

2019-01-25 14:05 - 2017-01-18 01:28 - 000000000 ____D C:\ProgramData\NVIDIA

2019-01-25 14:03 - 2017-11-11 05:29 - 000000000 ____D C:\ProgramData\AVAST Software

2019-01-25 14:03 - 2017-03-03 14:29 - 000003286 _____ C:\Windows\System32\Tasks\iToolsDaemon

2019-01-25 14:03 - 2014-07-31 08:26 - 000000244 _____ C:\Windows\Tasks\AutoKMS.job

2019-01-25 14:03 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT

2019-01-25 14:02 - 2016-01-29 13:58 - 000000000 ____D C:\ProgramData\IObit

2019-01-25 13:29 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf

2019-01-25 13:26 - 2016-09-04 13:24 - 000000000 ____D C:\Users\User\AppData\Roaming\DAEMON Tools Pro

2019-01-25 13:23 - 2014-12-14 22:54 - 000000000 ____D C:\Program Files (x86)\EA Games

2019-01-25 13:23 - 2014-11-28 06:32 - 000000000 ____D C:\Program Files (x86)\Battle.net

2019-01-25 13:22 - 2014-08-01 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES

2019-01-25 12:52 - 2017-07-17 23:57 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios

2019-01-25 12:52 - 2014-07-31 08:26 - 000000244 _____ C:\Windows\Tasks\AutoKMSDaily.job

2019-01-25 04:42 - 2018-09-27 11:56 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2019-01-25 04:42 - 2018-09-27 11:56 - 000003940 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2019-01-25 04:42 - 2018-09-27 11:56 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2019-01-25 04:42 - 2018-09-27 11:56 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2019-01-25 04:42 - 2018-09-27 11:56 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2019-01-25 04:42 - 2018-09-27 11:56 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2019-01-25 04:42 - 2018-09-27 11:56 - 000003790 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2019-01-25 04:42 - 2018-03-13 20:16 - 000004488 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier

2019-01-25 04:42 - 2018-01-18 21:27 - 000003448 _____ C:\Windows\System32\Tasks\{15DDAC37-4421-43C4-8898-E16C7EC905DA}

2019-01-25 04:42 - 2017-01-18 01:29 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2019-01-25 04:42 - 2017-01-18 01:29 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2019-01-25 04:42 - 2017-01-18 01:29 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2019-01-25 04:42 - 2017-01-18 01:29 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2019-01-25 04:42 - 2015-09-24 20:19 - 000004320 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2019-01-25 04:42 - 2015-05-13 12:30 - 000003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

2019-01-25 04:42 - 2014-08-05 04:33 - 000002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC

2019-01-25 04:42 - 2014-08-01 02:04 - 000003470 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2019-01-25 04:42 - 2014-08-01 02:04 - 000003342 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2019-01-25 04:42 - 2014-07-31 08:26 - 000002842 _____ C:\Windows\System32\Tasks\AutoKMSDaily

2019-01-25 04:42 - 2014-07-31 08:26 - 000002536 _____ C:\Windows\System32\Tasks\AutoKMS

2019-01-25 04:20 - 2014-08-03 23:07 - 000007613 _____ C:\Users\User\AppData\Local\Resmon.ResmonCfg

2019-01-25 04:20 - 2009-07-14 02:08 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2019-01-24 23:51 - 2018-01-02 21:03 - 000000000 ____D C:\Users\User\AppData\Roaming\Telegram Desktop

2019-01-24 18:39 - 2014-08-08 22:05 - 000000000 ____D C:\Users\User\AppData\Roaming\Skype

2019-01-23 20:29 - 2018-10-16 19:10 - 000000000 ____D C:\Users\User\Desktop\Todo referido al trading

2019-01-22 02:11 - 2017-08-28 20:40 - 000000000 ____D C:\Program Files\SUPERAntiSpyware

2019-01-22 00:23 - 2016-03-24 04:24 - 000000433 _____ C:\Windows\system32\Drivers\etc\hosts.ics

2019-01-22 00:11 - 2018-04-29 21:34 - 000000601 _____ C:\Users\User\Downloads\MP3.4.4 [www.tecnotutoshd.net].zip

2019-01-22 00:06 - 2018-06-09 19:03 - 000373019 _____ C:\Users\User\Downloads\xmrig-nvidia-2.6.1.zip

2019-01-22 00:05 - 2018-06-16 01:35 - 000563476 _____ C:\Users\User\Downloads\MaisBot.rar

2019-01-21 16:01 - 2017-04-11 18:35 - 000000000 ____D C:\Users\User\AppData\Roaming\TS3Client

2019-01-21 16:01 - 2016-08-30 23:59 - 000000000 ____D C:\Program Files (x86)\Steam

2019-01-21 16:00 - 2014-08-05 04:33 - 000000000 ____D C:\Program Files\CCleaner

2019-01-21 04:49 - 2017-05-03 01:48 - 000000000 ____D C:\Users\User\Documents\Command and Conquer Generals Zero Hour Data

2019-01-20 19:11 - 2017-01-12 13:17 - 000009216 ___SH C:\Users\User\Documents\Thumbs.db

2019-01-18 04:48 - 2017-10-11 16:22 - 000000000 ____D C:\Program Files\Epic Games

2019-01-17 03:49 - 2018-12-04 16:53 - 000000000 ____D C:\Users\User\AppData\Roaming\EasyAntiCheat

2019-01-17 00:00 - 2016-10-04 11:50 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2019-01-14 19:43 - 2018-01-03 17:03 - 000000000 ____D C:\Users\User\Downloads\Telegram Desktop

2019-01-11 15:00 - 2018-06-25 19:41 - 000000000 ____D C:\Users\User\Desktop\fotos test internet

2019-01-11 14:59 - 2018-10-16 19:13 - 000000000 ____D C:\Users\User\Desktop\Cosas de lol

2019-01-11 04:28 - 2009-07-14 06:31 - 004722194 _____ C:\Windows\system32\perfh00A.dat

2019-01-11 04:28 - 2009-07-14 06:31 - 001469870 _____ C:\Windows\system32\perfc00A.dat

2019-01-11 04:28 - 2009-07-14 02:13 - 000006508 _____ C:\Windows\system32\PerfStringBackup.INI

2019-01-11 03:12 - 2018-11-28 02:40 - 000000000 ____D C:\Users\User\AppData\Roaming\MPC-HC

2019-01-11 03:11 - 2015-12-26 15:48 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps

2019-01-11 02:18 - 2016-03-13 22:56 - 000000000 _____ C:\hsrv.txt

2019-01-10 21:06 - 2018-12-12 00:03 - 000000000 ____D C:\Users\User\Desktop\Referencias de lol

2019-01-09 19:15 - 2015-09-24 20:19 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2019-01-09 19:15 - 2015-09-24 20:19 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2019-01-09 19:15 - 2015-09-24 20:19 - 000000000 ____D C:\Windows\system32\Macromed

2019-01-09 19:15 - 2014-07-31 08:18 - 000000000 ____D C:\Windows\SysWOW64\Macromed

2019-01-06 18:04 - 2018-06-02 16:42 - 000000000 ____D C:\Program Files (x86)\IQ Option

==================== Files in the root of some directories =======

2016-03-13 20:23 - 2016-03-13 22:56 - 000002661 _____ () C:\Users\User\AppData\Roaming\droid4xinstaller.log

2017-01-24 05:29 - 2017-01-24 05:29 - 000044988 _____ () C:\Users\User\AppData\Roaming\ICSW_0I1G0P1C1F1O1L2ZtJ1V0A0V0A0S0T.txt

2014-08-26 16:37 - 2014-10-16 21:21 - 000000781 _____ () C:\Users\User\AppData\Roaming\MPQEditor.ini

2015-06-14 15:14 - 2017-04-12 00:00 - 000045270 _____ () C:\Users\User\AppData\Roaming\room_v3.dat

2016-08-06 18:18 - 2016-09-05 00:21 - 000000176 _____ () C:\Users\User\AppData\Roaming\WB.CFG

2015-11-21 17:14 - 2015-11-21 17:14 - 000000001 _____ () C:\Users\User\AppData\Local\llftool.4.25.agreement

2018-07-03 23:46 - 2018-11-24 03:53 - 000000522 _____ () C:\Users\User\AppData\Local\Nox_crash.log

2014-08-03 23:07 - 2019-01-25 04:20 - 000007613 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed

C:\Windows\system32\dllhost.exe => File is digitally signed

C:\Windows\SysWOW64\dllhost.exe => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-09-06 02:02

==================== End of FRST.txt ============================

#7

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.01.2019

Ran by User (25-01-2019 14:29:39)

Running from C:\Users\User\Desktop\Desinfectar la pc

Windows 7 Ultimate Service Pack 1 (X64) (2014-07-31 11:03:16)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrador (S-1-5-21-101217576-2858605893-2529171766-500 - Administrator - Disabled)

HomeGroupUser$ (S-1-5-21-101217576-2858605893-2529171766-1018 - Limited - Enabled)

Invitado (S-1-5-21-101217576-2858605893-2529171766-501 - Limited - Disabled)

User (S-1-5-21-101217576-2858605893-2529171766-1000 - Administrator - Enabled) => C:\Users\User

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)

Actualización de NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden

Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)

Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.14 - Adobe Systems)

Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.114 - Adobe Systems Incorporated)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)

Age of Mythology + The Titans (HKLM-x32\...\Age of Mythology + The Titans Expansion_is1) (Version: - )

AMX Mod X Installer 1.8.1 (HKLM-x32\...\AMX Mod X Installer) (Version: 1.8.1 - AMX Mod X Dev Team)

Apple Application Support (32 bits) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)

Apple Application Support (64 bits) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)

ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)

Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)

Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)

Battlezone 98 Redux (HKLM-x32\...\Battlezone 98 Redux_is1) (Version: - )

Binance version 1.0.0 (HKLM-x32\...\{F7C9C013-C42C-440F-979C-46BA1F534351}_is1) (Version: 1.0.0 - Binance)

BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 3.56.73.1817 - BlueStack Systems, Inc.)

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.)

Call of Duty Modern Warfare 2 (HKLM-x32\...\Call of Duty Modern Warfare 2_is1) (Version: - Activision)

CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)

Championify (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\Championify) (Version: 2.1.5 - Dustin Blackman)

Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)

Command & Conquer Generals (HKLM-x32\...\{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts) Hidden

Command & Conquer Generals (HKLM-x32\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)

Command & Conquer™ Red Alert™ 3 (HKLM-x32\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.0.1.0 - Electronic Arts)

Command and Conquer 3 Tiberium Wars Complete Collection versión 1.02 (HKLM-x32\...\{01BB7046-6217-4225-BFA8-A5E5DB2B0977}_is1) (Version: 1.02 - Electronic Arts)

Command and ConquerTM Generals Zero Hour (HKLM-x32\...\{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts) Hidden

Command and ConquerTM Generals Zero Hour (HKLM-x32\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts)

Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )

Counter-Strike 1.6 (HKLM-x32\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )

CPUID HWMonitor 1.32 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.32 - )

Crysis 3 version 1.0 (HKLM-x32\...\{646928DD-48C1-461C-AF2D-4BC15CB44A5A}_is1) (Version: 1.0 - Electronic Arts)

Curse (HKLM-x32\...\{75080CC9-4C7A-45C4-B149-9C2790FA88F6}) (Version: 6.0.0.0 - Curse)

DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)

Diablo Gold Repack (HKLM-x32\...\Diablo Gold Repack) (Version: - )

Discord (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\Discord) (Version: 0.0.301 - Discord Inc.)

DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 397.31 - NVIDIA Corporation) Hidden

Dolby Axon - 1.5.1.1 (HKLM-x32\...\{17936630-5344-4F18-9970-616129E2A114}_is1) (Version: 1.5.1.1 - Dolby Laboratories)

Droid4X (HKLM-x32\...\Droid4X) (Version: 0.9.0 - Haiyu Dongxiang Co.,Ltd.)

Dying Light (HKLM-x32\...\Dying Light_is1) (Version: - )

Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

El Señor de los Anillos® - La Conquista™ (HKLM-x32\...\{628C3D50-F524-4C49-A958-672CE7953756}) (Version: 1.0.0.1 - Electronic Arts)

Entropia Universe (HKLM-x32\...\Entropia Universe) (Version: 15.19.0.156378 - MindArk PE AB)

Epic Games Launcher (HKLM-x32\...\{16639F01-568E-450C-B4EF-4878543EC172}) (Version: 1.1.125.0 - Epic Games, Inc.)

Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden

Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line)

Freemake Video Converter versión 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)

Game Summary (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\Overwolf_nafihghfcpikebhfhdhljejkcifgbdahdhngepfb) (Version: 118.3.3 - Overwolf app)

GameRanger (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\GameRanger) (Version: - GameRanger Technologies)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden

Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden

GoPro App (HKLM-x32\...\{D0B85070-C2A8-4B3B-981B-D0D7229AA614}) (Version: 5.7.544 - GoPro, Inc.) Hidden

GoPro Studio 2.5.7 (HKLM-x32\...\{6cc291a1-549a-455c-bc7d-ec03aaf8f6b9}) (Version: 2.5.7.544 - GoPro, Inc.)

Hard Disk Low Level Format Tool 4.25 (HKLM-x32\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU)

Hero Editor V1.04 (HKLM-x32\...\ST6UNST #1) (Version: - )

Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.91 - Riot Games, Inc.)

HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.1.6.3 - Hi-Rez Studios)

Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)

HitFilm 4 Express (HKLM\...\{40EFEABF-B463-417A-B96D-CFDA42E1A70A}) (Version: 4.0.5609.10802 - FXHOME)

HP Deskjet 2510 series Estudio para la mejora del producto (HKLM\...\{D9C3A88D-5B0F-4FC3-8A7C-96B4E9AB1ADC}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)

HP Deskjet 2510 series Setup Guide (HKLM-x32\...\{216C7F38-4BBC-4E9A-8392-C9FA21B54386}) (Version: 27.0.0 - Hewlett Packard)

HP Deskjet 2510 series Software básico del dispositivo (HKLM\...\{A8F738FC-F8E7-4581-8929-F22136401377}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)

HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)

HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)

HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)

IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)

Injected Anti-cheat (HKLM-x32\...\Injected Anti-cheat) (Version: 17.2.0.0 - Alejandro Cortés)

IQ Option (HKLM-x32\...\IQ Option) (Version: 1.1 - IQOption)

iTools 3 (HKLM-x32\...\ThinkSky) (Version: - Shenzhen Thinksky Technology Co., Ltd.)

iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)

Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)

Juego Prototype(TM) (HKLM-x32\...\InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}) (Version: 1.0 - Activision)

La Batalla por la Tierra Media™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )

Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden

Left 4 Dead 2 Standalone Patch™ (HKLM-x32\...\L4D2SP) (Version: 9.5 - Gaming eXtreme)

LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.9.33 - www.leaguereplays.com)

LoLwiz (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\Overwolf_dmpfhbhjknfmncjinjaikncjjnklcplnodamiimn) (Version: 4.0.5 - Overwolf app)

Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)

MetaTrader 5 (HKLM\...\MetaTrader 5) (Version: 5.00 - MetaQuotes Software Corp.)

