Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2019 02 Ran by User (19-10-2019 01:38:33) Running from C:\Users\User\Downloads Windows 7 Ultimate Service Pack 1 (X64) (2014-07-31 11:03:16) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-101217576-2858605893-2529171766-500 - Administrator - Disabled) HomeGroupUser$ (S-1-5-21-101217576-2858605893-2529171766-1018 - Limited - Enabled) Invitado (S-1-5-21-101217576-2858605893-2529171766-501 - Limited - Disabled) User (S-1-5-21-101217576-2858605893-2529171766-1000 - Administrator - Enabled) => C:\Users\User ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Actualización de NVIDIA 35.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 35.0.0.0 - NVIDIA Corporation) Hidden Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated) Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.14 - Adobe Systems) Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.270 - Adobe) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.270 - Adobe) Age of Mythology + The Titans (HKLM-x32\...\Age of Mythology + The Titans Expansion_is1) (Version: - ) AMX Mod X Installer 1.8.1 (HKLM-x32\...\AMX Mod X Installer) (Version: 1.8.1 - AMX Mod X Dev Team) Apple Application Support (32 bits) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach) Bandicam (HKLM-x32\...\Bandicam) (Version: 4.4.2.1550 - Bandicam.com) Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB) Battlezone 98 Redux (HKLM-x32\...\Battlezone 98 Redux_is1) (Version: - ) BCL easyConverter SDK 5 Word (HKLM\...\{F0CBBA19-423B-4E3B-AA92-B58B5070A8D0}) (Version: 5.0.157 - BCL Technologies) Binance version 1.0.0 (HKLM-x32\...\{F7C9C013-C42C-440F-979C-46BA1F534351}_is1) (Version: 1.0.0 - Binance) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.) Call of Duty Modern Warfare 2 (HKLM-x32\...\Call of Duty Modern Warfare 2_is1) (Version: - Activision) CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform) Championify (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\Championify) (Version: 2.1.5 - Dustin Blackman) Command & Conquer Generals (HKLM-x32\...\{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts) Hidden Command & Conquer Generals (HKLM-x32\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts) Command & Conquer™ Red Alert™ 3 (HKLM-x32\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.0.1.0 - Electronic Arts) Command and Conquer 3 Tiberium Wars Complete Collection versión 1.02 (HKLM-x32\...\{01BB7046-6217-4225-BFA8-A5E5DB2B0977}_is1) (Version: 1.02 - Electronic Arts) Command and ConquerTM Generals Zero Hour (HKLM-x32\...\{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts) Hidden Command and ConquerTM Generals Zero Hour (HKLM-x32\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts) Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) Counter-Strike 1.6 (HKLM-x32\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - ) CPUID HWMonitor 1.32 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.32 - ) Crysis 3 version 1.0 (HKLM-x32\...\{646928DD-48C1-461C-AF2D-4BC15CB44A5A}_is1) (Version: 1.0 - Electronic Arts) DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd) Diablo Gold Repack (HKLM-x32\...\Diablo Gold Repack) (Version: - ) Discord (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\Discord) (Version: 0.0.305 - Discord Inc.) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.17 - NVIDIA Corporation) Hidden Dolby Axon - 1.5.1.1 (HKLM-x32\...\{17936630-5344-4F18-9970-616129E2A114}_is1) (Version: 1.5.1.1 - Dolby Laboratories) Droid4X (HKLM-x32\...\Droid4X) (Version: 0.9.0 - Haiyu Dongxiang Co.,Ltd.) Dying Light (HKLM-x32\...\Dying Light_is1) (Version: - ) Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden El Señor de los Anillos® - La Conquista™ (HKLM-x32\...\{628C3D50-F524-4C49-A958-672CE7953756}) (Version: 1.0.0.1 - Electronic Arts) Entropia Universe (HKLM-x32\...\Entropia Universe) (Version: 15.19.0.156378 - MindArk PE AB) Epic Games Launcher (HKLM-x32\...\{16639F01-568E-450C-B4EF-4878543EC172}) (Version: 1.1.125.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FBS Trader 4 (HKLM-x32\...\FBS Trader 4) (Version: 4.00 - MetaQuotes Software Corp.) Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line) Game Summary (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\Overwolf_nafihghfcpikebhfhdhljejkcifgbdahdhngepfb) (Version: 126.0.5 - Overwolf app) GameRanger (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\GameRanger) (Version: - GameRanger Technologies) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.120 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden GoPro App (HKLM-x32\...