Microsoft .NET Framework 4.6.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.6.01590 - Microsoft Corporation)

Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Games for Windows - LIVE (HKLM-x32\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation)

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}) (Version: 2.0.687.0 - Microsoft Corporation)

Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 (HKLM-x32\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.26.02.03 - Huawei Technologies Co.,Ltd)

Mouse Controller version 1.10.0.0 (HKLM-x32\...\{558409e4-71ad-4b5f-9db7-15e987d0e3aa}_is1) (Version: 1.10.0.0 - MuGiRi Software Development)

Mozilla Firefox 61.0.1 (x64 es-AR) (HKLM\...\Mozilla Firefox 61.0.1 (x64 es-AR)) (Version: 61.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 61.0.1.6759 - Mozilla)

MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)

Need for Speed™ Most Wanted (HKLM-x32\...\{ADE91A13-434D-4229-00BC-182BAD607303}) (Version: - )

Need for Speed™ Payback (HKLM-x32\...\{F4CF3D08-565C-40B7-B351-D3033DE2172B}) (Version: 1.0.51.15364 - Electronic Arts)

Nero 7.10.1.0 (HKLM-x32\...\Nero7_is1) (Version: 7.10.1.0 - Nero AG)

NetLimiter 4 (HKLM\...\{C2475E06-0F70-4CDC-906E-DC48F716A376}) (Version: 4.0.30.0 - Locktime Software) Hidden

NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.30.0) (Version: 4.0.30.0 - Locktime Software)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)

Nox APP Player (HKLM-x32\...\Nox) (Version: 6.0.5.0 - Duodian Technology Co. Ltd.)

NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden

NVIDIA Controlador de 3D Vision 397.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 397.31 - NVIDIA Corporation)

NVIDIA Controlador de audio HD 1.3.37.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.1 - NVIDIA Corporation)

NVIDIA Controlador de gráficos 397.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 397.31 - NVIDIA Corporation)

NVIDIA Controlador de la controladora 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)

NVIDIA GeForce Experience 3.15.0.164 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.164 - NVIDIA Corporation)

NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)

OBS Studio (HKLM-x32\...\OBS Studio) (Version: 19.0.3 - OBS Project)

OldSchool RuneScape Launcher 1.2.7 (HKLM-x32\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd)

Oracle VM VirtualBox 4.3.12_ZZZZ (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)

Outfox (HKLM\...\{D6F22242-0EDB-4505-B1E9-DF536EB7D477}) (Version: 1.3.0 - Golden Frog, GmbH)

Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Overwolf (HKLM-x32\...\Overwolf) (Version: 0.118.3.8 - Overwolf Ltd.)

Panel de control de NVIDIA 397.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 397.31 - NVIDIA Corporation) Hidden

Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)

PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)

PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2211.0 - CyberLink Corporation)

Prototype(TM) (HKLM-x32\...\{9322A850-9091-4D0E-B252-3E82EDA3D94A}) (Version: 1.0 - Activision) Hidden

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)

RESIDENT EVIL 5 (HKLM-x32\...\{AC08BBA0-96B9-431A-A7D0-D8598E493775}) (Version: 1.0.0.129 - CAPCOM CO., LTD.)

Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

RMVB Converter 1.8 (HKLM-x32\...\{C3BDF1C8-66EF-4A0F-B427-A99E39706F45}_is1) (Version: - RMVB Codec)

Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)

Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)

Seven Kingdoms (HKLM-x32\...\Seven Kingdoms) (Version: - )

Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)

Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16104.4 - Samsung Electronics Co., Ltd.) Hidden

Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16104.4 - Samsung Electronics Co., Ltd.)

Sony PC Companion 2.10.235 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.235 - Sony)

StarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.4.2.20141 - Blizzard Entertainment)

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - )

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1250 - SUPERAntiSpyware.com)

sXe Injected (HKLM-x32\...\sXe Injected) (Version: 15.8.0.0 - Alejandro Cortés)

TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.3 - TeamSpeak Systems GmbH)

TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.1548 - TeamViewer)

Telegram Desktop version 1.5.8 (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.5.8 - Telegram Messenger LLP)

TL-WN822N/TL-WN821N Driver (HKLM-x32\...\{62FE0726-9652-4CD2-9F09-C769D8699C21}) (Version: 1.0.0 - TP-LINK)

TP-LINK TL-WN8200ND Controlador (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK)

Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{DAFCD7DE-1531-4483-9F53-170766074E85}) (Version: - Microsoft)

Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)

Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)

Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)

UserTesting (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\UserTestingPlugin) (Version: - UserTesting.com)

VFW_Codec32 (HKLM-x32\...\{D935F8D7-8B51-4C56-8BF6-3C35CBADCF39}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden

VFW_Codec64 (HKLM\...\{188A81E4-B0F0-4B0F-9627-1C1FE192EA58}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)

Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden

Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)

Windows Driver Package - BigNox Corporation YSDrv System (01/20/2017 4.3.12) (HKLM\...\1FF524CF3E58304F349D809470EC4A689914A4D5) (Version: 01/20/2017 4.3.12 - BigNox Corporation)

WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

Zoom (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File

ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)

ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-05-17] ()

ContextMenuHandlers1: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} => -> No File

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] ()

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-05-22] ()

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)

ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] ()

ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-05-22] ()

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-04-22] (NVIDIA Corporation)

ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] ()

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-05-22] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00BB77F1-7C85-44E0-B50F-DA41FFE9C05A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-12] (NVIDIA Corporation)

Task: {011A2450-74BF-40AC-9383-DDAF319C6B6F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated)

Task: {05A8E3F5-DFAF-44C0-B670-80BB72D152B2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-12] (NVIDIA Corporation)

Task: {0E5D70EE-B83E-4DAD-A3F7-8BA2A8F1DF87} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-12] (NVIDIA Corporation)

Task: {1555DA2D-95E7-4858-8819-DE157F86C699} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation)

Task: {17245DAD-07FE-4DD0-AF96-E61D0C12F2FF} - System32\Tasks\{D7A3690E-9DE4-40A3-8914-F2B3A424AB7F} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.18.0.112/es/abandoninstall?page=tsProgressBar

Task: {22024E13-6921-4E40-A370-F3D40B0597E1} - System32\Tasks\{EF37042D-7BCF-4331-8CD5-563F3200665C} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.18.0.109/es/abandoninstall?page=tsProgressBar

Task: {23255BAB-6943-4A9D-A155-8CDBE2038FC9} - \CGN -> No File <==== ATTENTION

Task: {24D40D4C-9A91-42D7-8BAF-0EEBF5ECB502} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-09-12] (NVIDIA Corporation)

Task: {27700DDD-D025-40FA-9E2D-41DCAB90479C} - System32\Tasks\{DE09D17B-43CE-4DB5-81B4-DB946900C8E8} => C:\Users\User\Desktop\lol.launcher.admin.exe

Task: {2860C992-92DE-4D9E-A4CB-E75AA5D71B20} - System32\Tasks\{15DDAC37-4421-43C4-8898-E16C7EC905DA} => C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\NetLimiter.Pro + Crack by ZeixGames\NetLimiter.Pro.v3.0.0.11.Final.Incl.Serial-DOA\nl3setup.exe" -d "C:\Users\User\Desktop\NetLimiter.Pro + Crack by ZeixGames\NetLimiter.Pro.v3.0.0.11.Final.Incl.Serial-DOA"

Task: {2B917CFB-7759-4343-AFE7-3DFF0ECB8B13} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

Task: {2CB60399-9C0B-4CEB-B330-CEB141219656} - System32\Tasks\{DB1463C0-98E9-4CD2-8CF1-10169A0BC204} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.40.0.104/es/go/help.faq.installer?LastError=1603

Task: {2D49F724-939D-41EF-A9CF-557131033F59} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)

Task: {2EAD83E9-40AF-4EE2-AD7C-8832912FFA40} - System32\Tasks\{B6EAFEC2-F62D-490C-9680-2AB300580857} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.18.0.112/es/abandoninstall?page=tsProgressBar

Task: {392582B4-618E-49EF-BB71-3A814A8062DC} - System32\Tasks\{F680BDD0-BF01-491C-8041-F6830C2FEBDF} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.18.0.112/es/abandoninstall?page=tsProgressBar

Task: {3A770D46-2522-43A2-81AB-794D8D9A6C57} - System32\Tasks\{36EE2500-BABE-424F-B57A-673A9F6F6C75} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.18.0.109/es/abandoninstall?source=lightinstaller&page=tsInstall

Task: {422D6301-1C73-47A0-9AE1-04E441C65F57} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-09-12] (NVIDIA Corporation)

Task: {42F181CE-4A2A-4B9F-858D-313C847F75A2} - System32\Tasks\{E303D852-6CD1-4123-9612-2298EF0F1201} => C:\Users\User\Desktop\Age of Empires II\age2_x1\age2_x1.exe

Task: {43BD4099-386B-48CB-83C5-F5FA4B91F52C} - System32\Tasks\{22A4202A-218C-40E7-8911-F0B9D95F3F65} => C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE

Task: {4492B81C-EB29-4F90-B953-F575F41434BD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

Task: {4747A4AC-738B-414B-A263-AABE80235196} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation)

Task: {483072B7-DF51-4A89-84AE-871EFAECDD32} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS\AutoKMS.exe

Task: {48CF9BAE-3BC5-4005-8207-D1961F734D95} - System32\Tasks\{9BAECDCB-F6C0-475F-8CD5-3C95DA79044D} => C:\Program Files (x86)\MuGiRi Software Development\Mouse Controller\MouseController.exe [2018-09-22] (MuGiRi Software Development)

Task: {5355586F-91B2-4BA3-BCCE-E3C4448AE15C} - System32\Tasks\{0A606A53-066D-4C2F-8779-724701AB65DC} => C:\Program Files (x86)\MuGiRi Software Development\Mouse Controller\MouseController.exe [2018-09-22] (MuGiRi Software Development)

Task: {53DD5F1A-7722-4C5A-84C0-FCD12EB2751D} - System32\Tasks\{BB7394AE-42C9-4837-91AC-D5E37B9D9C8F} => C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE

Task: {5BB5D420-6440-4209-9219-82A032CF7DB5} - System32\Tasks\{F3222736-4F9E-41F9-8B26-50EF87A21FB8} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.20.0.104/es/abandoninstall?page=tsProgressBar

Task: {608CDBDB-62CA-4193-8C15-97A88F0E38F7} - System32\Tasks\{A1521378-FD08-42DC-B3E8-60A407AA3D61} => C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE

Task: {62C7F1B4-A5AF-4562-91B7-F834D8F7B27A} - System32\Tasks\{C2C2AB1A-8E37-4293-A55B-0C92698D0FE1} => C:\Windows\system32\pcalua.exe -a "D:\Archivos de Programa\Electronic Arts\La Batalla por la Tierra Media II\extra_uninst.exe" -d "D:\Archivos de Programa\Electronic Arts\La Batalla por la Tierra Media II"

Task: {64DB0993-A4DD-437F-8377-C55EC0232E73} - System32\Tasks\{BCE46DC2-551C-4904-B596-128DA2586151} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.18.0.112/es/abandoninstall?page=tsProgressBar

Task: {684A64C7-2864-4FDD-8B80-6CF5DBBB50FF} - System32\Tasks\{0C647C7C-9D90-47C7-8991-80684F708098} => C:\Users\User\Desktop\lol.launcher.admin.exe

Task: {6A132511-0D45-4AEE-98A7-D84C42F1F324} - System32\Tasks\{7A8D9BBF-65BC-4EBE-93E4-F585491A4089} => C:\Users\User\Desktop\Age of Empires II\age2_x1\age2_x1.exe

Task: {6E7E9E94-E8D6-47F4-A9A4-C2D6005067ED} - System32\Tasks\{C4DF1F81-48E6-4702-8D16-42FA90F0D69F} => C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE

Task: {6FEC5104-49BC-4A4A-9276-28DF209F0965} - System32\Tasks\{CBF17FE6-6449-4174-ACD9-6872818A6985} => C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\TODO\001CS\cs16full_vprimetime.exe -d C:\Users\User\Desktop\TODO\001CS

Task: {73BD2EF4-B23A-4579-B078-60E02AFA95A0} - System32\Tasks\{6A4329F1-BCAC-4C04-AD73-DF7493D613B4} => C:\Users\User\Desktop\Valve\hl.exe

Task: {7C6891BC-BE94-46F4-A828-EBF9C7F18217} - System32\Tasks\{D8256E88-EC27-4242-AED9-23C287D9E52B} => C:\Riot Games\League of Legends\LeagueClient.exe

Task: {7C7991A2-C2FD-474F-9ADE-19A603C369F4} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe

Task: {869C6040-C48F-4906-ACC9-046835F05004} - System32\Tasks\{64A464BF-395E-4982-AF30-2F77C02DE80C} => C:\Program Files (x86)\Droid4X\Droid4X.exe [2016-02-03] ()

Task: {88D42418-CD40-47E7-97F8-77A9A94DF755} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)

Task: {89A1BB60-19C1-4975-8E96-28BC70BF34E8} - System32\Tasks\{CB7759DF-25F7-43DE-8237-2D6DE19E0483} => C:\Program Files (x86)\Nox\bin\Nox.exe [2018-02-12] (Duodian Technology Co. Ltd.)

Task: {8AE476BF-C3E8-4B00-93E1-E97100A79F08} - System32\Tasks\{78AC6297-DB29-430B-A4CD-4227B7AE99B5} => C:\Users\User\Desktop\age of empires\AGE2_X1.EXE

Task: {8E1B6539-1377-4240-BDA7-1DE221991ACC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

Task: {92A9C6BA-B932-408C-B26D-F335BC5E1089} - System32\Tasks\iToolsDaemon => C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe [2017-03-03] ()

Task: {97BE40CE-989E-4F96-B427-FF866A41E906} - System32\Tasks\{BAC6C9A5-E3AF-45FB-84B4-4B19C2788FCE} => C:\Windows\system32\pcalua.exe -a C:\Users\User\Downloads\UdieToo.exe -d C:\Users\User\Downloads

Task: {A16463B3-9253-4825-B028-3AEAD78092EB} - System32\Tasks\{220FCD14-C560-4B5F-AA08-A5C7F560CCC3} => C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\WC3Setup_wc3\WC3 Setup\WC3 Setup.exe" -d "C:\Users\User\Desktop\WC3Setup_wc3\WC3 Setup"

Task: {ACBD316A-B981-407F-B38E-9CEB3142C823} - System32\Tasks\HPCustParticipation HP Deskjet 2510 series => C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)

Task: {B7B9483E-EF53-4663-9FC4-AD7CB42F9E08} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-22] (AVAST Software)

Task: {B7FABADE-1685-4FDE-B717-A009CC190F82} - System32\Tasks\{55777623-B17E-4BEC-AE22-7E2D9B602595} => C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\Medicina Battlefield 3.exe" -d C:\Users\User\Desktop

Task: {B9EB1849-20B7-42C3-90CF-7B7DE19633A1} - System32\Tasks\{826057AF-69D4-4D52-9F67-FDFF824125DA} => C:\Program Files (x86)\EA Games\Command and Conquer Generals\generals.exe [2003-02-15] ()

Task: {BD924637-0497-47B5-958A-C8CD095830D6} - System32\Tasks\{A84F0D04-404B-4F87-B437-499FE90DB621} => C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE -d C:\Users\User\Desktop\Conquerors

Task: {C3DF8CB6-491F-4217-B401-D930573BA7AF} - System32\Tasks\{9A8580AD-6123-41DC-84C8-48D050120C18} => C:\Windows\system32\pcalua.exe -a C:\Users\User\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe -c /uninstall

Task: {C729B86A-4D59-414F-A8A2-698942B4E79F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-12] (NVIDIA Corporation)

Task: {CB107FCD-1A4C-44FC-8BED-55E55ADFAE34} - System32\Tasks\{F7B22FD6-F487-4CA9-93E3-720D2F9E4120} => C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE

Task: {CBA748B0-2945-467B-B865-98B750711657} - System32\Tasks\{B096B678-60BD-43D1-832E-BFA638450CA8} => C:\Users\User\Desktop\Counter-Strike 1.6\hl.exe

Task: {CD55B1A8-16D6-4DE1-BE59-F4A87F9C37E9} - System32\Tasks\{60491E74-E748-4F9D-815F-C74977720FCD} => C:\Users\User\Desktop\Valve\hl.exe

Task: {D140E52B-0941-492B-90F1-5FEC0EE476E9} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation)

Task: {D5106996-1733-4B0C-ABB6-2A8EF82C3A85} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2018-10-07] (Overwolf LTD)

Task: {D7897A18-37D4-4887-BDAF-10BECA202F01} - System32\Tasks\{53D8F08C-5419-4E1C-9CBD-D2E0023F263C} => C:\Users\User\Desktop\age\AGE2_X1.EXE

Task: {D8C21948-3FC7-42C3-90F4-0CBA999B3576} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

Task: {E176E7D9-27F2-47AE-A316-808B0B758D53} - System32\Tasks\Microsoft Office 15 Sync Maintenance for User-PC-User User-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-04-14] (Microsoft Corporation)

Task: {E1C4FBB6-96C6-421C-96FA-7DC938156940} - System32\Tasks\{CDB71C8D-E08A-4653-9B87-0D7ED7B7FB8D} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.20.0.104/es/abandoninstall?page=tsProgressBar

Task: {E2832CC9-CD55-4E64-9555-F08C1EB942C0} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation)

Task: {E7069BF4-D921-4419-B9BA-6A13A8C3D908} - System32\Tasks\{454FCEFD-3FE1-421D-9E90-1467034F19E8} => C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\age of empires\AOCSETUP.EXE" -d "C:\Users\User\Desktop\age of empires"

Task: {E9A14DF7-7F37-449A-B949-92EDF26903BB} - System32\Tasks\{9DA9751A-7DA0-4276-B67A-E3C20D81088A} => C:\Program Files (x86)\Electronic Arts\La Batalla por la Tierra Media II\lotrbfme2.exe [2006-01-26] ()

Task: {E9E30515-85A1-4C1A-A24D-7BC585138CF9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated)

Task: {EACE0372-C71A-4F62-BC4F-931671B967FD} - System32\Tasks\{C6BEA6B0-4CE8-4EC2-AF6B-5FDFEBD6E7B9} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.18.0.112/es/abandoninstall?page=tsProgressBar

Task: {EB904BB8-D785-4C09-A81D-C6EF7DC46897} - System32\Tasks\{849BFDEC-A19E-4596-9FFF-0550736879B5} => D:\Counter-Strike 1.6Lucas\hl.exe

Task: {ECB32314-4A1E-4D61-87BF-771E6AF33BA7} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-09-12] (NVIDIA Corporation)

Task: {F996E00E-42C1-4AAC-A862-07803F3C4CB4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd)

Task: {FD48FA52-2E09-4916-9A7B-0A378A40B317} - System32\Tasks\{A1B02E15-4B3E-4FB8-B8F0-20603798C5B5} => C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\cs16full_by_clanco.exe -d C:\Users\User\Desktop

Task: {FD975823-BDDB-4277-96B2-F08F9C341F15} - System32\Tasks\{5C343C60-F899-4C80-937C-70E3040EEE50} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.18.0.109/es/abandoninstall?source=lightinstaller&page=tsInstall

Task: {FF04685B-064E-4A78-9A10-816FF8D208B5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-01-10] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe

Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS\AutoKMS.exe

Task: C:\Windows\Tasks\iToolsDaemon.job => C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\User\Desktop\Games\Dark Reign.lnk -> C:\Program Files (x86)\Activision\Dark Reign\Dark Reign W7.bat ()

Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com

Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti

Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com

Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk

ShortcutWithArgument: C:\Users\User\Desktop\CacaDeCamello - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 121"

ShortcutWithArgument: C:\Users\User\Desktop\Cacatua - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 119"

ShortcutWithArgument: C:\Users\User\Desktop\Persona 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default"

ShortcutWithArgument: C:\Users\User\Desktop\cuentas luckygames\NightElf - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 26"

ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Vendedor - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 110"

ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b739e5c93ca27df0\Optica - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 79"

ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6c4e6cd5a0fae580\LecheEntera - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 108"

ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\495da1bfff1f1192\ElTriste - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 118"

ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\2b69239aeffb3861\HitFilm 4 Express Activation.lnk -> C:\Program Files\FXHOME\HitFilm 4 Express\ActivationApp\hitfilm-4-express.exe (The NWJS Community) -> --user-data-dir="C:\Users\User\AppData\Local\HitFilm 4 Express Activation\User Data" --profile-directory=Default --app-id=jbdgcoiicbhjmjpelekgpdamimehdecj

==================== Loaded Modules (Whitelisted) ==============

2015-06-16 16:58 - 2013-04-15 11:50 - 000198144 _____ () C:\Windows\System32\HP1006LM.DLL

2015-06-16 16:58 - 2013-04-15 11:50 - 000065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1006PP.dll

2017-03-03 14:41 - 2017-03-03 14:41 - 000494992 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe

2018-09-27 11:56 - 2018-09-12 08:45 - 001315024 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll

2014-08-17 21:03 - 2014-09-06 17:21 - 000076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2017-03-03 14:41 - 2017-03-03 14:41 - 002564496 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\iOSDevice.dll

2017-03-03 14:41 - 2017-03-03 14:41 - 000051600 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\Common.dll

2017-03-03 14:41 - 2017-03-03 14:41 - 000460176 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\TSLib.dll

2017-03-03 14:41 - 2017-03-03 14:41 - 000109968 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\ZLib.dll

2017-03-03 14:41 - 2017-03-03 14:41 - 001375120 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\MiscCore.dll

2017-03-03 14:41 - 2017-03-03 14:41 - 000676240 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\UICore.dll

2017-03-03 14:41 - 2017-03-03 14:41 - 000555408 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\Sqlite.dll

2017-03-03 14:41 - 2017-03-03 14:41 - 000164752 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\Network.dll

2017-03-03 14:41 - 2017-03-03 14:41 - 000189840 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\MiscMods.dll

2017-03-03 14:41 - 2017-03-03 14:41 - 000392592 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\MediaUtil.dll

2017-01-13 13:56 - 2017-01-13 13:56 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2017-01-13 13:56 - 2017-01-13 13:56 - 001041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [476]

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\84623655.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\84623655.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com

IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com

IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com

IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com

IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com

IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com

IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com

IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com

IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com

IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com

IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com

IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com

IE trusted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\clonewarsadventures.com -> clonewarsadventures.com

IE trusted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\freerealms.com -> freerealms.com

IE trusted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\soe.com -> soe.com

IE trusted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\sony.com -> sony.com

IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\008i.com -> 008i.com

IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\008k.com -> 008k.com

IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\00hq.com -> 00hq.com

IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\0190-dialers.com -> 0190-dialers.com

IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\01i.info -> 01i.info

IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com

IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\05p.com -> 05p.com

IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com

IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com

IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com

IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\0calories.net -> 0calories.net

IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\0cj.net -> 0cj.net

IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\0scan.com -> 0scan.com

IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com

IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\1-domains-registrations.com -> 1-domains-registrations.com

IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\1-se.com -> 1-se.com

IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\1001movie.com -> 1001movie.com

IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\1001night.biz -> 1001night.biz

IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\100gal.net -> 100gal.net

IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:34 - 2018-07-05 02:56 - 000001936 ____R C:\Windows\system32\drivers\etc\hosts

191.205.84.86 ww1.moonbit.co.in

191.205.84.86 ww1.moondash.co.in

191.205.84.86 ww1.faucetwhite.com

191.205.84.86 ww1.cutsouf.com

191.205.84.86 ww1.tny.ec

191.205.84.86 ww1.clicksfly.com

191.205.84.86 ww1.cashat.net

191.205.84.86 ww1.cut-earn.com

191.205.84.86 ww1.123short.com

191.205.84.86 ww1.short2win.com

191.205.84.86 ww1.fautsy.com

191.205.84.86 ww1.oturl.com

191.205.84.86 ww1.kuturl.com

191.205.84.86 ww1.btc.ms

2016-03-24 04:24 - 2019-01-22 00:23 - 000000433 _____ C:\Windows\system32\drivers\etc\hosts.ics

192.168.0.101 User-PC.mshome.net # 2023 12 6 9 6 18 25 88

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: %SystemRoot%\system32;%SystemRoot%

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: Media is not connected to internet.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AIPS => 2

MSCONFIG\Services: Apple Mobile Device Service => 2

MSCONFIG\Services: BEService => 3

MSCONFIG\Services: Bonjour Service => 2

MSCONFIG\Services: BstHdAndroidSvc => 3

MSCONFIG\Services: BstHdLogRotatorSvc => 2

MSCONFIG\Services: BstHdUpdaterSvc => 2

MSCONFIG\Services: Droid4XService => 2

MSCONFIG\Services: EasyAntiCheat => 3

MSCONFIG\Services: HiPatchService => 2

MSCONFIG\Services: HPSupportSolutionsFrameworkService => 3

MSCONFIG\Services: iPod Service => 3

MSCONFIG\Services: LiveUpdateSvc => 2

MSCONFIG\Services: Mobile Broadband HL Service => 2

MSCONFIG\Services: MozillaMaintenance => 3

MSCONFIG\Services: Outfox => 2

MSCONFIG\Services: rpcapd => 3

MSCONFIG\Services: SkypeUpdate => 2

MSCONFIG\Services: Sony PC Companion => 3

MSCONFIG\Services: ss_conn_service => 2

MSCONFIG\Services: Steam Client Service => 3

MSCONFIG\Services: TeamViewer => 2

MSCONFIG\Services: TunngleService => 3

MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Chrome.exe => C:\Windows\pss\Chrome.exe.Startup

MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

MSCONFIG\startupreg: BingSvc => C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe

MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe

MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

MSCONFIG\startupreg: Chromium => "c:\users\user\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session

MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun

MSCONFIG\startupreg: Discord => C:\Users\User\AppData\Local\Discord\app-0.0.298\Discord.exe

MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup

MSCONFIG\startupreg: EpicGamesLauncher => "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent

MSCONFIG\startupreg: GarenaPlus => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch

MSCONFIG\startupreg: GoPro Studio Importer => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"

MSCONFIG\startupreg: MinerGateGui => C:\Program Files\MinerGate\minergate.exe --auto

MSCONFIG\startupreg: NetLimiter => "C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe" /minimized

MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent

MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background

MSCONFIG\startupreg: Spotify => "C:\Users\User\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized

MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\User\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"

MSCONFIG\startupreg: Windscribe => "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart

#8

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2BA2804E-93AD-40CE-8E10-B9E4DC71E30A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.)

FirewallRules: [{2B58B955-4710-4563-9108-D8D3A1859D80}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.)

FirewallRules: [{4B755843-4740-40CF-A8D3-132528693684}] => (Allow) D:\Archivos de Programa\CAMPCOM\RE5DX9.EXE (CAPCOM CO., LTD.)

FirewallRules: [{E8FC09E2-1B90-48D3-AF2C-053E7032C3BE}] => (Allow) D:\Archivos de Programa\CAMPCOM\RE5DX9.EXE (CAPCOM CO., LTD.)

FirewallRules: [{B2E1B4AB-1F0B-4C2E-A9E8-C011DA55F5AB}] => (Allow) D:\Archivos de Programa\CAMPCOM\RE5DX10.EXE (CAPCOM CO., LTD.)

FirewallRules: [{ECE581D7-A7B8-4DB6-8943-672A0B1736F3}] => (Allow) D:\Archivos de Programa\CAMPCOM\RE5DX10.EXE (CAPCOM CO., LTD.)

FirewallRules: [{8C5B4A51-05C4-43CA-B62A-BFE6EC5F1184}] => (Allow) D:\Archivos de Programa\StarCraft II\StarCraft II.exe (Blizzard Entertainment)

FirewallRules: [{B3770DA8-16DC-4BAF-903D-A089A522E9FC}] => (Allow) D:\Archivos de Programa\StarCraft II\StarCraft II.exe (Blizzard Entertainment)

FirewallRules: [{8F550315-15C2-4A4E-BCB8-BB37A9610622}] => (Allow) C:\Program Files\HP\HP Deskjet 2510 series\Bin\USBSetup.exe (Hewlett-Packard Co.)

FirewallRules: [{CA3CD12A-12FC-4BD4-8516-83DCAB33EB10}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)

FirewallRules: [{44256504-59D9-45A4-B038-33070F4C1E69}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (EA Digital Illusions CE AB)

FirewallRules: [{5D03D51D-0AA6-44A2-941F-C90BA7A3DF36}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (EA Digital Illusions CE AB)

FirewallRules: [{BE7656BF-8D1B-4D19-9811-C8061A42447E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation)

FirewallRules: [{83C100A7-EF86-492F-AD1D-A249759D357E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation)

FirewallRules: [{42AD781B-4AE4-4D09-9B72-FF2822F61B87}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)

FirewallRules: [{FF954C2F-D333-404C-9331-5A2066C66D51}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)

FirewallRules: [{931EED9E-F27C-4022-9F14-AFDC06B10C75}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe ()

FirewallRules: [{5A7FA081-6D45-49FA-9EFC-ADAAF08428B8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe ()

FirewallRules: [{BB9896B8-5053-4B91-A866-5C45BE83EABB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe ()

FirewallRules: [{747F0CBE-01B0-431E-9BCF-A7E8CA4A92CC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe ()

FirewallRules: [{C8F3BE1A-BCFE-45A1-BC31-4813D69BAF03}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation)

FirewallRules: [{080513D0-1A4B-4C64-89D3-368BA75D2547}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation)

FirewallRules: [{D11E334F-8E22-4317-8CE1-D91F55DA8343}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)

FirewallRules: [{09954D28-AF37-45E6-A189-06E454643684}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)

FirewallRules: [{91F06D1A-476C-4305-B30F-82CB8731E697}] => (Allow) D:\Archivos de Programa\StarCraft II\Versions\Base10089\SC2.exe (Blizzard Entertainment, Inc.)

FirewallRules: [{90A53F97-F47A-4B95-B21A-01A443DCD992}] => (Allow) D:\Archivos de Programa\StarCraft II\Versions\Base10089\SC2.exe (Blizzard Entertainment, Inc.)

FirewallRules: [{212AD59B-DF88-4C0C-9E73-EA539ECE0F19}] => (Allow) D:\Archivos de Programa\StarCraft II\Versions\Base19132\SC2.exe (Blizzard Entertainment, Inc.)