\{D0B85070-C2A8-4B3B-981B-D0D7229AA614}) (Version: 5.7.544 - GoPro, Inc.) Hidden GoPro Studio 2.5.7 (HKLM-x32\...\{6cc291a1-549a-455c-bc7d-ec03aaf8f6b9}) (Version: 2.5.7.544 - GoPro, Inc.) Hard Disk Low Level Format Tool 4.25 (HKLM-x32\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU) Hero Editor V1.04 (HKLM-x32\...\ST6UNST #1) (Version: - ) Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.91 - Riot Games, Inc.) HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.1.6.3 - Hi-Rez Studios) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) HP Deskjet 2510 series Estudio para la mejora del producto (HKLM\...\{D9C3A88D-5B0F-4FC3-8A7C-96B4E9AB1ADC}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Deskjet 2510 series Setup Guide (HKLM-x32\...\{216C7F38-4BBC-4E9A-8392-C9FA21B54386}) (Version: 27.0.0 - Hewlett Packard) HP Deskjet 2510 series Software básico del dispositivo (HKLM\...\{A8F738FC-F8E7-4581-8929-F22136401377}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line) iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.) Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Juego Prototype(TM) (HKLM-x32\...\InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}) (Version: 1.0 - Activision) La Batalla por la Tierra Media™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - ) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Left 4 Dead 2 Standalone Patch™ (HKLM-x32\...\L4D2SP) (Version: 9.5 - Gaming eXtreme) LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.9.33 - www.leaguereplays.com) LoLwiz (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\Overwolf_dmpfhbhjknfmncjinjaikncjjnklcplnodamiimn) (Version: 4.6.3 - Overwolf app) Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes) Microsoft .NET Framework 4.6.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.6.01590 - Microsoft Corporation) Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE (HKLM-x32\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}) (Version: 2.0.687.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 (HKLM-x32\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.21.27702 (HKLM-x32\...\{f4220b74-9edd-4ded-bc8b-0342c1e164d8}) (Version: 14.21.27702.2 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.26.02.03 - Huawei Technologies Co.,Ltd) Mouse Controller version 1.10.0.0 (HKLM-x32\...\{558409e4-71ad-4b5f-9db7-15e987d0e3aa}_is1) (Version: 1.10.0.0 - MuGiRi Software Development) Mozilla Firefox 61.0.1 (x64 es-AR) (HKLM\...\Mozilla Firefox 61.0.1 (x64 es-AR)) (Version: 61.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 61.0.1.6759 - Mozilla) MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios) Need for Speed™ Most Wanted (HKLM-x32\...\{ADE91A13-434D-4229-00BC-182BAD607303}) (Version: - ) Need for Speed™ Payback (HKLM-x32\...\{F4CF3D08-565C-40B7-B351-D3033DE2172B}) (Version: 1.0.51.15364 - Electronic Arts) Nero 7.10.1.0 (HKLM-x32\...\Nero7_is1) (Version: 7.10.1.0 - Nero AG) NetLimiter 4 (HKLM\...\{C2475E06-0F70-4CDC-906E-DC48F716A376}) (Version: 4.0.30.0 - Locktime Software) Hidden NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.30.0) (Version: 4.0.30.0 - Locktime Software) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.13 - NVIDIA Corporation) Hidden NVIDIA Controlador de 3D Vision 419.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 419.17 - NVIDIA Corporation) NVIDIA Controlador de audio HD 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation) NVIDIA Controlador de gráficos 419.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 419.17 - NVIDIA Corporation) NVIDIA Controlador de la controladora 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation) NVIDIA Software del sistema PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 19.0.3 - OBS Project) Oracle VM VirtualBox 4.3.12_ZZZZ (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation) Outfox (HKLM\...\{D6F22242-0EDB-4505-B1E9-DF536EB7D477}) (Version: 1.6.0 - Golden Frog, GmbH) Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Overwolf (HKLM-x32\...\Overwolf) (Version: 0.125.0.27 - Overwolf Ltd.) Panel de control de NVIDIA 419.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.17 - NVIDIA Corporation) Hidden Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation) PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2211.0 - CyberLink Corporation) Prototype(TM) (HKLM-x32\...\{9322A850-9091-4D0E-B252-3E82EDA3D94A}) (Version: 1.0 - Activision) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) Python 3.7.2 (32-bit) (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\{0f40e78b-67e1-4e0c-a2fd-e9325d9dfc82}) (Version: 3.7.2150.0 - Python Software Foundation) Python 3.7.2 Add to Path (32-bit) (HKLM-x32\...