FirewallRules: [{2B0227A2-B629-41AE-A7C3-26D270501346}] => (Allow) D:\Archivos de Programa\StarCraft II\Versions\Base19132\SC2.exe (Blizzard Entertainment, Inc.)

FirewallRules: [{15F480B7-7B5E-4C54-9ADB-CED553EC9598}] => (Allow) D:\Archivos de Programa\StarCraft II\Versions\Base19132\SC2.exe (Blizzard Entertainment, Inc.)

FirewallRules: [{A4DB51A1-F763-4B03-ACCE-BD40151E8C8D}] => (Allow) D:\Archivos de Programa\StarCraft II\Versions\Base19132\SC2.exe (Blizzard Entertainment, Inc.)

FirewallRules: [{DF6A39AE-1E02-4BAC-82B8-7208CEB23121}] => (Allow) D:\Archivos de Programa\Activision\Prototype\prototypef.exe (Activision)

FirewallRules: [{6A6CADA8-58E0-47B2-B074-7FB59A884332}] => (Allow) D:\Archivos de Programa\Activision\Prototype\prototypef.exe (Activision)

FirewallRules: [{4B4292B3-EC3C-42E9-AFBC-E67C03CF9B9E}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)

FirewallRules: [{6A41C5F7-B43D-4583-96B1-A6100F43A9F5}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)

FirewallRules: [TCP Query User{47D89323-C265-46E6-B019-309A423A4E51}C:\program files (x86)\victorval\diablo gold repack\diablo ii + lord of destruction\d2loader-1.12.exe] => (Allow) C:\program files (x86)\victorval\diablo gold repack\diablo ii + lord of destruction\d2loader-1.12.exe (Tsinghua Unversity)

FirewallRules: [UDP Query User{B56930F6-9FCC-46FE-A382-A204E3136D5D}C:\program files (x86)\victorval\diablo gold repack\diablo ii + lord of destruction\d2loader-1.12.exe] => (Allow) C:\program files (x86)\victorval\diablo gold repack\diablo ii + lord of destruction\d2loader-1.12.exe (Tsinghua Unversity)

FirewallRules: [TCP Query User{CC9B5A3C-E63A-40A1-98DF-FFB97B1C5920}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe ()

FirewallRules: [UDP Query User{8BC301B7-D73B-4EF1-B666-4A042C215216}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe ()

FirewallRules: [TCP Query User{D3F78ADD-AB4F-4969-B3F4-6D8BAA198E70}C:\program files (x86)\left 4 dead 2\left4dead2.exe] => (Allow) C:\program files (x86)\left 4 dead 2\left4dead2.exe (Gaming eXtreme)

FirewallRules: [UDP Query User{9F379A46-4638-44CC-B204-4DA3B6AA0D4D}C:\program files (x86)\left 4 dead 2\left4dead2.exe] => (Allow) C:\program files (x86)\left 4 dead 2\left4dead2.exe (Gaming eXtreme)

FirewallRules: [{C3164108-7C1B-435C-8874-56FA55291F2B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

FirewallRules: [{31514AA3-70BF-4A1F-A915-73F1C9DDDE5A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

FirewallRules: [TCP Query User{DE74FA70-1F71-494F-9109-26BB672C3BC9}C:\program files (x86)\techland\dying light\dyinglightgame.exe] => (Allow) C:\program files (x86)\techland\dying light\dyinglightgame.exe (Techland)

FirewallRules: [UDP Query User{6665B82C-7CDA-4C73-A24A-2DED4BDF5470}C:\program files (x86)\techland\dying light\dyinglightgame.exe] => (Allow) C:\program files (x86)\techland\dying light\dyinglightgame.exe (Techland)

FirewallRules: [{9CAD1FB1-D6D7-4C45-AD8F-29E6D1E10D46}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)

FirewallRules: [{57FAEA13-B17E-46A8-8EAA-BE5DCC86AC1D}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)

FirewallRules: [{28CF32C2-690F-416D-A025-0A17914AF483}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe (Tunngle.net GmbH)

FirewallRules: [{8CFD34C8-D700-4E30-A54A-2EC789C3226B}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe (Tunngle.net GmbH)

FirewallRules: [TCP Query User{719EC4BA-A7CD-4C55-B31E-01D12B741278}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Corporation)

FirewallRules: [UDP Query User{191EFF71-281A-4001-B51E-91B68EAD6886}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Corporation)

FirewallRules: [TCP Query User{4AB73CA9-4C00-4EE6-BDBE-D17FB940187F}C:\program files (x86)\droid4x\download\minithunderplatform.exe] => (Block) C:\program files (x86)\droid4x\download\minithunderplatform.exe (?????????????)

FirewallRules: [UDP Query User{B4C85E67-0082-45E3-9297-3BCD0523AB7A}C:\program files (x86)\droid4x\download\minithunderplatform.exe] => (Block) C:\program files (x86)\droid4x\download\minithunderplatform.exe (?????????????)

FirewallRules: [TCP Query User{06717E7D-0171-474F-8AE8-0CAE4131CFDA}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Corporation)

FirewallRules: [UDP Query User{5C1A3837-3AE1-460D-98D8-59F6FD0E1DC0}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Corporation)

FirewallRules: [{D6D9947E-ED1A-416D-9D73-128D4A951227}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)

FirewallRules: [{D9D098A2-2F37-4F24-93D3-B328C2D7A6B8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)

FirewallRules: [{77DF2652-D633-4993-A3A4-CBB3936A2585}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)

FirewallRules: [{B1CACFE2-BA98-47D5-AF30-E7758890FC00}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)

FirewallRules: [{467D491F-9D9E-4B26-A595-5B3C8675ECD0}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc.)

FirewallRules: [TCP Query User{96C004C7-C52C-4BCF-BF42-07B48C260B3C}C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Pty Ltd)

FirewallRules: [UDP Query User{A4693208-6A2A-4E3F-AC94-05E5C3E21C6F}C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Pty Ltd)

FirewallRules: [{B1C92095-4514-4278-9837-698A53517215}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

FirewallRules: [{307DBF25-C853-40C2-81DC-E4A70D2811A6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

FirewallRules: [TCP Query User{8205B348-AE25-4235-8268-9AC3EBC07AEF}C:\program files (x86)\electronic arts\crysis 3\bin32\crysis3.exe] => (Block) C:\program files (x86)\electronic arts\crysis 3\bin32\crysis3.exe (Crytek GmbH)

FirewallRules: [UDP Query User{A5879A18-8FE4-421E-B68D-6CCF21309073}C:\program files (x86)\electronic arts\crysis 3\bin32\crysis3.exe] => (Block) C:\program files (x86)\electronic arts\crysis 3\bin32\crysis3.exe (Crytek GmbH)

FirewallRules: [TCP Query User{F04CE1D3-A523-4015-9822-A8CA0E0C956D}C:\program files (x86)\rise of nations gold\nations.exe] => (Allow) C:\program files (x86)\rise of nations gold\nations.exe (Big Huge Games, Inc.)

FirewallRules: [UDP Query User{06CB8107-504B-44B0-AE41-D9F84C2D9D54}C:\program files (x86)\rise of nations gold\nations.exe] => (Allow) C:\program files (x86)\rise of nations gold\nations.exe (Big Huge Games, Inc.)

FirewallRules: [{4C5FD45B-3776-47FD-B032-8F7328DBC090}] => (Allow) C:\Program Files (x86)\Electronic Arts\La Batalla por la Tierra Media II\game.dat (Electronic Arts Inc.)

FirewallRules: [{5B3D0569-0C61-4E06-B684-B42821AD7F1B}] => (Allow) C:\Program Files (x86)\Electronic Arts\La Batalla por la Tierra Media II\game.dat (Electronic Arts Inc.)

FirewallRules: [TCP Query User{CA6B90C7-3B34-4B5E-8FB6-5D91A9E37EC5}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe (Valve)

FirewallRules: [UDP Query User{38CA5301-6B04-465A-8E8E-E93BC816D248}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe (Valve)

FirewallRules: [TCP Query User{5C10AEA4-E53D-40B7-B892-2A2BC0714C89}C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Pty Ltd)

FirewallRules: [UDP Query User{B5CDA72F-B8E0-4E02-9069-306F9E42DB5D}C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Pty Ltd)

FirewallRules: [{B7D02861-C1E1-478E-8C17-A0DF5E226651}] => (Allow) C:\Program Files (x86)\DolbyAxon\Axon.exe (Dolby Laboratories)

FirewallRules: [{89A2DF76-C853-4967-B8D4-F56A828CF893}] => (Allow) C:\Program Files (x86)\DolbyAxon\Axon.exe (Dolby Laboratories)

FirewallRules: [TCP Query User{39DB4F7A-B0D3-4F00-B18F-D7A887721ED1}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe (Valve)

FirewallRules: [UDP Query User{6A865B84-4BAC-4DE4-B8DD-B495966ABF68}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe (Valve)

FirewallRules: [TCP Query User{6BF26709-8AA8-49B3-A57F-FAD59BD6C18B}C:\program files (x86)\electronic arts\la batalla por la tierra media ii\game.dat] => (Allow) C:\program files (x86)\electronic arts\la batalla por la tierra media ii\game.dat (Electronic Arts Inc.)

FirewallRules: [UDP Query User{495D3E4D-EABA-4389-9509-65AC3AD69AFA}C:\program files (x86)\electronic arts\la batalla por la tierra media ii\game.dat] => (Allow) C:\program files (x86)\electronic arts\la batalla por la tierra media ii\game.dat (Electronic Arts Inc.)

FirewallRules: [{B3B22368-7368-4ADF-AF64-F93B0F692D0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation)

FirewallRules: [{80332C80-057B-4082-8894-CC7EBDB8E516}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation)

FirewallRules: [{D9E20EDC-8A69-4044-A459-3A98C428626F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)

FirewallRules: [{1904B0B6-E642-4B2A-97E4-C980C6FC1948}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)

FirewallRules: [{91CF3BB3-9062-4E5A-A762-7823ED43DC68}] => (Allow) C:\Program Files (x86)\Garena Plus\Room\garena_room.exe ()

FirewallRules: [{4FFF6424-C765-45F9-9C81-96CDBD606ADE}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)

FirewallRules: [{C3F4BDF6-6AB2-4DAA-A2DC-79FE478D790F}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)

FirewallRules: [{5265B5FF-539B-44BF-870A-E5A21A955BE7}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe (Tunngle.net GmbH)

FirewallRules: [{A3F9C7EC-4503-4A54-BA92-4140C1088BE4}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe (Tunngle.net GmbH)

FirewallRules: [{BD6D6224-8DB9-48E8-A197-B57CF23179F3}] => (Allow) LPort=11443

FirewallRules: [{97B8EDBF-AA7C-4F17-A8FA-51BC70F57A47}] => (Allow) LPort=11155

FirewallRules: [TCP Query User{A49BF97B-E159-4940-9D81-F56ADCD70215}C:\program files (x86)\ea games\command & conquer generals zero hour\game.dat] => (Allow) C:\program files (x86)\ea games\command & conquer generals zero hour\game.dat ()

FirewallRules: [UDP Query User{56FB3B9D-1237-4FA6-9D75-2ACB2B027441}C:\program files (x86)\ea games\command & conquer generals zero hour\game.dat] => (Allow) C:\program files (x86)\ea games\command & conquer generals zero hour\game.dat ()

FirewallRules: [TCP Query User{6847E3DF-4A38-4AB9-9EC1-DD3706B1178E}D:\archivos de programa\campcom\re5dx10.exe] => (Allow) D:\archivos de programa\campcom\re5dx10.exe (CAPCOM CO., LTD.)

FirewallRules: [UDP Query User{69F1DC82-9424-4653-9773-4FADEF5B096B}D:\archivos de programa\campcom\re5dx10.exe] => (Allow) D:\archivos de programa\campcom\re5dx10.exe (CAPCOM CO., LTD.)

FirewallRules: [TCP Query User{3ED1B3D8-211C-4570-AB72-EF2D380AFA7E}C:\program files (x86)\activision\dark reign\dkreign.exe] => (Allow) C:\program files (x86)\activision\dark reign\dkreign.exe ()

FirewallRules: [UDP Query User{2EC057C5-2B87-4289-9997-20B9B722BF86}C:\program files (x86)\activision\dark reign\dkreign.exe] => (Allow) C:\program files (x86)\activision\dark reign\dkreign.exe ()

FirewallRules: [TCP Query User{4EFAE423-A403-4EE7-BFAD-4E795C8025E3}C:\program files (x86)\activision\dark reign\dkreign.exe] => (Allow) C:\program files (x86)\activision\dark reign\dkreign.exe ()

FirewallRules: [UDP Query User{CD679F3C-2F4A-4B20-9BE9-D516C1046616}C:\program files (x86)\activision\dark reign\dkreign.exe] => (Allow) C:\program files (x86)\activision\dark reign\dkreign.exe ()

FirewallRules: [{82DB57D9-377E-4223-BE17-AB5C8673AD71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe (Microsoft)

FirewallRules: [{B43F5566-1337-4E55-9EA8-14E87D648235}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe (Microsoft)

FirewallRules: [TCP Query User{B259B950-10AA-4981-8844-3A3C90B92307}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe (Hirez Studios, Inc.)

FirewallRules: [UDP Query User{0704DE29-0542-4BCB-A1AC-B4EB5782150A}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe (Hirez Studios, Inc.)

FirewallRules: [{11ED5779-2328-41C3-986B-EAA98E597F16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe (Digital Extremes)

FirewallRules: [{28B02F69-B086-4383-97C5-B71077726F9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes)

FirewallRules: [{7DB84881-8289-4D51-92FF-9DB96DA408B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe (Digital Extremes)

FirewallRules: [{2C8BD6F7-7F14-4B13-9D96-527E79D5EB4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes)

FirewallRules: [{224D0870-968B-43C6-868A-BFC7D3A30D80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes)

FirewallRules: [{CF73F770-84E4-49C0-B8F3-12AC2621CF86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe ()

FirewallRules: [{9729BF82-64AD-4751-87BB-7D4D08D974AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe (Digital Extremes)

FirewallRules: [{666D008D-B176-41E7-AB5A-C9DBA153A6BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes)

FirewallRules: [{1A7E1FD4-8C7D-40EE-AA22-DD2418076802}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe (Digital Extremes)

FirewallRules: [{455A1D72-A2BA-4F28-BBA6-F8354956E47C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes)

FirewallRules: [{C1EDC967-735C-4A1D-A665-E327569AE182}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes)

FirewallRules: [{92CA7EAE-7545-4CF2-8377-D56D5C486AD1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe ()

FirewallRules: [TCP Query User{98DDD91A-5D29-4035-9A38-E1BA7E4B7F17}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games, Inc.)

FirewallRules: [UDP Query User{F6C865B1-86E9-4FE4-921B-8B8DC14AD72B}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games, Inc.)

FirewallRules: [TCP Query User{67B93D41-6AF4-48DE-A3FB-CF50264F2A36}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)

FirewallRules: [UDP Query User{A2F47298-B5C3-492B-97BE-08FF7860FEDF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)

FirewallRules: [TCP Query User{690025A4-A0D5-4CBD-9F6E-98A6DEADFD5D}C:\users\user\desktop\escritorio\age of empires\age2_x1.exe] => (Allow) C:\users\user\desktop\escritorio\age of empires\age2_x1.exe (Microsoft Corporation)

FirewallRules: [UDP Query User{874EB9B2-EB3B-40F1-890B-17FA4D9A5832}C:\users\user\desktop\escritorio\age of empires\age2_x1.exe] => (Allow) C:\users\user\desktop\escritorio\age of empires\age2_x1.exe (Microsoft Corporation)

FirewallRules: [TCP Query User{A6A23553-E018-43DD-9768-7D720416CAD1}C:\users\user\desktop\killingfloor sin serverperk\system\killingfloor.exe] => (Allow) C:\users\user\desktop\killingfloor sin serverperk\system\killingfloor.exe ()

FirewallRules: [UDP Query User{B3B20549-E70F-4C11-95B3-FA88D17DF3B1}C:\users\user\desktop\killingfloor sin serverperk\system\killingfloor.exe] => (Allow) C:\users\user\desktop\killingfloor sin serverperk\system\killingfloor.exe ()

FirewallRules: [TCP Query User{62713C21-3D64-4EAB-AFD3-666E5D9B959F}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe (Hirez Studios, Inc.)

FirewallRules: [UDP Query User{E8AB30E3-E82A-4A19-A275-57E9EADCF9CC}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe (Hirez Studios, Inc.)

FirewallRules: [{3383B89B-3EEA-4D55-A170-B76B2ECD300C}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe (Duodian Technology Co. Ltd.)

FirewallRules: [{DB7B4BDF-717C-486E-BDF7-E6D35679CE33}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe ()

FirewallRules: [{A553CCCA-D085-4D60-B660-BF521298B860}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe (BlueStack Systems, Inc.)

FirewallRules: [TCP Query User{42C43A89-D7DD-4B3C-B7C8-89786D4BA9E0}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.)

FirewallRules: [UDP Query User{25231153-6887-49F6-A3F0-4C9B6C9EB75C}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.)

FirewallRules: [{3AA5634D-308E-4703-95FB-ED10EED62F26}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)

FirewallRules: [{1B41A904-2765-4CCA-9320-4640C2C257AA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)

FirewallRules: [{0FAB7E5C-6198-454D-AD68-E534AB9B9C18}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)

FirewallRules: [{A84CA543-AE8D-4AF4-8C62-FC1C3ED72EB6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)

FirewallRules: [{4E9B3521-56E3-4756-A64C-68B21592E759}] => (Allow) %USERPROFILE%\Desktop\lol\lol.launcher.exe ()

FirewallRules: [{7FC0915E-06F0-4C9D-9541-6852823ACBB8}] => (Allow) %USERPROFILE%\Desktop\lol\lol.launcher.exe ()

FirewallRules: [TCP Query User{B5F0ACD2-3506-4E02-8D50-362DECCCDC2B}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.)

FirewallRules: [UDP Query User{D2A58F5D-DD74-4A64-A17F-95196F4F3A0A}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.)

FirewallRules: [{69BB6040-E4E4-4BBD-8686-B82C8A6ED989}] => (Allow) C:\Program Files (x86)\Command and Conquer 3 Tiberium Wars Complete Collection\Command and Conquer 3\RetailExe\1.9\cnc3game.dat (Electronic Arts Inc.)

FirewallRules: [TCP Query User{7E50173F-B16F-4BE8-9CAF-06B848AE007F}C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe ()

FirewallRules: [UDP Query User{B2C07DFF-55BF-409A-8CA3-71269D306BE4}C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe ()

FirewallRules: [TCP Query User{840A2567-881E-4152-A0EB-D4D0A24FDF25}C:\program files (x86)\steam\steamapps\common\steamcabal\launcher\launcher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\steamcabal\launcher\launcher.exe ()

FirewallRules: [UDP Query User{8B1A01BB-6A35-4349-AC02-664DB0CED062}C:\program files (x86)\steam\steamapps\common\steamcabal\launcher\launcher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\steamcabal\launcher\launcher.exe ()

FirewallRules: [TCP Query User{FCC1D8A0-0176-4D82-87A8-C83F3A114430}C:\users\user\appdata\local\championify\app-2.0.4\championify.exe] => (Allow) C:\users\user\appdata\local\championify\app-2.0.4\championify.exe (Dustin Blackman)

FirewallRules: [UDP Query User{78EC98CB-752D-4719-82AB-4081CD61BFF9}C:\users\user\appdata\local\championify\app-2.0.4\championify.exe] => (Allow) C:\users\user\appdata\local\championify\app-2.0.4\championify.exe (Dustin Blackman)

FirewallRules: [TCP Query User{1ADD9CF2-99D2-4384-98A6-43A72ED6C24B}C:\users\user\desktop\todo\left 4 dead\left4dead.exe] => (Allow) C:\users\user\desktop\todo\left 4 dead\left4dead.exe ()

FirewallRules: [UDP Query User{088B15B7-94ED-4F28-8934-3E9AB963CA98}C:\users\user\desktop\todo\left 4 dead\left4dead.exe] => (Allow) C:\users\user\desktop\todo\left 4 dead\left4dead.exe ()

FirewallRules: [TCP Query User{B77CAE20-9B53-49BC-BF68-A52D6C5BDE5B}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe (Oracle Corporation)

FirewallRules: [UDP Query User{E9E41EFE-157A-4705-8E19-84494B78CD7A}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe (Oracle Corporation)

FirewallRules: [TCP Query User{127027DC-5C8D-42FA-9465-01B18A30266E}C:\users\user\desktop\todo\series\copia del l4d1 sin el sourcemod\left 4 dead\left4dead -console -toggleconsole.exe] => (Allow) C:\users\user\desktop\todo\series\copia del l4d1 sin el sourcemod\left 4 dead\left4dead -console -toggleconsole.exe ()

FirewallRules: [UDP Query User{B87003C9-E118-4CAD-A27C-5A843BC8DD74}C:\users\user\desktop\todo\series\copia del l4d1 sin el sourcemod\left 4 dead\left4dead -console -toggleconsole.exe] => (Allow) C:\users\user\desktop\todo\series\copia del l4d1 sin el sourcemod\left 4 dead\left4dead -console -toggleconsole.exe ()

FirewallRules: [{8ABFFB84-D1A6-4C8E-A3AB-F5DDFDD54C8C}] => (Allow) C:\Program Files\MetaTrader 5\metatester64.exe (MetaQuotes Software Corp.)

FirewallRules: [{8B4F0A26-C359-40E4-857B-A531204BB71D}] => (Allow) C:\Users\User\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)

FirewallRules: [{90976CEC-6E4C-48F7-9A1F-3D7FBBF670E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)

FirewallRules: [{A78A6116-C070-4FA4-B06C-710756CDEA98}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)

FirewallRules: [{65DEAF7B-132B-47FA-BA73-FC18BB49758D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)

FirewallRules: [{5B03AC0D-2742-4A5D-8167-F718E9726985}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)

FirewallRules: [{FED06727-DE06-463C-8719-769A76F3F740}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)

FirewallRules: [{0493A8A1-498D-4A9C-9A37-612F855789E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)

FirewallRules: [TCP Query User{31C5954D-0953-4392-BAE3-2C258370179F}C:\program files (x86)\entropia universe\bin64\entropia.exe] => (Allow) C:\program files (x86)\entropia universe\bin64\entropia.exe ()

FirewallRules: [UDP Query User{94AE4278-B95E-447D-95D7-2166EE825430}C:\program files (x86)\entropia universe\bin64\entropia.exe] => (Allow) C:\program files (x86)\entropia universe\bin64\entropia.exe ()

FirewallRules: [TCP Query User{40E44BC4-9247-41BB-A52E-E807A65D768F}C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe ()

FirewallRules: [UDP Query User{B34DF9D6-A1F6-4A0E-B133-B3FB45E7ABDE}C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe ()

FirewallRules: [TCP Query User{13106551-0942-4421-947F-4E7EADBB6923}C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe ()

FirewallRules: [UDP Query User{1FE82EF7-8169-48C9-ACA2-7E5FC830E2D5}C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe ()

FirewallRules: [TCP Query User{8A88E5FE-2E78-444E-A642-C8E65F6BD9C0}C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe ()

FirewallRules: [UDP Query User{5000F367-84EE-48BA-8B2C-E0C78426F465}C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\lol\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe ()

FirewallRules: [{DC50B22B-D8BF-45F1-9F7F-D3BCFFA5BF50}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)

FirewallRules: [{0EC5F08E-A3B3-480F-A06F-4EE1211E6CA0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)

FirewallRules: [{87CC8D22-B82F-46C9-93AB-7FD99BD41818}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

FirewallRules: [TCP Query User{B6F5C9C0-6342-48DA-8A6E-F98D668DDA84}C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe ()

FirewallRules: [UDP Query User{069045E1-9540-4388-BC04-AF1AA065280C}C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe ()

FirewallRules: [{48E2CB12-22EF-4978-9610-82F3F3FE258E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Ltd)

FirewallRules: [{6B840637-B394-430C-A378-A6D61C604212}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Ltd)

FirewallRules: [TCP Query User{A58779C0-6473-4B55-B8A5-8B0513211191}C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe ()

FirewallRules: [UDP Query User{20E1380E-8BA3-4C2E-850C-EF6AEBC0CE2C}C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe ()

FirewallRules: [{9E54CF9D-780E-4D49-BD72-BB506C5DE201}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)

FirewallRules: [{9E7E705C-00BC-41DC-AA4B-340396C58E10}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)

FirewallRules: [{3B805D10-3D09-4091-85FF-D842688D41E4}] => (Allow) D:\Archivos de Programa\NFS Payback\NeedForSpeedPaybackTrial.exe (Electronic Arts)

FirewallRules: [{75D9C305-AD83-415F-9D07-3A59C24BDE71}] => (Allow) D:\Archivos de Programa\NFS Payback\NeedForSpeedPaybackTrial.exe (Electronic Arts)

FirewallRules: [{DFE97DC6-B5FA-42DC-85C6-9A6C80D5F6BD}] => (Allow) D:\Archivos de Programa\NFS Payback\NeedForSpeedPayback.exe (Electronic Arts)

FirewallRules: [{B8B1422A-C7E0-44F8-85B4-E7D1163C5410}] => (Allow) D:\Archivos de Programa\NFS Payback\NeedForSpeedPayback.exe (Electronic Arts)

FirewallRules: [TCP Query User{67124A13-1789-4D0C-805E-B209DE036FAC}C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe ()

FirewallRules: [UDP Query User{81FC070A-504E-4BF3-B768-5398D6C1DA23}C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe] => (Allow) C:\users\user\desktop\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe ()

==================== Restore Points =========================

Check "winmgmt" service or repair WMI.

==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.

==================== Event log errors: =========================

Application errors:

==================

Error: (01/25/2019 02:02:23 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nombre de la aplicación con errores: mbamservice.exe, versión: 3.2.0.704, marca de tiempo: 0x5b9acf90

Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.19110, marca de tiempo: 0x568429e5

Código de excepción: 0xc0000005

Desplazamiento de errores: 0x000000000004ac04

Id. del proceso con errores: 0x5cc

Hora de inicio de la aplicación con errores: 0x01d4b4cb1bdaee1c

Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe

Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll

Id. del informe: fb19a58b-20c2-11e9-a89d-74d43556f1f4

System errors:

=============

Error: (01/25/2019 02:05:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: El servicio NVIDIA Telemetry Container se cerró con el siguiente error:

Un ejecutable de comandos genéricos devolvió un resultado que indica un error.

Error: (01/25/2019 02:05:22 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:

Bnbase

Bndef

Bprotect

Error: (01/25/2019 02:05:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: El servicio NVIDIA Telemetry Container se cerró con el siguiente error:

Un ejecutable de comandos genéricos devolvió un resultado que indica un error.

Error: (01/25/2019 02:04:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Hi-Rez Studios Authenticate and Update Service.

Error: (01/25/2019 02:02:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: El servicio Malwarebytes Service no pudo iniciarse debido al siguiente error:

Ha terminado la canalización.

Error: (01/25/2019 02:02:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: El servicio Malwarebytes Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 5000 milisegundos: Reiniciar el servicio.

Error: (01/25/2019 02:02:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (01/25/2019 02:02:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

CodeIntegrity:

===================================

Date: 2015-10-06 12:58:29.354

Description:

Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\sXe Injected\ddsxei.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2015-10-06 12:58:29.314

Description:

Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\sXe Injected\ddsxei.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2015-09-29 18:52:34.343

Description:

Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\sXe Injected\ddsxei.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2015-09-29 18:52:34.303

Description:

Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\sXe Injected\ddsxei.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

==================== Memory info ===========================

Processor: AMD FX(tm)-8350 Eight-Core Processor

Percentage of memory in use: 15%

Total physical RAM: 16348.63 MB

Available physical RAM: 13860.3 MB

Total Virtual: 32695.46 MB

Available Virtual: 29938.19 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:976.46 GB) (Free:47.95 GB) NTFS

Drive d: () (Fixed) (Total:886.45 GB) (Free:453.98 GB) NTFS

Drive f: (NFS.Payback) (CDROM) (Total:27.55 GB) (Free:0 GB) CDFS

\\?\Volume{26f5efa5-1899-11e4-ac21-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 93A663B9)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=976.5 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=886.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Un saludo Lucas.