\{A0253733-D4C4-4964-AB97-C5C80FCD580F}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Core Interpreter (32-bit) (HKLM-x32\...\{3A09B849-4D48-41AA-9461-112E6CEC405D}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Development Libraries (32-bit) (HKLM-x32\...\{A14E7090-5888-460B-9003-1C3DA5AD3D35}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Documentation (32-bit) (HKLM-x32\...\{D2FA452F-4742-4805-BEB1-AC81ED48F4A8}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Executables (32-bit) (HKLM-x32\...\{D6FF50CC-E41E-4FFB-B7B9-72D71BF00C55}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 pip Bootstrap (32-bit) (HKLM-x32\...\{0D2B3674-3B1E-4281-B5FD-37D700602129}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Standard Library (32-bit) (HKLM-x32\...\{667226B8-23CA-47C1-A070-D3B85E8C9292}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Tcl/Tk Support (32-bit) (HKLM-x32\...\{34AD493A-01AA-4D6A-9229-BF0406F22D14}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Test Suite (32-bit) (HKLM-x32\...\{F0B6A6E9-C7E1-4730-A29D-71C02B800028}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Utility Scripts (32-bit) (HKLM-x32\...\{06CE3F8B-A658-462C-AD3D-FA7142297E97}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden qlub.gg (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\Overwolf_bekkfkjdkbginihlkpegcpomdeonddjhgbhgaaeh) (Version: 0.9.5.1040 - Overwolf app) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) RESIDENT EVIL 5 (HKLM-x32\...\{AC08BBA0-96B9-431A-A7D0-D8598E493775}) (Version: 1.0.0.129 - CAPCOM CO., LTD.) Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden RMVB Converter 1.8 (HKLM-x32\...\{C3BDF1C8-66EF-4A0F-B427-A99E39706F45}_is1) (Version: - RMVB Codec) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Seven Kingdoms (HKLM-x32\...\Seven Kingdoms) (Version: - ) Sony PC Companion 2.10.235 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.235 - Sony) StarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.4.2.20141 - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - ) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1250 - SUPERAntiSpyware.com) TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.3 - TeamSpeak Systems GmbH) TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.1548 - TeamViewer) Telegram Desktop version 1.8.15 (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.8.15 - Telegram FZ-LLC) TL-WN822N/TL-WN821N Driver (HKLM-x32\...\{62FE0726-9652-4CD2-9F09-C769D8699C21}) (Version: 1.0.0 - TP-LINK) TP-LINK TL-WN8200ND Controlador (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK) Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{DAFCD7DE-1531-4483-9F53-170766074E85}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft) VFW_Codec32 (HKLM-x32\...\{D935F8D7-8B51-4C56-8BF6-3C35CBADCF39}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden VFW_Codec64 (HKLM\...\{188A81E4-B0F0-4B0F-9627-1C1FE192EA58}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows Driver Package - BigNox Corporation YSDrv System (01/20/2017 4.3.12) (HKLM\...\1FF524CF3E58304F349D809470EC4A689914A4D5) (Version: 01/20/2017 4.3.12 - BigNox Corporation) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) Wondershare Filmora9(Build 9.1.5) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software) Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare) Wordfast Pro (HKLM\...\{AA79D061-3D10-4482-9609-6BC6F75FD04A}) (Version: 5.10.0 - Wordfast LLC) Hidden Wordfast Pro (HKLM\...\Wordfast Pro 5.10.0) (Version: 5.10.0 - Wordfast LLC) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-05-17] (Notepad++ -> ) ContextMenuHandlers1: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} => -> No File ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [File not signed] ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-05-22] () [File not signed] ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [File not signed] ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-05-22] () [File not signed] ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [File not signed] ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-05-22] () [File not signed] ==================== Codecs (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\system32\CFHD.dll [1355264 2015-09-22] (CineForm Inc.) [File not signed] HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2018-09-25] (Beepa P/L) [File not signed] HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed] HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\SysWOW64\CFHD.dll [1138688 2015-09-22] (CineForm Inc.) [File not signed] HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-13] (Microsoft Windows -> Intel Corporation) HKLM\...\Drivers32: [msacm.iac2] => C:\Windows\SysWOW64\iac25_32.ax [197632 2009-07-13] (Microsoft Windows -> Intel Corporation) HKLM\...\Drivers32: [VIDC.IV41] => C:\Windows\SysWOW64\IR41_32.AX [839680 2009-07-13] (Microsoft Windows -> Intel Corporation) HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2018-09-25] (Beepa P/L) [File not signed] HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> ) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\User\Desktop\Games\Dark Reign.lnk -> C:\Program Files (x86)\Activision\Dark Reign\Dark Reign W7.bat () Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk ShortcutWithArgument: C:\Users\User\Desktop\Todo luckygames\Cacatua - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 119" ShortcutWithArgument: C:\Users\User\Desktop\Todo luckygames\NightElf - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 26" ShortcutWithArgument: C:\Users\User\Desktop\MEGA ESCRITORIO NIVEL DIOS\CacaDeCamello - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 121" ShortcutWithArgument: C:\Users\User\Desktop\MEGA ESCRITORIO NIVEL DIOS\Persona 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default" ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b739e5c93ca27df0\Optica - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 79" ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6c4e6cd5a0fae580\LecheEntera - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 108" ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\495da1bfff1f1192\ElTriste - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 118" ==================== Loaded Modules (Whitelisted) ============== 2019-07-23 14:26 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll 2019-07-23 14:26 - 2017-09-12 10:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll 2014-07-31 08:19 - 2006-12-11 02:14 - 000043008 _____ () [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll 2018-08-14 13:07 - 2018-08-14 13:07 - 000169472 _____ () [File not signed] C:\Program Files\Outfox\libuv.dll 2018-08-14 13:07 - 2018-08-14 13:07 - 000168960 _____ () [File not signed] C:\Program Files\Outfox\websockets.dll 2018-08-14 13:07 - 2018-08-14 13:07 - 000022528 _____ () [File not signed] C:\Program Files\Outfox\WinDivert.dll 2019-10-04 01:26 - 2019-10-04 01:26 - 000153088 _____ () [File not signed] C:\Users\User\Desktop\Riot Games\Riot Client\libuv.dll 2019-10-04 01:26 - 2019-10-04 01:26 - 000092160 _____ () [File not signed] C:\Users\User\Desktop\Riot Games\Riot Client\yaml.dll 2019-10-04 01:26 - 2019-10-04 01:26 - 000106496 _____ () [File not signed] C:\Users\User\Desktop\Riot Games\Riot Client\zlib.dll 2012-09-23 20:44 - 2012-09-23 20:44 - 000010240 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp 2018-08-14 13:16 - 2018-08-14 13:16 - 001830400 _____ (Golden Frog, GmbH) [File not signed] C:\Program Files\Outfox\GamingCoreLib.dll 2018-08-14 13:17 - 2018-08-14 13:17 - 000359424 _____ (Golden Frog, GmbH) [File not signed] C:\Program Files\Outfox\OutfoxWindows.dll 2018-08-14 13:16 - 2018-08-14 13:16 - 000295424 _____ (Golden Frog, GmbH) [File not signed] C:\Program Files\Outfox\RedirectLibrary.dll 2019-10-04 01:26 - 2019-10-04 01:26 - 000122880 _____ (hxxps://nghttp2.org/) [File not signed] C:\Users\User\Desktop\Riot Games\Riot Client\libnghttp2.dll 2018-08-14 13:07 - 2018-08-14 13:07 - 000073728 _____ (The c-ares library, hxxps://c-ares.haxx.se/) [File not signed] C:\Program Files\Outfox\cares.dll 2018-08-14 13:07 - 2018-08-14 13:07 - 000359936 _____ (The cURL library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\Outfox\libcurl.dll 2019-10-04 01:26 - 2019-10-04 01:26 - 000334336 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Users\User\Desktop\Riot Games\Riot Client\libcurl.dll 2018-08-14 13:07 - 2018-08-14 13:07 - 002265088 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Outfox\LIBEAY32.dll 2018-08-14 13:07 - 2018-08-14 13:07 - 000383488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Outfox\SSLEAY32.dll 2019-10-04 01:26 - 2019-10-04 01:26 - 002551296 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\User\Desktop\Riot Games\Riot Client\libcrypto-1_1.dll 2019-10-04 01:26 - 2019-10-04 01:26 - 000530432 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\User\Desktop\Riot Games\Riot Client\libssl-1_1.dll 2019-07-23 14:26 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll 2019-10-04 01:26 - 2019-10-04 01:26 - 000386560 _____ (Yann Collet, Facebook, Inc.) [File not signed] C:\Users\User\Desktop\Riot Games\Riot Client\libzstd.