#9

Hola @Lucas_Brunetta, perdona el retraso en contestar pero NO me había llegado aviso de tu respuesta. :roll_eyes:

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Y ahora inicia tu equipo desde el :arrow_forward: Modo Seguro – con funciones de Red, de Windows

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [00asw] - {472083B0-C522-11CF-8763-00608CC02F24} = - No File
ContextMenuHandlers1: [UnLockerMenu] - {A6FF0E3A-8437-482C-8E04-4F9E15C57538} = - No File
Task: {23255BAB-6943-4A9D-A155-8CDBE2038FC9} - \CGN - No File <==== ATTENTION
Task: {27700DDD-D025-40FA-9E2D-41DCAB90479C} - System32\Tasks\{DE09D17B-43CE-4DB5-81B4-DB946900C8E8} = C:\Users\User\Desktop\lol.launcher.admin.exe
Task: {2860C992-92DE-4D9E-A4CB-E75AA5D71B20} - System32\Tasks\{15DDAC37-4421-43C4-8898-E16C7EC905DA} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\NetLimiter.Pro + Crack by ZeixGames\NetLimiter.Pro.v3.0.0.11.Final.Incl.Serial-DOA\nl3setup.exe" -d "C:\Users\User\Desktop\NetLimiter.Pro + Crack by ZeixGames\NetLimiter.Pro.v3.0.0.11.Final.Incl.Serial-DOA"
Task: {2CB60399-9C0B-4CEB-B330-CEB141219656} - System32\Tasks\{DB1463C0-98E9-4CD2-8CF1-10169A0BC204} = "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.40.0.104/es/go/help.faq.installer?LastError=1603
Task: {42F181CE-4A2A-4B9F-858D-313C847F75A2} - System32\Tasks\{E303D852-6CD1-4123-9612-2298EF0F1201} = C:\Users\User\Desktop\Age of Empires II\age2_x1\age2_x1.exe
Task: {43BD4099-386B-48CB-83C5-F5FA4B91F52C} - System32\Tasks\{22A4202A-218C-40E7-8911-F0B9D95F3F65} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE
Task: {53DD5F1A-7722-4C5A-84C0-FCD12EB2751D} - System32\Tasks\{BB7394AE-42C9-4837-91AC-D5E37B9D9C8F} = C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE
Task: {608CDBDB-62CA-4193-8C15-97A88F0E38F7} - System32\Tasks\{A1521378-FD08-42DC-B3E8-60A407AA3D61} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE
Task: {62C7F1B4-A5AF-4562-91B7-F834D8F7B27A} - System32\Tasks\{C2C2AB1A-8E37-4293-A55B-0C92698D0FE1} = C:\Windows\system32\pcalua.exe -a "D:\Archivos de Programa\Electronic Arts\La Batalla por la Tierra Media II\extra_uninst.exe" -d "D:\Archivos de Programa\Electronic Arts\La Batalla por la Tierra Media II"
Task: {684A64C7-2864-4FDD-8B80-6CF5DBBB50FF} - System32\Tasks\{0C647C7C-9D90-47C7-8991-80684F708098} = C:\Users\User\Desktop\lol.launcher.admin.exe
Task: {6A132511-0D45-4AEE-98A7-D84C42F1F324} - System32\Tasks\{7A8D9BBF-65BC-4EBE-93E4-F585491A4089} = C:\Users\User\Desktop\Age of Empires II\age2_x1\age2_x1.exe
Task: {6E7E9E94-E8D6-47F4-A9A4-C2D6005067ED} - System32\Tasks\{C4DF1F81-48E6-4702-8D16-42FA90F0D69F} = C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE
Task: {6FEC5104-49BC-4A4A-9276-28DF209F0965} - System32\Tasks\{CBF17FE6-6449-4174-ACD9-6872818A6985} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\TODO\001CS\cs16full_vprimetime.exe -d C:\Users\User\Desktop\TODO\001CS
Task: {869C6040-C48F-4906-ACC9-046835F05004} - System32\Tasks\{64A464BF-395E-4982-AF30-2F77C02DE80C} = C:\Program Files (x86)\Droid4X\Droid4X.exe [2016-02-03] ()
Task: {89A1BB60-19C1-4975-8E96-28BC70BF34E8} - System32\Tasks\{CB7759DF-25F7-43DE-8237-2D6DE19E0483} = C:\Program Files (x86)\Nox\bin\Nox.exe [2018-02-12] (Duodian Technology Co. Ltd.)
Task: {8AE476BF-C3E8-4B00-93E1-E97100A79F08} - System32\Tasks\{78AC6297-DB29-430B-A4CD-4227B7AE99B5} = C:\Users\User\Desktop\age of empires\AGE2_X1.EXE
Task: {97BE40CE-989E-4F96-B427-FF866A41E906} - System32\Tasks\{BAC6C9A5-E3AF-45FB-84B4-4B19C2788FCE} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Downloads\UdieToo.exe -d C:\Users\User\Downloads
Task: {A16463B3-9253-4825-B028-3AEAD78092EB} - System32\Tasks\{220FCD14-C560-4B5F-AA08-A5C7F560CCC3} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\WC3Setup_wc3\WC3 Setup\WC3 Setup.exe" -d "C:\Users\User\Desktop\WC3Setup_wc3\WC3 Setup"
Task: {B7B9483E-EF53-4663-9FC4-AD7CB42F9E08} - System32\Tasks\Avast Software\Overseer = C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-22] (AVAST Software)
Task: {B9EB1849-20B7-42C3-90CF-7B7DE19633A1} - System32\Tasks\{826057AF-69D4-4D52-9F67-FDFF824125DA} = C:\Program Files (x86)\EA Games\Command and Conquer Generals\generals.exe [2003-02-15] ()
Task: {BD924637-0497-47B5-958A-C8CD095830D6} - System32\Tasks\{A84F0D04-404B-4F87-B437-499FE90DB621} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE -d C:\Users\User\Desktop\Conquerors
Task: {C3DF8CB6-491F-4217-B401-D930573BA7AF} - System32\Tasks\{9A8580AD-6123-41DC-84C8-48D050120C18} = C:\Windows\system32\pcalua.exe -a C:\Users\User\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe -c /uninstall
Task: {CB107FCD-1A4C-44FC-8BED-55E55ADFAE34} - System32\Tasks\{F7B22FD6-F487-4CA9-93E3-720D2F9E4120} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE
Task: {CBA748B0-2945-467B-B865-98B750711657} - System32\Tasks\{B096B678-60BD-43D1-832E-BFA638450CA8} = C:\Users\User\Desktop\Counter-Strike 1.6\hl.exe
Task: {CD55B1A8-16D6-4DE1-BE59-F4A87F9C37E9} - System32\Tasks\{60491E74-E748-4F9D-815F-C74977720FCD} = C:\Users\User\Desktop\Valve\hl.exe
Task: {D7897A18-37D4-4887-BDAF-10BECA202F01} - System32\Tasks\{53D8F08C-5419-4E1C-9CBD-D2E0023F263C} = C:\Users\User\Desktop\age\AGE2_X1.EXE
Task: {E7069BF4-D921-4419-B9BA-6A13A8C3D908} - System32\Tasks\{454FCEFD-3FE1-421D-9E90-1467034F19E8} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\age of empires\AOCSETUP.EXE" -d "C:\Users\User\Desktop\age of empires"
Task: {E9A14DF7-7F37-449A-B949-92EDF26903BB} - System32\Tasks\{9DA9751A-7DA0-4276-B67A-E3C20D81088A} = C:\Program Files (x86)\Electronic Arts\La Batalla por la Tierra Media II\lotrbfme2.exe [2006-01-26] ()
Task: {EB904BB8-D785-4C09-A81D-C6EF7DC46897} - System32\Tasks\{849BFDEC-A19E-4596-9FFF-0550736879B5} = D:\Counter-Strike 1.6Lucas\hl.exe
Task: {F996E00E-42C1-4AAC-A862-07803F3C4CB4} - System32\Tasks\CCleanerSkipUAC = C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd)
Task: {FD48FA52-2E09-4916-9A7B-0A378A40B317} - System32\Tasks\{A1B02E15-4B3E-4FB8-B8F0-20603798C5B5} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\cs16full_by_clanco.exe -d C:\Users\User\Desktop
AlternateDataStreams: C:\Users\Public\AppData:CSM [476]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]
HKLM-x32\...\Run: [] = [X]
HKLM-x32\...\Run: [AvastUI.exe] = "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {007fa624-4291-11e5-a872-74d43556f1f4} - 0
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {0832b0fd-65cc-11e6-903a-74d43556f1f4} - H:\AutoRun.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {4401db5f-19b6-11e4-a6a5-74d43556f1f4} - G:\setup.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {495dde5d-72b8-11e6-a500-74d43556f1f4} - setup.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {963ab058-76ca-11e5-80b3-74d43556f1f4} - F:\Startme.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {b678dfd2-dc77-11e6-aae1-74d43556f1f4} - E:\LGAutoRun.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {da84eacf-83fa-11e4-baee-74d43556f1f4} - H:\setup.exe
HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {da84ead2-83fa-11e4-baee-74d43556f1f4} - 0
GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird = not found
FF Plugin: @microsoft.com/GENUINE - disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE - disabled [No File]
FF Plugin-x32: @t.garena.com/garenatalk - C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12400 2017-05-03] (Macrovision Europe Ltd) [File not signed]
S1 Bnbase; System32\drivers\bnbasex64.sys [X]
S1 Bndef; \??\C:\Windows\System32\drivers\bndef64.sys [X]
S1 Bprotect; \??\C:\Windows\System32\drivers\Bprotect.sys [X]
S3 cpuz138; \??\C:\Users\User\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2019-01-25 14:02 - 2016-01-29 13:58 - 000000000 ____D C:\ProgramData\IObit
2016-03-13 20:23 - 2016-03-13 22:56 - 000002661 _____ () C:\Users\User\AppData\Roaming\droid4xinstaller.log
2017-01-24 05:29 - 2017-01-24 05:29 - 000044988 _____ () C:\Users\User\AppData\Roaming\ICSW_0I1G0P1C1F1O1L2ZtJ1V0A0V0A0S0T.txt
2014-08-26 16:37 - 2014-10-16 21:21 - 000000781 _____ () C:\Users\User\AppData\Roaming\MPQEditor.ini
2015-06-14 15:14 - 2017-04-12 00:00 - 000045270 _____ () C:\Users\User\AppData\Roaming\room_v3.dat
2016-08-06 18:18 - 2016-09-05 00:21 - 000000176 _____ () C:\Users\User\AppData\Roaming\WB.CFG
2015-11-21 17:14 - 2015-11-21 17:14 - 000000001 _____ () C:\Users\User\AppData\Local\llftool.4.25.agreement
2018-07-03 23:46 - 2018-11-24 03:53 - 000000522 _____ () C:\Users\User\AppData\Local\Nox_crash.log
2014-08-03 23:07 - 2019-01-25 04:20 - 000007613 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
2019-01-21 16:06 - 2019-01-25 04:24 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-01-25 14:03 - 2017-11-11 05:29 - 000000000 ____D C:\ProgramData\AVAST Software
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.


#10
Fix result of Farbar Recovery Scan Tool (x64) Version: 30.01.2019

Ran by User (01-02-2019 23:44:05) Run:1

Running from C:\Users\User\Desktop\Desinfectar la pc

Loaded Profiles: User & (Available Profiles: User)

Boot Mode: Safe Mode (with Networking)

==============================================

fixlist content:

*****************

START

CREATERESTOREPOINT:

CLOSEPROCESSES:

ShellIconOverlayIdentifiers: [00asw] - {472083B0-C522-11CF-8763-00608CC02F24} = - No File

ContextMenuHandlers1: [UnLockerMenu] - {A6FF0E3A-8437-482C-8E04-4F9E15C57538} = - No File

Task: {23255BAB-6943-4A9D-A155-8CDBE2038FC9} - \CGN - No File <==== ATTENTION

Task: {27700DDD-D025-40FA-9E2D-41DCAB90479C} - System32\Tasks\{DE09D17B-43CE-4DB5-81B4-DB946900C8E8} = C:\Users\User\Desktop\lol.launcher.admin.exe

Task: {2860C992-92DE-4D9E-A4CB-E75AA5D71B20} - System32\Tasks\{15DDAC37-4421-43C4-8898-E16C7EC905DA} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\NetLimiter.Pro + Crack by ZeixGames\NetLimiter.Pro.v3.0.0.11.Final.Incl.Serial-DOA\nl3setup.exe" -d "C:\Users\User\Desktop\NetLimiter.Pro + Crack by ZeixGames\NetLimiter.Pro.v3.0.0.11.Final.Incl.Serial-DOA"

Task: {2CB60399-9C0B-4CEB-B330-CEB141219656} - System32\Tasks\{DB1463C0-98E9-4CD2-8CF1-10169A0BC204} = "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.40.0.104/es/go/help.faq.installer?LastError=1603

Task: {42F181CE-4A2A-4B9F-858D-313C847F75A2} - System32\Tasks\{E303D852-6CD1-4123-9612-2298EF0F1201} = C:\Users\User\Desktop\Age of Empires II\age2_x1\age2_x1.exe

Task: {43BD4099-386B-48CB-83C5-F5FA4B91F52C} - System32\Tasks\{22A4202A-218C-40E7-8911-F0B9D95F3F65} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE

Task: {53DD5F1A-7722-4C5A-84C0-FCD12EB2751D} - System32\Tasks\{BB7394AE-42C9-4837-91AC-D5E37B9D9C8F} = C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE

Task: {608CDBDB-62CA-4193-8C15-97A88F0E38F7} - System32\Tasks\{A1521378-FD08-42DC-B3E8-60A407AA3D61} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE

Task: {62C7F1B4-A5AF-4562-91B7-F834D8F7B27A} - System32\Tasks\{C2C2AB1A-8E37-4293-A55B-0C92698D0FE1} = C:\Windows\system32\pcalua.exe -a "D:\Archivos de Programa\Electronic Arts\La Batalla por la Tierra Media II\extra_uninst.exe" -d "D:\Archivos de Programa\Electronic Arts\La Batalla por la Tierra Media II"

Task: {684A64C7-2864-4FDD-8B80-6CF5DBBB50FF} - System32\Tasks\{0C647C7C-9D90-47C7-8991-80684F708098} = C:\Users\User\Desktop\lol.launcher.admin.exe

Task: {6A132511-0D45-4AEE-98A7-D84C42F1F324} - System32\Tasks\{7A8D9BBF-65BC-4EBE-93E4-F585491A4089} = C:\Users\User\Desktop\Age of Empires II\age2_x1\age2_x1.exe

Task: {6E7E9E94-E8D6-47F4-A9A4-C2D6005067ED} - System32\Tasks\{C4DF1F81-48E6-4702-8D16-42FA90F0D69F} = C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE

Task: {6FEC5104-49BC-4A4A-9276-28DF209F0965} - System32\Tasks\{CBF17FE6-6449-4174-ACD9-6872818A6985} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\TODO\001CS\cs16full_vprimetime.exe -d C:\Users\User\Desktop\TODO\001CS

Task: {869C6040-C48F-4906-ACC9-046835F05004} - System32\Tasks\{64A464BF-395E-4982-AF30-2F77C02DE80C} = C:\Program Files (x86)\Droid4X\Droid4X.exe [2016-02-03] ()

Task: {89A1BB60-19C1-4975-8E96-28BC70BF34E8} - System32\Tasks\{CB7759DF-25F7-43DE-8237-2D6DE19E0483} = C:\Program Files (x86)\Nox\bin\Nox.exe [2018-02-12] (Duodian Technology Co. Ltd.)