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows:CM_19eafbed2e5c22a84b131f38305ac75313a8de243df0836e0998844693ddf628 [74] AlternateDataStreams: C:\Windows:CM_599e40e338059b7c8201d84b6a6f021a4177c11e44d72cdd6d7af9f4fe138d3a [74] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [488] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\84623655.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\84623655.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\sony.com -> sony.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\100sexlinks.com -> 100sexlinks.com There are 4788 more sites. ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 23:34 - 2019-02-01 23:44 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts 2016-03-24 04:24 - 2019-10-19 00:29 - 000000435 _____ C:\Windows\system32\drivers\etc\hosts.ics 192.168.0.104 User-PC.mshome.net # 2024 10 4 17 3 29 54 905 ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Windows\system32;C:\Windows;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common HKU\S-1-5-21-101217576-2858605893-2529171766-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 200.114.96.10 - 200.114.96.11 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. MSCONFIG\Services: AIPS => 2 MSCONFIG\Services: Apple Mobile Device Service => 2 MSCONFIG\Services: BEService => 3 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: BstHdAndroidSvc => 3 MSCONFIG\Services: BstHdLogRotatorSvc => 2 MSCONFIG\Services: BstHdUpdaterSvc => 2 MSCONFIG\Services: Droid4XService => 2 MSCONFIG\Services: EasyAntiCheat => 3 MSCONFIG\Services: HiPatchService => 2 MSCONFIG\Services: HPSupportSolutionsFrameworkService => 3 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: LiveUpdateSvc => 2 MSCONFIG\Services: Mobile Broadband HL Service => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: nlsvc => 2 MSCONFIG\Services: Outfox => 2 MSCONFIG\Services: OverwolfUpdater => 3 MSCONFIG\Services: rpcapd => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: Sony PC Companion => 3 MSCONFIG\Services: ss_conn_service => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: TeamViewer => 2 MSCONFIG\Services: TunngleService => 3 MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Chrome.exe => C:\Windows\pss\Chrome.exe.Startup MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: BingSvc => C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: Chromium => "c:\users\user\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun MSCONFIG\startupreg: Discord => C:\Users\User\AppData\Local\Discord\app-0.0.298\Discord.exe MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup MSCONFIG\startupreg: EpicGamesLauncher => "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent MSCONFIG\startupreg: GarenaPlus => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch MSCONFIG\startupreg: GoPro Studio Importer => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe" MSCONFIG\startupreg: MinerGateGui => C:\Program Files\MinerGate\minergate.exe --auto MSCONFIG\startupreg: NetLimiter => "C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe" /minimized MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background MSCONFIG\startupreg: Spotify => "C:\Users\User\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\User\AppData\Roaming\Spotify\SpotifyWebHelper.exe" MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" MSCONFIG\startupreg: Windscribe => "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{026DBEDD-98C2-45D4-A3DC-FDCEEDC8388A}C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd) FirewallRules: [UDP Query User{B35540D9-9737-413F-A8F9-A6FEC11D8044}C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd) FirewallRules: [TCP Query User{89E79A6E-5504-43F6-AB46-D50FAC437764}C:\users\user\desktop\mega escritorio nivel dios\escritorio\age of empires\age2_x1.exe] => (Allow) C:\users\user\desktop\mega escritorio nivel dios\escritorio\age of empires\age2_x1.exe (Microsoft Corporation) [File not signed] FirewallRules: [UDP Query User{AC442BA9-307D-4881-BE4D-4CC39A13B534}C:\users\user\desktop\mega escritorio nivel dios\escritorio\age of empires\age2_x1.exe] => (Allow) C:\users\user\desktop\mega escritorio nivel dios\escritorio\age of empires\age2_x1.exe (Microsoft Corporation) [File not signed] FirewallRules: [TCP Query User{566F43A4-4AFF-41B7-B89E-9F806C51299A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{71574750-0DD7-449C-87E0-A04C3CBD74D8}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{634139B8-5F9F-4621-808C-37C4C16E017F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{224A880A-8EEA-4FD6-A0B9-2D14A2097EFE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FC98C3D7-66E0-4000-A41C-EC48C2C57399}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{2CBE84F2-AD0F-48FC-85E7-014C3DD91419}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{6E381328-2A2B-4B7C-A1F4-CDA0B3FEE3CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{C0C8B31E-9E4D-48DB-A784-ADF87463FFFB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{985948B2-3CE5-453B-97C5-80549CEF86A5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{47E64B01-74FE-4994-94FC-890B124C46D8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{5FB571CF-14CA-4710-A9F7-4028235DB909}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{0F0B407F-7918-4F92-8837-66BE2915C0BD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{18F1599B-84E3-4370-AAC2-428ABB78AC50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{16AA3F03-23FE-4A89-B22F-B30A886E6242}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{563B1254-A7ED-497F-B70F-77A832ADC9CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{E3335384-20B4-4084-A31F-7D072F863C31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> ) FirewallRules: [{D9EF1E50-0E2F-49D5-A816-BF136614275F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{665378DE-90EB-4710-990E-DDDF7071EF61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{B7686CA7-7C40-4F33-9B8D-1BABF7E9C2FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{EC0FAF06-C615-4A9A-9D41-AA25C80B8A0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> ) FirewallRules: [{31D47819-573F-4DF1-B83D-2F4529563812}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{D9CBE819-F60B-4B2C-9997-D3428393DC4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{BED60128-316F-439D-995B-93F48C0D4CC7}] => (Allow) C:\Users\User\Desktop\League of Legends\LeagueClient.exe (Riot Games, Inc. -> ) FirewallRules: [{9E63C6D5-E173-4192-8895-5434A9DDA56A}] => (Allow) C:\Users\User\Desktop\League of Legends\LeagueClient.exe (Riot Games, Inc. -> ) FirewallRules: [{52FB5F78-772A-41CA-8908-2A313BB426AE}] => (Allow) C:\Users\User\Desktop\League of Legends\LeagueClient.exe (Riot Games, Inc. -> ) FirewallRules: [{6DEBE3E7-BBA2-4D95-A881-E9EC05D059D5}] => (Allow) C:\Users\User\Desktop\League of Legends\LeagueClient.exe (Riot Games, Inc. -> ) FirewallRules: [TCP Query User{581496B3-FA22-440E-857E-1D382861A614}C:\users\user\desktop\mega escritorio nivel dios\todo\series\copia del l4d1 sin el sourcemod\left 4 dead\left4dead -console -toggleconsole.exe] => (Allow) C:\users\user\desktop\mega escritorio nivel dios\todo\series\copia del l4d1 sin el sourcemod\left 4 dead\left4dead -console -toggleconsole.exe () [File not signed] FirewallRules: [UDP Query User{A181CB1D-BA66-4D2E-968A-E4E64185377F}C:\users\user\desktop\mega escritorio nivel dios\todo\series\copia del l4d1 sin el sourcemod\left 4 dead\left4dead -console -toggleconsole.exe] => (Allow) C:\users\user\desktop\mega escritorio nivel dios\todo\series\copia del l4d1 sin el sourcemod\left 4 dead\left4dead -console -toggleconsole.exe () [File not signed] FirewallRules: [TCP Query User{BE36AD6E-CB0B-4B94-BCDF-2FD4275CB81A}C:\program files (x86)\left 4 dead 2\left4dead2.exe] => (Block) C:\program files (x86)\left 4 dead 2\left4dead2.exe (Gaming eXtreme) [File not signed] FirewallRules: [UDP Query User{17C0458C-60D8-48A6-AC3E-C82283D6A141}C:\program files (x86)\left 4 dead 2\left4dead2.exe] => (Block) C:\program files (x86)\left 4 dead 2\left4dead2.exe (Gaming eXtreme) [File not signed] FirewallRules: [TCP Query User{56884C4B-A544-44BC-BC1B-5941520B34E5}C:\users\user\desktop\mega escritorio nivel dios\todo\aca esta el puto escritorio\backup l4d2\left 4 dead 2\left4dead2.exe] => (Allow) C:\users\user\desktop\mega escritorio nivel dios\todo\aca esta el puto escritorio\backup l4d2\left 4 dead 2\left4dead2.exe (Gaming eXtreme) [File not signed] FirewallRules: [UDP Query User{BE3CBDAD-25C7-4E3E-AD95-85536B53BDF7}C:\users\user\desktop\mega escritorio nivel dios\todo\aca esta el puto escritorio\backup l4d2\left 4 dead 2\left4dead2.exe] => (Allow) C:\users\user\desktop\mega escritorio nivel dios\todo\aca esta el puto escritorio\backup l4d2\left 4 dead 2\left4dead2.exe (Gaming eXtreme) [File not signed] FirewallRules: [TCP Query User{E88F4091-E413-463B-9E58-CFF7A12F4603}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed] FirewallRules: [UDP Query User{7A07FF00-1D84-414B-BF4A-306A2D41C81A}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed] FirewallRules: [TCP Query User{0399E66F-5F61-4231-BF24-BD86D0F1463D}C:\program files (x86)\techland\dying light\dyinglightgame.exe] => (Allow) C:\program files (x86)\techland\dying light\dyinglightgame.exe (TECHLAND SP Z O O -> Techland) [File not signed] FirewallRules: [UDP Query User{AFC60460-E7B3-4FF5-B7AE-68C767EC7EC8}C:\program files (x86)\techland\dying