Task: {8AE476BF-C3E8-4B00-93E1-E97100A79F08} - System32\Tasks\{78AC6297-DB29-430B-A4CD-4227B7AE99B5} = C:\Users\User\Desktop\age of empires\AGE2_X1.EXE

Task: {97BE40CE-989E-4F96-B427-FF866A41E906} - System32\Tasks\{BAC6C9A5-E3AF-45FB-84B4-4B19C2788FCE} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Downloads\UdieToo.exe -d C:\Users\User\Downloads

Task: {A16463B3-9253-4825-B028-3AEAD78092EB} - System32\Tasks\{220FCD14-C560-4B5F-AA08-A5C7F560CCC3} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\WC3Setup_wc3\WC3 Setup\WC3 Setup.exe" -d "C:\Users\User\Desktop\WC3Setup_wc3\WC3 Setup"

Task: {B7B9483E-EF53-4663-9FC4-AD7CB42F9E08} - System32\Tasks\Avast Software\Overseer = C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-22] (AVAST Software)

Task: {B9EB1849-20B7-42C3-90CF-7B7DE19633A1} - System32\Tasks\{826057AF-69D4-4D52-9F67-FDFF824125DA} = C:\Program Files (x86)\EA Games\Command and Conquer Generals\generals.exe [2003-02-15] ()

Task: {BD924637-0497-47B5-958A-C8CD095830D6} - System32\Tasks\{A84F0D04-404B-4F87-B437-499FE90DB621} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE -d C:\Users\User\Desktop\Conquerors

Task: {C3DF8CB6-491F-4217-B401-D930573BA7AF} - System32\Tasks\{9A8580AD-6123-41DC-84C8-48D050120C18} = C:\Windows\system32\pcalua.exe -a C:\Users\User\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe -c /uninstall

Task: {CB107FCD-1A4C-44FC-8BED-55E55ADFAE34} - System32\Tasks\{F7B22FD6-F487-4CA9-93E3-720D2F9E4120} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE

Task: {CBA748B0-2945-467B-B865-98B750711657} - System32\Tasks\{B096B678-60BD-43D1-832E-BFA638450CA8} = C:\Users\User\Desktop\Counter-Strike 1.6\hl.exe

Task: {CD55B1A8-16D6-4DE1-BE59-F4A87F9C37E9} - System32\Tasks\{60491E74-E748-4F9D-815F-C74977720FCD} = C:\Users\User\Desktop\Valve\hl.exe

Task: {D7897A18-37D4-4887-BDAF-10BECA202F01} - System32\Tasks\{53D8F08C-5419-4E1C-9CBD-D2E0023F263C} = C:\Users\User\Desktop\age\AGE2_X1.EXE

Task: {E7069BF4-D921-4419-B9BA-6A13A8C3D908} - System32\Tasks\{454FCEFD-3FE1-421D-9E90-1467034F19E8} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\age of empires\AOCSETUP.EXE" -d "C:\Users\User\Desktop\age of empires"

Task: {E9A14DF7-7F37-449A-B949-92EDF26903BB} - System32\Tasks\{9DA9751A-7DA0-4276-B67A-E3C20D81088A} = C:\Program Files (x86)\Electronic Arts\La Batalla por la Tierra Media II\lotrbfme2.exe [2006-01-26] ()

Task: {EB904BB8-D785-4C09-A81D-C6EF7DC46897} - System32\Tasks\{849BFDEC-A19E-4596-9FFF-0550736879B5} = D:\Counter-Strike 1.6Lucas\hl.exe

Task: {F996E00E-42C1-4AAC-A862-07803F3C4CB4} - System32\Tasks\CCleanerSkipUAC = C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd)

Task: {FD48FA52-2E09-4916-9A7B-0A378A40B317} - System32\Tasks\{A1B02E15-4B3E-4FB8-B8F0-20603798C5B5} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\cs16full_by_clanco.exe -d C:\Users\User\Desktop

AlternateDataStreams: C:\Users\Public\AppData:CSM [476]

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]

HKLM-x32\...\Run: [] = [X]

HKLM-x32\...\Run: [AvastUI.exe] = "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: F - F:\setup.exe

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: G - G:\setup.exe

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {007fa624-4291-11e5-a872-74d43556f1f4} - 0

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {0832b0fd-65cc-11e6-903a-74d43556f1f4} - H:\AutoRun.exe

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {4401db5f-19b6-11e4-a6a5-74d43556f1f4} - G:\setup.exe

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {495dde5d-72b8-11e6-a500-74d43556f1f4} - setup.exe

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {963ab058-76ca-11e5-80b3-74d43556f1f4} - F:\Startme.exe

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {b678dfd2-dc77-11e6-aae1-74d43556f1f4} - E:\LGAutoRun.exe

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {da84eacf-83fa-11e4-baee-74d43556f1f4} - H:\setup.exe

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\MountPoints2: {da84ead2-83fa-11e4-baee-74d43556f1f4} - 0

GroupPolicy: Restriction ? <==== ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird = not found

FF Plugin: @microsoft.com/GENUINE - disabled [No File]

FF Plugin-x32: @microsoft.com/GENUINE - disabled [No File]

FF Plugin-x32: @t.garena.com/garenatalk - C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]

S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)

S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12400 2017-05-03] (Macrovision Europe Ltd) [File not signed]

S1 Bnbase; System32\drivers\bnbasex64.sys [X]

S1 Bndef; \??\C:\Windows\System32\drivers\bndef64.sys [X]

S1 Bprotect; \??\C:\Windows\System32\drivers\Bprotect.sys [X]

S3 cpuz138; \??\C:\Users\User\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION

S3 gdrv; \??\C:\Windows\gdrv.sys [X]

S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]

S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]

S3 tsusbhub; system32\drivers\tsusbhub.sys [X]

S3 VGPU; System32\drivers\rdvgkmd.sys [X]

S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

2019-01-25 14:02 - 2016-01-29 13:58 - 000000000 ____D C:\ProgramData\IObit

2016-03-13 20:23 - 2016-03-13 22:56 - 000002661 _____ () C:\Users\User\AppData\Roaming\droid4xinstaller.log

2017-01-24 05:29 - 2017-01-24 05:29 - 000044988 _____ () C:\Users\User\AppData\Roaming\ICSW_0I1G0P1C1F1O1L2ZtJ1V0A0V0A0S0T.txt

2014-08-26 16:37 - 2014-10-16 21:21 - 000000781 _____ () C:\Users\User\AppData\Roaming\MPQEditor.ini

2015-06-14 15:14 - 2017-04-12 00:00 - 000045270 _____ () C:\Users\User\AppData\Roaming\room_v3.dat

2016-08-06 18:18 - 2016-09-05 00:21 - 000000176 _____ () C:\Users\User\AppData\Roaming\WB.CFG

2015-11-21 17:14 - 2015-11-21 17:14 - 000000001 _____ () C:\Users\User\AppData\Local\llftool.4.25.agreement

2018-07-03 23:46 - 2018-11-24 03:53 - 000000522 _____ () C:\Users\User\AppData\Local\Nox_crash.log

2014-08-03 23:07 - 2019-01-25 04:20 - 000007613 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg

2019-01-21 16:06 - 2019-01-25 04:24 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software

2019-01-25 14:03 - 2017-11-11 05:29 - 000000000 ____D C:\ProgramData\AVAST Software

HOSTS:

REMOVEPROXY:

EMPTYTEMP:

CMD: netsh winsock reset

CMD: ipconfig /renew

CMD: ipconfig /flushdns

CMD: bitsadmin /reset /allusers

CMD: netsh advfirewall reset

CMD: netsh advfirewall set allprofiles state ON

CMD: netsh int ipv4 reset

CMD: netsh int ipv6 reset

END

*****************

Error: Restore point can only be created in normal mode.

Processes closed successfully.

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers: [00asw] - {472083B0-C522-11CF-8763-00608CC02F24} = - No File => not found

HKLM\Software\Classes\CLSID\ShellIconOverlayIdentifiers: [00asw] - {472083B0-C522-11CF-8763-00608CC02F24} = - No File => not found

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ContextMenuHandlers1: [UnLockerMenu] - {A6FF0E3A-8437-482C-8E04-4F9E15C57538} = - No File => not found

HKLM\Software\Classes\CLSID\ContextMenuHandlers1: [UnLockerMenu] - {A6FF0E3A-8437-482C-8E04-4F9E15C57538} = - No File => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23255BAB-6943-4A9D-A155-8CDBE2038FC9}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23255BAB-6943-4A9D-A155-8CDBE2038FC9}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{27700DDD-D025-40FA-9E2D-41DCAB90479C}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27700DDD-D025-40FA-9E2D-41DCAB90479C}" => removed successfully

"C:\Windows\System32\Tasks\{DE09D17B-43CE-4DB5-81B4-DB946900C8E8} = C:\Users\User\Desktop\lol.launcher.admin.exe" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DE09D17B-43CE-4DB5-81B4-DB946900C8E8} = C:\Users\User\Desktop\lol.launcher.admin.exe" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2860C992-92DE-4D9E-A4CB-E75AA5D71B20}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2860C992-92DE-4D9E-A4CB-E75AA5D71B20}" => removed successfully

"C:\Windows\System32\Tasks\{15DDAC37-4421-43C4-8898-E16C7EC905DA} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\NetLimiter.Pro + Crack by ZeixGames\NetLimiter.Pro.v3.0.0.11.Final.Incl.Serial-DOA\nl3setup.exe" -d "C:\Users\User\Desktop\NetLimiter.Pro + Crack by ZeixGames\NetLimiter.Pro.v3.0.0.11.Final.Incl.Serial-DOA"" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{15DDAC37-4421-43C4-8898-E16C7EC905DA} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\NetLimiter.Pro + Crack by ZeixGames\NetLimiter.Pro.v3.0.0.11.Final.Incl.Serial-DOA\nl3setup.exe" -d "C:\Users\User\Desktop\NetLimiter.Pro + Crack by ZeixGames\NetLimiter.Pro.v3.0.0.11.Final.Incl.Serial-DOA"" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2CB60399-9C0B-4CEB-B330-CEB141219656}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CB60399-9C0B-4CEB-B330-CEB141219656}" => removed successfully

"C:\Windows\System32\Tasks\{DB1463C0-98E9-4CD2-8CF1-10169A0BC204} = "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.40.0.104/es/go/help.faq.installer?LastError=1603" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DB1463C0-98E9-4CD2-8CF1-10169A0BC204} = "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.40.0.104/es/go/help.faq.installer?LastError=1603" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{42F181CE-4A2A-4B9F-858D-313C847F75A2}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42F181CE-4A2A-4B9F-858D-313C847F75A2}" => removed successfully

"C:\Windows\System32\Tasks\{E303D852-6CD1-4123-9612-2298EF0F1201} = C:\Users\User\Desktop\Age of Empires II\age2_x1\age2_x1.exe" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E303D852-6CD1-4123-9612-2298EF0F1201} = C:\Users\User\Desktop\Age of Empires II\age2_x1\age2_x1.exe" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{43BD4099-386B-48CB-83C5-F5FA4B91F52C}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43BD4099-386B-48CB-83C5-F5FA4B91F52C}" => removed successfully

"C:\Windows\System32\Tasks\{22A4202A-218C-40E7-8911-F0B9D95F3F65} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{22A4202A-218C-40E7-8911-F0B9D95F3F65} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{53DD5F1A-7722-4C5A-84C0-FCD12EB2751D}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53DD5F1A-7722-4C5A-84C0-FCD12EB2751D}" => removed successfully

"C:\Windows\System32\Tasks\{BB7394AE-42C9-4837-91AC-D5E37B9D9C8F} = C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BB7394AE-42C9-4837-91AC-D5E37B9D9C8F} = C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{608CDBDB-62CA-4193-8C15-97A88F0E38F7}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{608CDBDB-62CA-4193-8C15-97A88F0E38F7}" => removed successfully

"C:\Windows\System32\Tasks\{A1521378-FD08-42DC-B3E8-60A407AA3D61} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A1521378-FD08-42DC-B3E8-60A407AA3D61} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62C7F1B4-A5AF-4562-91B7-F834D8F7B27A}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62C7F1B4-A5AF-4562-91B7-F834D8F7B27A}" => removed successfully

"C:\Windows\System32\Tasks\{C2C2AB1A-8E37-4293-A55B-0C92698D0FE1} = C:\Windows\system32\pcalua.exe -a "D:\Archivos de Programa\Electronic Arts\La Batalla por la Tierra Media II\extra_uninst.exe" -d "D:\Archivos de Programa\Electronic Arts\La Batalla por la Tierra Media II"" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C2C2AB1A-8E37-4293-A55B-0C92698D0FE1} = C:\Windows\system32\pcalua.exe -a "D:\Archivos de Programa\Electronic Arts\La Batalla por la Tierra Media II\extra_uninst.exe" -d "D:\Archivos de Programa\Electronic Arts\La Batalla por la Tierra Media II"" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{684A64C7-2864-4FDD-8B80-6CF5DBBB50FF}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{684A64C7-2864-4FDD-8B80-6CF5DBBB50FF}" => removed successfully

"C:\Windows\System32\Tasks\{0C647C7C-9D90-47C7-8991-80684F708098} = C:\Users\User\Desktop\lol.launcher.admin.exe" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0C647C7C-9D90-47C7-8991-80684F708098} = C:\Users\User\Desktop\lol.launcher.admin.exe" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A132511-0D45-4AEE-98A7-D84C42F1F324}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A132511-0D45-4AEE-98A7-D84C42F1F324}" => removed successfully

"C:\Windows\System32\Tasks\{7A8D9BBF-65BC-4EBE-93E4-F585491A4089} = C:\Users\User\Desktop\Age of Empires II\age2_x1\age2_x1.exe" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7A8D9BBF-65BC-4EBE-93E4-F585491A4089} = C:\Users\User\Desktop\Age of Empires II\age2_x1\age2_x1.exe" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E7E9E94-E8D6-47F4-A9A4-C2D6005067ED}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E7E9E94-E8D6-47F4-A9A4-C2D6005067ED}" => removed successfully

"C:\Windows\System32\Tasks\{C4DF1F81-48E6-4702-8D16-42FA90F0D69F} = C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C4DF1F81-48E6-4702-8D16-42FA90F0D69F} = C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6FEC5104-49BC-4A4A-9276-28DF209F0965}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6FEC5104-49BC-4A4A-9276-28DF209F0965}" => removed successfully

"C:\Windows\System32\Tasks\{CBF17FE6-6449-4174-ACD9-6872818A6985} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\TODO\001CS\cs16full_vprimetime.exe -d C:\Users\User\Desktop\TODO\001CS" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CBF17FE6-6449-4174-ACD9-6872818A6985} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\TODO\001CS\cs16full_vprimetime.exe -d C:\Users\User\Desktop\TODO\001CS" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{869C6040-C48F-4906-ACC9-046835F05004}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{869C6040-C48F-4906-ACC9-046835F05004}" => removed successfully

"C:\Windows\System32\Tasks\{64A464BF-395E-4982-AF30-2F77C02DE80C} = C:\Program Files (x86)\Droid4X\Droid4X.exe [2016-02-03] ()" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{64A464BF-395E-4982-AF30-2F77C02DE80C} = C:\Program Files (x86)\Droid4X\Droid4X.exe [2016-02-03] ()" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89A1BB60-19C1-4975-8E96-28BC70BF34E8}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89A1BB60-19C1-4975-8E96-28BC70BF34E8}" => removed successfully

"C:\Windows\System32\Tasks\{CB7759DF-25F7-43DE-8237-2D6DE19E0483} = C:\Program Files (x86)\Nox\bin\Nox.exe [2018-02-12] (Duodian Technology Co. Ltd.)" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CB7759DF-25F7-43DE-8237-2D6DE19E0483} = C:\Program Files (x86)\Nox\bin\Nox.exe [2018-02-12] (Duodian Technology Co. Ltd.)" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8AE476BF-C3E8-4B00-93E1-E97100A79F08}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8AE476BF-C3E8-4B00-93E1-E97100A79F08}" => removed successfully

"C:\Windows\System32\Tasks\{78AC6297-DB29-430B-A4CD-4227B7AE99B5} = C:\Users\User\Desktop\age of empires\AGE2_X1.EXE" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{78AC6297-DB29-430B-A4CD-4227B7AE99B5} = C:\Users\User\Desktop\age of empires\AGE2_X1.EXE" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{97BE40CE-989E-4F96-B427-FF866A41E906}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97BE40CE-989E-4F96-B427-FF866A41E906}" => removed successfully

"C:\Windows\System32\Tasks\{BAC6C9A5-E3AF-45FB-84B4-4B19C2788FCE} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Downloads\UdieToo.exe -d C:\Users\User\Downloads" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BAC6C9A5-E3AF-45FB-84B4-4B19C2788FCE} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Downloads\UdieToo.exe -d C:\Users\User\Downloads" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A16463B3-9253-4825-B028-3AEAD78092EB}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A16463B3-9253-4825-B028-3AEAD78092EB}" => removed successfully

"C:\Windows\System32\Tasks\{220FCD14-C560-4B5F-AA08-A5C7F560CCC3} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\WC3Setup_wc3\WC3 Setup\WC3 Setup.exe" -d "C:\Users\User\Desktop\WC3Setup_wc3\WC3 Setup"" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{220FCD14-C560-4B5F-AA08-A5C7F560CCC3} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\WC3Setup_wc3\WC3 Setup\WC3 Setup.exe" -d "C:\Users\User\Desktop\WC3Setup_wc3\WC3 Setup"" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{B7B9483E-EF53-4663-9FC4-AD7CB42F9E08}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7B9483E-EF53-4663-9FC4-AD7CB42F9E08}" => removed successfully

"C:\Windows\System32\Tasks\Avast Software\Overseer = C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-22] (AVAST Software)" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer = C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-22] (AVAST Software)" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9EB1849-20B7-42C3-90CF-7B7DE19633A1}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9EB1849-20B7-42C3-90CF-7B7DE19633A1}" => removed successfully

"C:\Windows\System32\Tasks\{826057AF-69D4-4D52-9F67-FDFF824125DA} = C:\Program Files (x86)\EA Games\Command and Conquer Generals\generals.exe [2003-02-15] ()" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{826057AF-69D4-4D52-9F67-FDFF824125DA} = C:\Program Files (x86)\EA Games\Command and Conquer Generals\generals.exe [2003-02-15] ()" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD924637-0497-47B5-958A-C8CD095830D6}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD924637-0497-47B5-958A-C8CD095830D6}" => removed successfully

"C:\Windows\System32\Tasks\{A84F0D04-404B-4F87-B437-499FE90DB621} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE -d C:\Users\User\Desktop\Conquerors" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A84F0D04-404B-4F87-B437-499FE90DB621} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\Conquerors\AOCSETUP.EXE -d C:\Users\User\Desktop\Conquerors" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3DF8CB6-491F-4217-B401-D930573BA7AF}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3DF8CB6-491F-4217-B401-D930573BA7AF}" => removed successfully

"C:\Windows\System32\Tasks\{9A8580AD-6123-41DC-84C8-48D050120C18} = C:\Windows\system32\pcalua.exe -a C:\Users\User\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe -c /uninstall" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9A8580AD-6123-41DC-84C8-48D050120C18} = C:\Windows\system32\pcalua.exe -a C:\Users\User\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe -c /uninstall" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB107FCD-1A4C-44FC-8BED-55E55ADFAE34}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB107FCD-1A4C-44FC-8BED-55E55ADFAE34}" => removed successfully

"C:\Windows\System32\Tasks\{F7B22FD6-F487-4CA9-93E3-720D2F9E4120} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F7B22FD6-F487-4CA9-93E3-720D2F9E4120} = C:\Users\User\Desktop\Age of Empires II\AGE2_X1.EXE" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBA748B0-2945-467B-B865-98B750711657}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBA748B0-2945-467B-B865-98B750711657}" => removed successfully

"C:\Windows\System32\Tasks\{B096B678-60BD-43D1-832E-BFA638450CA8} = C:\Users\User\Desktop\Counter-Strike 1.6\hl.exe" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B096B678-60BD-43D1-832E-BFA638450CA8} = C:\Users\User\Desktop\Counter-Strike 1.6\hl.exe" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CD55B1A8-16D6-4DE1-BE59-F4A87F9C37E9}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD55B1A8-16D6-4DE1-BE59-F4A87F9C37E9}" => removed successfully

"C:\Windows\System32\Tasks\{60491E74-E748-4F9D-815F-C74977720FCD} = C:\Users\User\Desktop\Valve\hl.exe" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{60491E74-E748-4F9D-815F-C74977720FCD} = C:\Users\User\Desktop\Valve\hl.exe" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D7897A18-37D4-4887-BDAF-10BECA202F01}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7897A18-37D4-4887-BDAF-10BECA202F01}" => removed successfully

"C:\Windows\System32\Tasks\{53D8F08C-5419-4E1C-9CBD-D2E0023F263C} = C:\Users\User\Desktop\age\AGE2_X1.EXE" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{53D8F08C-5419-4E1C-9CBD-D2E0023F263C} = C:\Users\User\Desktop\age\AGE2_X1.EXE" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E7069BF4-D921-4419-B9BA-6A13A8C3D908}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7069BF4-D921-4419-B9BA-6A13A8C3D908}" => removed successfully

"C:\Windows\System32\Tasks\{454FCEFD-3FE1-421D-9E90-1467034F19E8} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\age of empires\AOCSETUP.EXE" -d "C:\Users\User\Desktop\age of empires"" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{454FCEFD-3FE1-421D-9E90-1467034F19E8} = C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\age of empires\AOCSETUP.EXE" -d "C:\Users\User\Desktop\age of empires"" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E9A14DF7-7F37-449A-B949-92EDF26903BB}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9A14DF7-7F37-449A-B949-92EDF26903BB}" => removed successfully

"C:\Windows\System32\Tasks\{9DA9751A-7DA0-4276-B67A-E3C20D81088A} = C:\Program Files (x86)\Electronic Arts\La Batalla por la Tierra Media II\lotrbfme2.exe [2006-01-26] ()" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9DA9751A-7DA0-4276-B67A-E3C20D81088A} = C:\Program Files (x86)\Electronic Arts\La Batalla por la Tierra Media II\lotrbfme2.exe [2006-01-26] ()" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB904BB8-D785-4C09-A81D-C6EF7DC46897}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB904BB8-D785-4C09-A81D-C6EF7DC46897}" => removed successfully

"C:\Windows\System32\Tasks\{849BFDEC-A19E-4596-9FFF-0550736879B5} = D:\Counter-Strike 1.6Lucas\hl.exe" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{849BFDEC-A19E-4596-9FFF-0550736879B5} = D:\Counter-Strike 1.6Lucas\hl.exe" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F996E00E-42C1-4AAC-A862-07803F3C4CB4}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F996E00E-42C1-4AAC-A862-07803F3C4CB4}" => removed successfully

"C:\Windows\System32\Tasks\CCleanerSkipUAC = C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd)" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC = C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd)" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD48FA52-2E09-4916-9A7B-0A378A40B317}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD48FA52-2E09-4916-9A7B-0A378A40B317}" => removed successfully

"C:\Windows\System32\Tasks\{A1B02E15-4B3E-4FB8-B8F0-20603798C5B5} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\cs16full_by_clanco.exe -d C:\Users\User\Desktop" => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A1B02E15-4B3E-4FB8-B8F0-20603798C5B5} = C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\cs16full_by_clanco.exe -d C:\Users\User\Desktop" => not found

C:\Users\Public\AppData => ":CSM" ADS removed successfully

C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HKLM-x32\...\Run: [] = [X]" => not found

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HKLM-x32\...\Run: [AvastUI.exe] = "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui" => not found

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F => removed successfully

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G => removed successfully

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{007fa624-4291-11e5-a872-74d43556f1f4} => removed successfully

HKLM\Software\Classes\CLSID\{007fa624-4291-11e5-a872-74d43556f1f4} => not found

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0832b0fd-65cc-11e6-903a-74d43556f1f4} => removed successfully

HKLM\Software\Classes\CLSID\{0832b0fd-65cc-11e6-903a-74d43556f1f4} => not found

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4401db5f-19b6-11e4-a6a5-74d43556f1f4} => removed successfully

HKLM\Software\Classes\CLSID\{4401db5f-19b6-11e4-a6a5-74d43556f1f4} => not found

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{495dde5d-72b8-11e6-a500-74d43556f1f4} => removed successfully

HKLM\Software\Classes\CLSID\{495dde5d-72b8-11e6-a500-74d43556f1f4} => not found

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{963ab058-76ca-11e5-80b3-74d43556f1f4} => removed successfully

HKLM\Software\Classes\CLSID\{963ab058-76ca-11e5-80b3-74d43556f1f4} => not found

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b678dfd2-dc77-11e6-aae1-74d43556f1f4} => removed successfully

HKLM\Software\Classes\CLSID\{b678dfd2-dc77-11e6-aae1-74d43556f1f4} => not found

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{da84eacf-83fa-11e4-baee-74d43556f1f4} => removed successfully

HKLM\Software\Classes\CLSID\{da84eacf-83fa-11e4-baee-74d43556f1f4} => not found

HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{da84ead2-83fa-11e4-baee-74d43556f1f4} => removed successfully

HKLM\Software\Classes\CLSID\{da84ead2-83fa-11e4-baee-74d43556f1f4} => not found

C:\Windows\system32\GroupPolicy\Machine => moved successfully

C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully

C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully

HKLM\SOFTWARE\Policies\Google => removed successfully

"HKLM\Software\Mozilla\Thunderbird\Extensions\\[email protected]" => removed successfully

HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled [No File] => not found

HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled [No File] => not found

"HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @t.garena.com/garenatalk - C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]" => not found

HKLM\System\CurrentControlSet\Services\LiveUpdateSvc => removed successfully

LiveUpdateSvc => service removed successfully

HKLM\System\CurrentControlSet\Services\secdrv => removed successfully

secdrv => service removed successfully

HKLM\System\CurrentControlSet\Services\Bnbase => removed successfully

Bnbase => service removed successfully

HKLM\System\CurrentControlSet\Services\Bndef => removed successfully

Bndef => service removed successfully

HKLM\System\CurrentControlSet\Services\Bprotect => removed successfully

Bprotect => service removed successfully

HKLM\System\CurrentControlSet\Services\cpuz138 => removed successfully

cpuz138 => service removed successfully

HKLM\System\CurrentControlSet\Services\gdrv => removed successfully

gdrv => service removed successfully

HKLM\System\CurrentControlSet\Services\GGSAFERDriver => removed successfully

GGSAFERDriver => service removed successfully

HKLM\System\CurrentControlSet\Services\Synth3dVsc => removed successfully

Synth3dVsc => service removed successfully

HKLM\System\CurrentControlSet\Services\tsusbhub => removed successfully

tsusbhub => service removed successfully

HKLM\System\CurrentControlSet\Services\VGPU => removed successfully

VGPU => service removed successfully

HKLM\System\CurrentControlSet\Services\xhunter1 => removed successfully

xhunter1 => service removed successfully

C:\ProgramData\IObit => moved successfully

C:\Users\User\AppData\Roaming\droid4xinstaller.log => moved successfully

C:\Users\User\AppData\Roaming\ICSW_0I1G0P1C1F1O1L2ZtJ1V0A0V0A0S0T.txt => moved successfully

C:\Users\User\AppData\Roaming\MPQEditor.ini => moved successfully

C:\Users\User\AppData\Roaming\room_v3.dat => moved successfully

C:\Users\User\AppData\Roaming\WB.CFG => moved successfully

C:\Users\User\AppData\Local\llftool.4.25.agreement => moved successfully

C:\Users\User\AppData\Local\Nox_crash.log => moved successfully

C:\Users\User\AppData\Local\Resmon.ResmonCfg => moved successfully

C:\Windows\System32\Tasks\Avast Software => moved successfully

C:\ProgramData\AVAST Software => moved successfully

C:\Windows\System32\Drivers\etc\hosts => moved successfully

Hosts restored successfully.

========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully

"HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully

"HKU\S-1-5-21-101217576-2858605893-2529171766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully

"HKU\S-1-5-21-101217576-2858605893-2529171766-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02012019234015133\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully

"HKU\S-1-5-21-101217576-2858605893-2529171766-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02012019234015133\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully

========= End of RemoveProxy: =========

========= netsh winsock reset =========

El cat logo Winsock se restableci¢ correctamente.

Debe reiniciar el equipo para completar el restablecimiento.

========= End of CMD: =========

========= ipconfig /renew =========

Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de rea local 9 mientras los medios

est‚n desconectados.

No se puede realizar ninguna operaci¢n en Conexi¢n de rea local 6 mientras los medios

est‚n desconectados.

Adaptador de Ethernet Conexi¢n de rea local 9:

Estado de los medios. . . . . . . . . . . : medios desconectados

Sufijo DNS espec¡fico para la conexi¢n. . :

Adaptador de Ethernet Conexi¢n de rea local 6:

Estado de los medios. . . . . . . . . . . : medios desconectados

Sufijo DNS espec¡fico para la conexi¢n. . :

Adaptador de Ethernet Conexi¢n de rea local:

Sufijo DNS espec¡fico para la conexi¢n. . :

V¡nculo: direcci¢n IPv6 local. . . : fe80::6d7c:1667:acda:d3dc%10

Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.102

M scara de subred . . . . . . . . . . . . : 255.255.255.0

Puerta de enlace predeterminada . . . . . : 192.168.0.1

Adaptador de t£nel isatap.{AA79CC30-6F8E-4E23-9E0D-A6196DEA0CDE}:

Estado de los medios. . . . . . . . . . . : medios desconectados

Sufijo DNS espec¡fico para la conexi¢n. . :

Adaptador de t£nel Teredo Tunneling Pseudo-Interface:

Estado de los medios. . . . . . . . . . . : medios desconectados

Sufijo DNS espec¡fico para la conexi¢n. . :

========= End of CMD: =========

========= ipconfig /flushdns =========

Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========

========= bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.5.7601 ]

BITS administration utility.

(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.

Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= End of CMD: =========

========= netsh advfirewall reset =========

Aceptar

========= End of CMD: =========

========= netsh advfirewall set allprofiles state ON =========

Aceptar

========= End of CMD: =========

========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.

Interfaz se restableci¢ correctamente.

Direcci¢n de unidifusi¢n se restableci¢ correctamente.

Ruta se restableci¢ correctamente.

Subinterfaz se restableci¢ correctamente.

Reinicie el equipo para completar esta acci¢n.

========= End of CMD: =========

========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.

Direcci¢n de unidifusi¢n se restableci¢ correctamente.

Ruta se restableci¢ correctamente.

Reinicie el equipo para completar esta acci¢n.

========= End of CMD: =========

=========== EmptyTemp: ==========

BITS transfer queue => 0 B

DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15497143 B

Java, Flash, Steam htmlcache => 249379383 B

Windows/system/drivers => 49506 B

Edge => 0 B

Chrome => 319855554 B

Firefox => 25304692 B

Opera => 0 B

Temp, IE cache, history, cookies, recent:

Users => 0 B

Default => 0 B

Public => 0 B

ProgramData => 0 B

systemprofile => 33186 B

systemprofile32 => 740008 B

LocalService => 33326 B

NetworkService => 33058 B

User => 147390837 B

RecycleBin => 332969 B

EmptyTemp: => 723.5 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 23:44:54 ====

#11

Al fin puede realizarlo, aparentemente con respecto al problema del internet a tenido resultado porque le realize un test y me muestra realmente lo que llega lo compare con otro dispositivo, cosa que antes no hacia siempre me mostraba poquito y la misma cantidad como si estuviera mini pillada. Pero ahora se ve bien. Gracias por la ayuda y por tu tiempo!


#12

Perfecto :+1: excelente, nos alegra ver que ya está el problema inicial completamente arreglado, ahora solo queda eliminar las herramientas usadas.

Para hacerlo descarga :arrow_forward: DelFix.exe en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador -).

  • Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.


Para cualquier otro problema, no dudes en volver a postear., ya sabes dónde estamos. :+1:

Tema Solucionado.

Saludos, Javier.


cerrado #13