light\dyinglightgame.exe] => (Allow) C:\program files (x86)\techland\dying light\dyinglightgame.exe (TECHLAND SP Z O O -> Techland) [File not signed] FirewallRules: [TCP Query User{164FC2A3-663C-4B86-9161-A96B7D4D7650}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe FirewallRules: [UDP Query User{CC49BE41-4DC1-4321-99AA-361AA23F8CB5}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe FirewallRules: [TCP Query User{4CDD98A5-C554-4B79-B825-A18408620DF5}C:\users\user\desktop\age of empires\age2_x1.exe] => (Allow) C:\users\user\desktop\age of empires\age2_x1.exe (Microsoft Corporation) [File not signed] FirewallRules: [UDP Query User{C11F9FE8-BE3B-4213-A293-4D5CAF81A422}C:\users\user\desktop\age of empires\age2_x1.exe] => (Allow) C:\users\user\desktop\age of empires\age2_x1.exe (Microsoft Corporation) [File not signed] FirewallRules: [TCP Query User{17DB9A18-AD70-4EF9-835B-4D9414C6B3B8}C:\users\user\desktop\league of legends\game\league of legends.exe] => (Allow) C:\users\user\desktop\league of legends\game\league of legends.exe (Riot Games, Inc. -> ) FirewallRules: [UDP Query User{AE4A4AC6-039A-41A1-8DA3-F3CE074FE6D8}C:\users\user\desktop\league of legends\game\league of legends.exe] => (Allow) C:\users\user\desktop\league of legends\game\league of legends.exe (Riot Games, Inc. -> ) FirewallRules: [{0573E653-6332-460A-B5F7-8EBB2A57E688}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= Check "winmgmt" service or repair WMI. ==================== Faulty Device Manager Devices ============= Could not list Devices. Check "winmgmt" service or repair WMI. ==================== Event log errors: ========================= Application errors: ================== Error: (10/19/2019 01:38:39 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Error al generar el contexto de activación para "C:\Program Files (x86)\FBS Trader 4\terminal.exe". Error en el archivo de manifiesto o directiva "" en la línea . Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo. Los componentes en conflicto son:. Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (10/19/2019 01:25:38 AM) (Source: MsiInstaller) (EventID: 1024) (User: User-PC) Description: Producto: Adobe Acrobat Reader DC - Español - la actualización "{AC76BA86-7AD7-0000-2550-AC0F174E6600}" no se pudo instalar. Código de error 1625. Windows Installer no puede crear registros para ayudar a solucionar problemas de instalación de paquetes de software. Use el vínculo siguiente para obtener instrucciones sobre la activación de la compatibilidad de registro: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (10/19/2019 12:42:16 AM) (Source: MsiInstaller) (EventID: 1024) (User: User-PC) Description: Producto: Adobe Acrobat Reader DC - Español - la actualización "{AC76BA86-7AD7-0000-2550-AC0F174E6600}" no se pudo instalar. Código de error 1625. Windows Installer no puede crear registros para ayudar a solucionar problemas de instalación de paquetes de software. Use el vínculo siguiente para obtener instrucciones sobre la activación de la compatibilidad de registro: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (10/19/2019 12:34:31 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (10/18/2019 11:54:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: AdwCleaner.exe, versión: 7.0.0.0, marca de tiempo: 0x596d30ca Nombre del módulo con errores: AdwCleaner.exe, versión: 7.0.0.0, marca de tiempo: 0x596d30ca Código de excepción: 0xc0000005 Desplazamiento de errores: 0x0004cbea Id. del proceso con errores: 0x1a00 Hora de inicio de la aplicación con errores: 0x01d586287cfde95e Ruta de acceso de la aplicación con errores: C:\Users\User\Desktop\MEGA ESCRITORIO NIVEL DIOS\vergeadas de la de la derecha\pendrive fit todolo que tenia\lo otro que tenia\AdwCleaner.exe Ruta de acceso del módulo con errores: C:\Users\User\Desktop\MEGA ESCRITORIO NIVEL DIOS\vergeadas de la de la derecha\pendrive fit todolo que tenia\lo otro que tenia\AdwCleaner.exe Id. del informe: c13431e9-f21b-11e9-8281-74d43556f1f4 Error: (10/18/2019 04:21:44 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: AdwCleaner.exe, versión: 7.0.0.0, marca de tiempo: 0x596d30ca Nombre del módulo con errores: AdwCleaner.exe, versión: 7.0.0.0, marca de tiempo: 0x596d30ca Código de excepción: 0xc0000005 Desplazamiento de errores: 0x0004cbea Id. del proceso con errores: 0x1f7c Hora de inicio de la aplicación con errores: 0x01d585e942835009 Ruta de acceso de la aplicación con errores: C:\Users\User\Desktop\MEGA ESCRITORIO NIVEL DIOS\vergeadas de la de la derecha\pendrive fit todolo que tenia\lo otro que tenia\AdwCleaner.exe Ruta de acceso del módulo con errores: C:\Users\User\Desktop\MEGA ESCRITORIO NIVEL DIOS\vergeadas de la de la derecha\pendrive fit todolo que tenia\lo otro que tenia\AdwCleaner.exe Id. del informe: 849730d6-f1dc-11e9-8281-74d43556f1f4 Error: (10/18/2019 04:21:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: AdwCleaner.exe, versión: 7.0.0.0, marca de tiempo: 0x596d30ca Nombre del módulo con errores: AdwCleaner.exe, versión: 7.0.0.0, marca de tiempo: 0x596d30ca Código de excepción: 0xc0000005 Desplazamiento de errores: 0x0004cbea Id. del proceso con errores: 0x16fc Hora de inicio de la aplicación con errores: 0x01d585e931ad340c Ruta de acceso de la aplicación con errores: C:\Users\User\Desktop\MEGA ESCRITORIO NIVEL DIOS\vergeadas de la de la derecha\pendrive fit todolo que tenia\lo otro que tenia\AdwCleaner.exe Ruta de acceso del módulo con errores: C:\Users\User\Desktop\MEGA ESCRITORIO NIVEL DIOS\vergeadas de la de la derecha\pendrive fit todolo que tenia\lo otro que tenia\AdwCleaner.exe Id. del informe: 7512af6a-f1dc-11e9-8281-74d43556f1f4 Error: (10/18/2019 04:20:35 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: AdwCleaner.exe, versión: 7.0.0.0, marca de tiempo: 0x596d30ca Nombre del módulo con errores: AdwCleaner.exe, versión: 7.0.0.0, marca de tiempo: 0x596d30ca Código de excepción: 0xc0000005 Desplazamiento de errores: 0x0004cbea Id. del proceso con errores: 0x15a0 Hora de inicio de la aplicación con errores: 0x01d585e90bd55c5a Ruta de acceso de la aplicación con errores: C:\Users\User\Desktop\MEGA ESCRITORIO NIVEL DIOS\vergeadas de la de la derecha\pendrive fit todolo que tenia\lo otro que tenia\AdwCleaner.exe Ruta de acceso del módulo con errores: C:\Users\User\Desktop\MEGA ESCRITORIO NIVEL DIOS\vergeadas de la de la derecha\pendrive fit todolo que tenia\lo otro que tenia\AdwCleaner.exe Id. del informe: 5bbd4e0a-f1dc-11e9-8281-74d43556f1f4 System errors: ============= Error: (10/19/2019 01:27:09 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Se recibió la siguiente alerta irrecuperable: 80. Error: (10/19/2019 01:27:09 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Se recibió la siguiente alerta irrecuperable: 70. Error: (10/19/2019 01:19:06 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Se recibió la siguiente alerta irrecuperable: 80. Error: (10/19/2019 01:19:06 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Se recibió la siguiente alerta irrecuperable: 70. Error: (10/19/2019 01:15:05 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Se recibió la siguiente alerta irrecuperable: 80. Error: (10/19/2019 01:15:05 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Se recibió la siguiente alerta irrecuperable: 70. Error: (10/19/2019 01:12:49 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Se recibió la siguiente alerta irrecuperable: 80. Error: (10/19/2019 01:12:49 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Se recibió la siguiente alerta irrecuperable: 70. Windows Defender: =================================== Date: 2019-10-18 23:54:05.529 Description: El examen de Windows Defender se detuvo antes de completarse. Id. de examen:{5BB340B4-2FC8-435C-A521-E0BF0D514FC5} Tipo de examen:AntiSpyware Parámetros de examen:Examen rápido Usuario:User-PC\User CodeIntegrity: =================================== Date: 2015-10-06 12:58:29.354 Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\sXe Injected\ddsxei.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido. Date: 2015-10-06 12:58:29.314 Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\sXe Injected\ddsxei.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido. Date: 2015-09-29 18:52:34.343 Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\sXe Injected\ddsxei.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido. Date: 2015-09-29 18:52:34.303 Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\sXe Injected\ddsxei.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido. ==================== Memory info =========================== BIOS: American Megatrends Inc. F1 08/06/2013 Motherboard: Gigabyte Technology Co., Ltd. 970A-UD3P Processor: AMD FX(tm)-8350 Eight-Core Processor Percentage of memory in use: 32% Total physical RAM: 16348.63 MB Available physical RAM: 11075.25 MB Total Virtual: 32695.46 MB Available Virtual: 26485.09 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:976.46 GB) (Free:81.86 GB) NTFS Drive d: () (Fixed) (Total:886.45 GB) (Free:433.44 GB) NTFS \\?\Volume{26f5efa5-1899-11e4-ac21-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 93A663B9) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=976.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=886.5 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================